axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gilles Gagniard (JIRA)" <>
Subject [jira] [Commented] (AXIS2C-1635) Fix for various memleaks & corruptions
Date Tue, 28 May 2013 10:14:23 GMT


Gilles Gagniard commented on AXIS2C-1635:

Hello Alex !

There is something really fishy going on : depending on the scenario (number of client calls,
some of them using rampart, I didn't manage to pinpoint the root cause exactly unfortunately),
I can also obtain the same crash than yours if I move the freeing of options in svc_client
as I did above.

I fear that some some svc_client members are actually interdependant, and that it is currently
impossible to find a proper order to free them without causing a memory corruption. The root
cause is far deeper than that, and moving the freeing of options in svc_client like I did
is not sufficient to fix it (and is causing new issues in some scenarios !).

I propose this part of my patch to be left out.
> Fix for various memleaks & corruptions
> --------------------------------------
>                 Key: AXIS2C-1635
>                 URL:
>             Project: Axis2-C
>          Issue Type: Bug
>    Affects Versions: 1.6.0, Current (Nightly)
>         Environment: FC18 / WinXP
>            Reporter: Gilles Gagniard
>              Labels: patch
>             Fix For: Current (Nightly)
>         Attachments: axis2c-1635.patch, axis2c_fixes.patch
> This issue contains a patch for various memleaks / corruptions in Axis2/C.
> Each proposed fix has an attached comment in the patch describing the issue.
> In particular, it fixes :
> - a crasher introduced with r1467162 : in http_sender.c in_stream could be reused after
being freed
> - a crasher sometime happening when freeing a svc_client : in svc_client.c options should
be freed last because free callbacks for other members can tap into options (and do, see conf_ctx
for instance !)
> - a memleak in the connection_map handling in http_sender.c (key is always strdup()ed
but never freed)
> - a crasher in stream handling, happening if the incoming stream length is exactly equal
to internal buffer length
> - a memleak in om_element

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message