Fossil SCM
fixed a double-free() which could happen in one error case.
Commit
65e946c7141c21e218a3da2c407233f297e05f06
Parent
5cc88946a740e26…
1 file changed
+1
-3
+1
-3
| --- src/json.c | ||
| +++ src/json.c | ||
| @@ -1286,14 +1286,12 @@ | ||
| 1286 | 1286 | listV = cson_value_new_array(); |
| 1287 | 1287 | list = cson_value_get_array(listV); |
| 1288 | 1288 | while( SQLITE_ROW == db_step(&q) ){ |
| 1289 | 1289 | cson_value * v = cson_sqlite3_column_to_value(q.pStmt,0); |
| 1290 | 1290 | if(!v){ |
| 1291 | - cson_value_free(listV); | |
| 1292 | 1291 | goto error; |
| 1293 | - } | |
| 1294 | - if( 0 != cson_array_append( list, v ) ){ | |
| 1292 | + }else if( 0 != cson_array_append( list, v ) ){ | |
| 1295 | 1293 | cson_value_free(v); |
| 1296 | 1294 | goto error; |
| 1297 | 1295 | } |
| 1298 | 1296 | } |
| 1299 | 1297 | db_finalize(&q); |
| 1300 | 1298 |
| --- src/json.c | |
| +++ src/json.c | |
| @@ -1286,14 +1286,12 @@ | |
| 1286 | listV = cson_value_new_array(); |
| 1287 | list = cson_value_get_array(listV); |
| 1288 | while( SQLITE_ROW == db_step(&q) ){ |
| 1289 | cson_value * v = cson_sqlite3_column_to_value(q.pStmt,0); |
| 1290 | if(!v){ |
| 1291 | cson_value_free(listV); |
| 1292 | goto error; |
| 1293 | } |
| 1294 | if( 0 != cson_array_append( list, v ) ){ |
| 1295 | cson_value_free(v); |
| 1296 | goto error; |
| 1297 | } |
| 1298 | } |
| 1299 | db_finalize(&q); |
| 1300 |
| --- src/json.c | |
| +++ src/json.c | |
| @@ -1286,14 +1286,12 @@ | |
| 1286 | listV = cson_value_new_array(); |
| 1287 | list = cson_value_get_array(listV); |
| 1288 | while( SQLITE_ROW == db_step(&q) ){ |
| 1289 | cson_value * v = cson_sqlite3_column_to_value(q.pStmt,0); |
| 1290 | if(!v){ |
| 1291 | goto error; |
| 1292 | }else if( 0 != cson_array_append( list, v ) ){ |
| 1293 | cson_value_free(v); |
| 1294 | goto error; |
| 1295 | } |
| 1296 | } |
| 1297 | db_finalize(&q); |
| 1298 |