Null pointer dereference while printing syntax error
Closed this issue · 1 comments
dkasak commented
This input causes a crash while printing a syntax error due to the
filename being a null pointer:
startshape S
shape S
rule { U [] }
path U { path FILL [] }
Valgrind report:
==1347== Memcheck, a memory error detector
==1347== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==1347== Using Valgrind-3.14.0.GIT and LibVEX; rerun with -h for copyright info
==1347== Command: cfdg-github 3
==1347==
==1347== Invalid read of size 8
==1347== at 0x4B7B3D4: std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> >::c_str() const
(basic_string.h:2282)
==1347== by 0x184CFB: CommandLineSystem::syntaxError(CfdgError
const&) (commandLineSystem.cpp:91)
==1347== by 0x15D880: RendererImpl::run(Canvas*, bool)
(renderimpl.cpp:316)
==1347== by 0x21D27C: main (main.cpp:510)
==1347== Address 0x0 is not stack'd, malloc'd or (recently) free'd
==1347==
==1347==
==1347== Process terminating with default action of signal 11 (SIGSEGV)
==1347== Access not within mapped region at address 0x0
==1347== at 0x4B7B3D4: std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> >::c_str() const
(basic_string.h:2282)
==1347== by 0x184CFB: CommandLineSystem::syntaxError(CfdgError
const&) (commandLineSystem.cpp:91)
==1347== by 0x15D880: RendererImpl::run(Canvas*, bool)
(renderimpl.cpp:316)
==1347== by 0x21D27C: main (main.cpp:510)
==1347== If you believe this happened as a result of a stack
==1347== overflow in your program's main thread (unlikely but
==1347== possible), you can try to increase the size of the
==1347== main thread stack using the --main-stacksize= flag.
==1347== The main thread stack size used in this run was 8388608.
==1347==
==1347== HEAP SUMMARY:
==1347== in use at exit: 359,962 bytes in 338 blocks
==1347== total heap usage: 734 allocs, 396 frees, 544,465 bytes
allocated
==1347==
==1347== LEAK SUMMARY:
==1347== definitely lost: 216 bytes in 1 blocks
==1347== indirectly lost: 0 bytes in 0 blocks
==1347== possibly lost: 176 bytes in 1 blocks
==1347== still reachable: 359,570 bytes in 336 blocks
==1347== suppressed: 0 bytes in 0 blocks
==1347== Rerun with --leak-check=full to see details of leaked memory
==1347==
==1347== For counts of detected and suppressed errors, rerun with: -v
==1347== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
MtnViewJohn commented
Fixed in version 3.1