[unixODBC-dev] double free

Peter Harvey pharvey at peterharvey.org
Tue Oct 30 09:23:51 GMT 2012


Nick,

Getting a 'double free' error in SQLGetDiagFieldW when requesting
message text from a record. This does *not* happen when I use a wchar
version of driver.

The following shows the offending code (from SourceForge). Note; works
if I comment out the call for free() in here;

      case SQL_DIAG_MESSAGE_TEXT:
        {
           SQLWCHAR *str;
            int ret = SQL_SUCCESS;

            str = ptr -> msg;

            if ( diag_info_ptr )
            {
                if ( buffer_length >= wide_strlen( str ) + 1 )
                {
                    wide_strcpy( diag_info_ptr, str );
                }
                else
                {
                    ret = SQL_SUCCESS_WITH_INFO;
                    memcpy( diag_info_ptr, str, ( buffer_length - 1 ) * 2 );
                    (( SQLWCHAR * ) diag_info_ptr )[ buffer_length - 1 ]
= '\0';
                }
            }
            if ( string_length_ptr )
            {
                *string_length_ptr = wide_strlen( str );
            }
printf( "[PAH][%s][%d][%s]\n", __FILE__, __LINE__, __FUNCTION__ );
            free( str );
printf( "[PAH][%s][%d][%s]\n", __FILE__, __LINE__, __FUNCTION__ );
            return ret;
        }
        break;

My guess is that your caching values, making reference to it here with
'str' and then 'free' it here via 'str'. Then later 'free' it again when
cleaning up cache. Just a guess.

--
Cheers
Peter



More information about the unixODBC-dev mailing list