shithub: rgbds

Info  •  Files  •  Log  •  Branches

Fix incorrect freeing of expansions

Freeing an expansion should free its children, not its siblings...
Fixes a use-after-free reported by scan-build. Nice catch!

--- a/src/asm/lexer.c

+++ b/src/asm/lexer.c

@@ -553,13 +553,16 @@

 static void freeExpansion(struct Expansion *expansion)

 {

-	do {

-		struct Expansion *next = expansion->next;

+	struct Expansion *child = expansion->firstChild;

-		free(expansion->name);

-		free(expansion);

-		expansion = next;

-	} while (expansion);

+	while (child) {

+		struct Expansion *next = child->next;

+

+		freeExpansion(child);

+		child = next;

+	}

+	free(expansion->name);

+	free(expansion);

 }

 /* If at any point we need more than 255 characters of lookahead, something went VERY wrong. */