Browse Source

possible heap corruption fix (revert this if i'm wrong)

we allocate bp via calloc earlier, but didn't free it at the end of proc.
patch-5
DeckerSU 6 years ago
parent
commit
4eabde521e
  1. 6
      iguana/dpow/dpow_fsm.c

6
iguana/dpow/dpow_fsm.c

@ -265,6 +265,7 @@ void dpow_statemachinestart(void *ptr)
void **ptrs = ptr; void **ptrs = ptr;
struct supernet_info *myinfo; struct dpow_info *dp; struct dpow_checkpoint checkpoint; struct supernet_info *myinfo; struct dpow_info *dp; struct dpow_checkpoint checkpoint;
int32_t i,j,ht,extralen,destprevvout0,srcprevvout0,src_or_dest,numratified=0,kmdheight,myind = -1; uint8_t extras[10000],pubkeys[64][33]; cJSON *ratified=0,*item; struct iguana_info *src,*dest; char *jsonstr,*handle,*hexstr,str[65],str2[65],srcaddr[64],destaddr[64]; bits256 zero,MoM,merkleroot,srchash,destprevtxid0,srcprevtxid0; struct dpow_block *bp; struct dpow_entry *ep = 0; uint32_t MoMdepth,duration,minsigs,starttime,srctime; int32_t i,j,ht,extralen,destprevvout0,srcprevvout0,src_or_dest,numratified=0,kmdheight,myind = -1; uint8_t extras[10000],pubkeys[64][33]; cJSON *ratified=0,*item; struct iguana_info *src,*dest; char *jsonstr,*handle,*hexstr,str[65],str2[65],srcaddr[64],destaddr[64]; bits256 zero,MoM,merkleroot,srchash,destprevtxid0,srcprevtxid0; struct dpow_block *bp; struct dpow_entry *ep = 0; uint32_t MoMdepth,duration,minsigs,starttime,srctime;
int32_t bp_alloc = 0;
memset(&zero,0,sizeof(zero)); memset(&zero,0,sizeof(zero));
MoM = zero; MoM = zero;
srcprevtxid0 = destprevtxid0 = zero; srcprevtxid0 = destprevtxid0 = zero;
@ -297,7 +298,7 @@ void dpow_statemachinestart(void *ptr)
} }
if ( (bp= dp->blocks[checkpoint.blockhash.height]) == 0 ) if ( (bp= dp->blocks[checkpoint.blockhash.height]) == 0 )
{ {
bp = calloc(1,sizeof(*bp)); bp = calloc(1, sizeof(*bp)); bp_alloc = 1;
//printf("allocate bp for %s ht.%d -> %s\n",src->symbol,checkpoint.blockhash.height,dest->symbol); //printf("allocate bp for %s ht.%d -> %s\n",src->symbol,checkpoint.blockhash.height,dest->symbol);
Numallocated++; Numallocated++;
bp->MoM = MoM; bp->MoM = MoM;
@ -596,6 +597,9 @@ void dpow_statemachinestart(void *ptr)
dp->ratifying -= bp->isratify; dp->ratifying -= bp->isratify;
// dp->blocks[bp->height] = 0; // dp->blocks[bp->height] = 0;
bp->state = 0xffffffff; bp->state = 0xffffffff;
// heap corruption detected?
if (bp_alloc) free(bp);
free(ptr); free(ptr);
} }

Loading…
Cancel
Save