> Details: In function main(), the memory hold by variable
> output_filename is
> freed at line 329. It then tries to parse the next command option.
> The freed
> memory will be freed again at line 478 if a crafted option bypass the
> memory
> allocation at line 316. I think set output_filename to NULL after the
> free
> operation at line 329 will fix the issue.
> ...
I haven't had time yet to look into this, but to speed things up, would
you have an example where the double free actually happens?
Thanks.
Michael
--
Michael Meskes
Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org)
Meskes at (Debian|Postgresql) dot Org
Jabber: michael at xmpp dot meskes dot org
VfL Borussia! Força Barça! SF 49ers! Use Debian GNU/Linux, PostgreSQL