[]("field") crash fixed after https://codereview.scilab.org/#/c/21148/ 84/21584/3
Cedric Delamarre [Tue, 6 Oct 2020 08:48:15 +0000 (10:48 +0200)]
    * ast leaks fixed
      test_run("ast", ["krondivide", "bug_15420", "bug_15630", "bug_15715"], "mode_nwni_profiling")

Change-Id: I4eb0f2eef8490bec9a3ae04a06d097c1119b6a82

scilab/modules/ast/includes/types/internal.hxx
scilab/modules/ast/src/cpp/types/arrayof.cpp
scilab/modules/ast/src/cpp/types/types_tools.cpp
scilab/modules/sparse/sci_gateway/cpp/sci_ludel.cpp

index 0e141f6..b78b5f9 100644 (file)
@@ -30,6 +30,7 @@ extern "C"
 #include "configvariable_interface.h"
 }
 
+#include "scilabexception.hxx"
 #include "localization.hxx"
 #ifndef NDEBUG
 #include "inspector.hxx"
@@ -232,7 +233,17 @@ public :
             // A types:: content in more than one Scilab variable
             // must be cloned before being modified.
             T* pClone = _pIT->clone()->template getAs<T>();
-            T* pIT = (pClone->*f)(a...);
+            T* pIT = NULL;
+            try
+            {
+                pIT = (pClone->*f)(a...);
+            }
+            catch (const ast::InternalError& ie)
+            {
+                pClone->killMe();
+                throw ie;
+            }
+
             if (pIT == NULL)
             {
                 pClone->killMe();
index d9350b7..24d0474 100644 (file)
@@ -21,6 +21,7 @@
 #include "type_traits.hxx"
 #include "exp.hxx"
 #include "types_tools.hxx"
+#include "scilabexception.hxx"
 
 extern "C"
 {
@@ -590,7 +591,18 @@ GenericType* ArrayOf<T>::insertNew(typed_list* _pArgs)
         pOut = createEmpty((int)dims.size(), dims.data(), bComplex);
         ArrayOf* pArrayOut = pOut->getAs<ArrayOf>();
         pArrayOut->fillDefaultValues();
-        ArrayOf* pOut2 = pArrayOut->insert(_pArgs, this);
+        ArrayOf* pOut2 = NULL;
+
+        try
+        {
+            pOut2 = pArrayOut->insert(_pArgs, this);
+        }
+        catch (const ast::InternalError& error)
+        {
+            pOut->killMe();
+            throw error;
+        }
+
         if (pOut != pOut2)
         {
             delete pOut;
@@ -1094,8 +1106,6 @@ GenericType* ArrayOf<T>::extract(typed_list* _pArgs)
             pOut->setComplex(false);
         }
 
-        
-
         return pOut;
     }
 
@@ -1448,7 +1458,7 @@ GenericType* ArrayOf<T>::extract(typed_list* _pArgs)
 
         piIndex[0]++;
     }
-    
+
     pOut->setComplex(bIsComplex);
 
     //free pArg content
index bd53ea0..77b074e 100644 (file)
@@ -817,11 +817,6 @@ int checkIndexesArguments(InternalType* _pRef, typed_list* _pArgsIn, typed_list*
                     wchar_t szError[bsiz];
                     os_swprintf(szError, bsiz, _W("variable size exceeded : less than %d expected.\n").c_str(), INT_MAX);
 
-                    if(_pRef)
-                    {
-                        _pRef->killMe(); // clean temporary clone if needed
-                    }
-
                     throw ast::InternalError(szError);
                 }
 
@@ -847,21 +842,14 @@ int checkIndexesArguments(InternalType* _pRef, typed_list* _pArgsIn, typed_list*
             delete[] _piCountDim;
             cleanIndexesArguments(_pArgsIn, _pArgsOut);
 
-            if(_pRef)
-            {
-                _pRef->killMe(); // clean temporary clone if needed
-            }
-
             throw ast::InternalError(szError);
         }
 
         _pArgsOut->push_back(pCurrentArg);
     }
 
-
     //return 0 to force extract to create an empty matrix
-    if (_pRef &&
-            (_pRef->isDouble() && _pRef->getAs<Double>()->isEmpty()))
+    if (_pRef && (_pRef->isDouble() && _pRef->getAs<Double>()->isEmpty()))
     {
         return 0;
     }
index 889fd75..0cc7d74 100644 (file)
@@ -60,5 +60,7 @@ types::Function::ReturnValue sci_ludel(types::typed_list &in, int _iRetCount, ty
         return types::Function::Error;
     }
 
+    delete[] fmatindex;
+
     return types::Function::OK;
 }