buddy list: Steal pointer that is g_autofree() (!76) · Merge requests · Librem5 / chatty

Guido Gunther requested to merge guido.gunther/chatty:g_autofree-crash into master Jul 09, 2019
otherwise we crash like
READ of size 3 at 0xffff95d89ac0 thread T0
    #0 0xffffac0f136f  (/usr/lib/aarch64-linux-gnu/libasan.so.5+0x9636f)
    #1 0xffffabd510c3 in g_strconcat (/usr/lib/aarch64-linux-gnu/libglib-2.0.so.0+0x700c3)
    #2 0xaaaad726f3cf in chatty_blist_chats_update_node ../src/chatty-buddy-list.c:1949
    #3 0xaaaad727036b in chatty_blist_update_buddy ../src/chatty-buddy-list.c:2189
    #4 0xaaaad7270577 in chatty_blist_update ../src/chatty-buddy-list.c:2225
    #5 0xffffab24d013 in purple_blist_add_account (/usr/lib/libpurple.so.0+0x4f013)
    #6 0xffffab259c6f in purple_connection_set_state (/usr/lib/libpurple.so.0+0x5bc6f)
    #7 0xffffa21b28c7 in jabber_iq_parse (/usr/lib/purple-2/libjabber.so.0+0x2d8c7)
    #8 0xffffa21ba3e7 in jabber_process_packet (/usr/lib/purple-2/libjabber.so.0+0x353e7)
    #9 0xffffa21c77f7  (/usr/lib/purple-2/libjabber.so.0+0x427f7)
    #10 0xffffaa02a0eb  (/usr/lib/aarch64-linux-gnu/libxml2.so.2+0x4e0eb)
    #11 0xffffaa03140b  (/usr/lib/aarch64-linux-gnu/libxml2.so.2+0x5540b)
    #12 0xffffaa032f9b in xmlParseChunk (/usr/lib/aarch64-linux-gnu/libxml2.so.2+0x56f9b)
    #13 0xffffa21c7caf in jabber_parser_process (/usr/lib/purple-2/libjabber.so.0+0x42caf)
    #14 0xffffa21b6907  (/usr/lib/purple-2/libjabber.so.0+0x31907)
    #15 0xaaaad7271b67 in purple_glib_io_invoke ../src/chatty-purple-init.c:67
    #16 0xffffabd3151b in g_main_context_dispatch (/usr/lib/aarch64-linux-gnu/libglib-2.0.so.0+0x5051b)
    #17 0xffffabd318e7  (/usr/lib/aarch64-linux-gnu/libglib-2.0.so.0+0x508e7)
    #18 0xffffabd31983 in g_main_context_iteration (/usr/lib/aarch64-linux-gnu/libglib-2.0.so.0+0x50983)
    #19 0xffffabf55b83 in g_application_run (/usr/lib/aarch64-linux-gnu/libgio-2.0.so.0+0xdab83)
    #20 0xaaaad72524cf in main ../src/main.c:28
    #21 0xffffaaf27d23 in __libc_start_main (/lib/aarch64-linux-gnu/libc.so.6+0x20d23)
    #22 0xaaaad7252183  (/home/purism/pkgs/chatty/_build/src/chatty+0x1e183)

0xffff95d89ac0 is located 0 bytes inside of 256-byte region [0xffff95d89ac0,0xffff95d89bc0)
freed by thread T0 here:
    #0 0xffffac12a12b in free (/usr/lib/aarch64-linux-gnu/libasan.so.5+0xcf12b)
    #1 0xaaaad7268a13 in g_autoptr_cleanup_generic_gfree /usr/include/glib-2.0/glib/glib-autocleanups.h:28
    #2 0xaaaad7270397 in chatty_blist_update_buddy ../src/chatty-buddy-list.c:2154
    #3 0xaaaad7270577 in chatty_blist_update ../src/chatty-buddy-list.c:2225
    #4 0xffffab2510a7 in purple_buddy_icon_update (/usr/lib/libpurple.so.0+0x530a7)
    #5 0xffffab25147f in purple_buddy_icon_set_data (/usr/lib/libpurple.so.0+0x5347f)
    #6 0xffffab25168f in purple_buddy_icons_find (/usr/lib/libpurple.so.0+0x5368f)
    #7 0xaaaad7273097 in chatty_icon_get_buddy_icon ../src/chatty-icons.c:194
    #8 0xaaaad726f22b in chatty_blist_chats_update_node ../src/chatty-buddy-list.c:1919
    #9 0xaaaad727036b in chatty_blist_update_buddy ../src/chatty-buddy-list.c:2189
    #10 0xaaaad7270577 in chatty_blist_update ../src/chatty-buddy-list.c:2225
    #11 0xffffab24d013 in purple_blist_add_account (/usr/lib/libpurple.so.0+0x4f013)
    #12 0xffffab259c6f in purple_connection_set_state (/usr/lib/libpurple.so.0+0x5bc6f)
    #13 0xffffa21b28c7 in jabber_iq_parse (/usr/lib/purple-2/libjabber.so.0+0x2d8c7)
    #14 0xffffa21ba3e7 in jabber_process_packet (/usr/lib/purple-2/libjabber.so.0+0x353e7)
    #15 0xffffa21c77f7  (/usr/lib/purple-2/libjabber.so.0+0x427f7)
    #16 0xffffaa02a0eb  (/usr/lib/aarch64-linux-gnu/libxml2.so.2+0x4e0eb)
    #17 0xffffaa03140b  (/usr/lib/aarch64-linux-gnu/libxml2.so.2+0x5540b)
    #18 0xffffaa032f9b in xmlParseChunk (/usr/lib/aarch64-linux-gnu/libxml2.so.2+0x56f9b)
    #19 0xffffa21c7caf in jabber_parser_process (/usr/lib/purple-2/libjabber.so.0+0x42caf)
    #20 0xffffa21b6907  (/usr/lib/purple-2/libjabber.so.0+0x31907)
    #21 0xaaaad7271b67 in purple_glib_io_invoke ../src/chatty-purple-init.c:67
    #22 0xffffabd3151b in g_main_context_dispatch (/usr/lib/aarch64-linux-gnu/libglib-2.0.so.0+0x5051b)
    #23 0xffffabd318e7  (/usr/lib/aarch64-linux-gnu/libglib-2.0.so.0+0x508e7)
    #24 0xffffabd31983 in g_main_context_iteration (/usr/lib/aarch64-linux-gnu/libglib-2.0.so.0+0x50983)
    #25 0xffffabf55b83 in g_application_run (/usr/lib/aarch64-linux-gnu/libgio-2.0.so.0+0xdab83)
    #26 0xaaaad72524cf in main ../src/main.c:28
    #27 0xffffaaf27d23 in __libc_start_main (/lib/aarch64-linux-gnu/libc.so.6+0x20d23)
    #28 0xaaaad7252183  (/home/purism/pkgs/chatty/_build/src/chatty+0x1e183)

previously allocated by thread T0 here:
    #0 0xffffac12a5df in calloc (/usr/lib/aarch64-linux-gnu/libasan.so.5+0xcf5df)
    #1 0xffffabd3718f in g_malloc0 (/usr/lib/aarch64-linux-gnu/libglib-2.0.so.0+0x5618f)
    #2 0xaaaad7270093 in chatty_blist_update_buddy ../src/chatty-buddy-list.c:2170
    #3 0xaaaad7270577 in chatty_blist_update ../src/chatty-buddy-list.c:2225
    #4 0xffffab2510a7 in purple_buddy_icon_update (/usr/lib/libpurple.so.0+0x530a7)
    #5 0xffffab25147f in purple_buddy_icon_set_data (/usr/lib/libpurple.so.0+0x5347f)
    #6 0xffffab25168f in purple_buddy_icons_find (/usr/lib/libpurple.so.0+0x5368f)
    #7 0xaaaad7273097 in chatty_icon_get_buddy_icon ../src/chatty-icons.c:194
    #8 0xaaaad726f22b in chatty_blist_chats_update_node ../src/chatty-buddy-list.c:1919
    #9 0xaaaad727036b in chatty_blist_update_buddy ../src/chatty-buddy-list.c:2189
    #10 0xaaaad7270577 in chatty_blist_update ../src/chatty-buddy-list.c:2225
    #11 0xffffab24d013 in purple_blist_add_account (/usr/lib/libpurple.so.0+0x4f013)
    #12 0xffffab259c6f in purple_connection_set_state (/usr/lib/libpurple.so.0+0x5bc6f)
    #13 0xffffa21b28c7 in jabber_iq_parse (/usr/lib/purple-2/libjabber.so.0+0x2d8c7)
    #14 0xffffa21ba3e7 in jabber_process_packet (/usr/lib/purple-2/libjabber.so.0+0x353e7)
    #15 0xffffa21c77f7  (/usr/lib/purple-2/libjabber.so.0+0x427f7)
    #16 0xffffaa02a0eb  (/usr/lib/aarch64-linux-gnu/libxml2.so.2+0x4e0eb)
    #17 0xffffaa03140b  (/usr/lib/aarch64-linux-gnu/libxml2.so.2+0x5540b)
    #18 0xffffaa032f9b in xmlParseChunk (/usr/lib/aarch64-linux-gnu/libxml2.so.2+0x56f9b)
    #19 0xffffa21c7caf in jabber_parser_process (/usr/lib/purple-2/libjabber.so.0+0x42caf)
    #20 0xffffa21b6907  (/usr/lib/purple-2/libjabber.so.0+0x31907)
    #21 0xaaaad7271b67 in purple_glib_io_invoke ../src/chatty-purple-init.c:67
    #22 0xffffabd3151b in g_main_context_dispatch (/usr/lib/aarch64-linux-gnu/libglib-2.0.so.0+0x5051b)
    #23 0xffffabd318e7  (/usr/lib/aarch64-linux-gnu/libglib-2.0.so.0+0x508e7)
    #24 0xffffabd31983 in g_main_context_iteration (/usr/lib/aarch64-linux-gnu/libglib-2.0.so.0+0x50983)
    #25 0xffffabf55b83 in g_application_run (/usr/lib/aarch64-linux-gnu/libgio-2.0.so.0+0xdab83)
    #26 0xaaaad72524cf in main ../src/main.c:28
    #27 0xffffaaf27d23 in __libc_start_main (/lib/aarch64-linux-gnu/libc.so.6+0x20d23)
    #28 0xaaaad7252183  (/home/purism/pkgs/chatty/_build/src/chatty+0x1e183)
Edited Jul 09, 2019 by Guido Gunther
Admin message

buddy list: Steal pointer that is g_autofree()

Merge request reports
