Winboard Forum

This relates to xboard from the savannah git master branch.

When I do Edit comment, enter a comment, click the save changes button, then click the OK button xboard crashes with a message 'double free or corruption'.
It fails on line 786 if(*dest) free(*dest); in GenericReadout in xoptions.c.

Maybe it needs to malloc the memory for the comment text when processing it in the SaveChanges function.

I get a similar issue with Edit Tags.

JC

Well, ReplaceComment actually did malloc the memory. The error was more subtle than that. There was a global variable commentText that acted as underlying setting for the text widget, and would receive the result during GenericReadout on OK. But GenericReadout always frees any old non-NULL value.

The problem was that this same variable was used as a temporary to readout the text using GetWidgetText from SaveChanges, and it was not malloc'ed there, but did get a non-NULL value because of it. So then the OK crashed it. I never tested this, because I always used Cancel after Save Changes to close the popup, because the stuff was already saved...

I fixed it by making the temporary variable in SaveChanges a local one.

I guess using GetWidgetText here is actually an inconsistency; I especially equipped GenericReadout with an argument to allow reading out of a single option from the list. So I guess a better fix would be to use GenericReadout(0) in stead of GetWidgetText(&currentoption[0], &commentText), as GenericReadout would have used malloc in assigning the value to commentText.