From: John Darrington <john@darrington.wattle.id.au>
Date: Sat, 26 Mar 2016 15:34:20 +0000 (+0100)
Subject: Fix double heap deallocation when erroneous SET was specified.
X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5428c2890320da95503876bd04cbd523ddcd4447;p=pspp

Fix double heap deallocation when erroneous SET was specified.

Found by zzuf.
---

diff --git a/src/language/utilities/set.q b/src/language/utilities/set.q
index 126868dbdb..f640bcbd65 100644
--- a/src/language/utilities/set.q
+++ b/src/language/utilities/set.q
@@ -137,7 +137,6 @@ cmd_set (struct lexer *lexer, struct dataset *ds)
 
   if (!parse_set (lexer, ds, &cmd, NULL))
     {
-      free_set (&cmd);
       return CMD_FAILURE;
     }
 
diff --git a/tests/language/utilities/set.at b/tests/language/utilities/set.at
index b281ae4e1d..ef31c836c8 100644
--- a/tests/language/utilities/set.at
+++ b/tests/language/utilities/set.at
@@ -22,6 +22,16 @@ x,3,2.00,1.00,1.00,3.00
 AT_CLEANUP
 
 
+dnl This scenario was observed to erroneously free things twice
+AT_SETUP([SET crash on invalid cc])
+AT_DATA([set.pspp], [dnl
+SET CCA='xxxx'.SHGW CCA.
+])
+
+AT_CHECK([pspp -O format=csv set.pspp], [1], [ignore])
+AT_CLEANUP
+
+
 
 AT_SETUP([SET MXWARNS])
 dnl Make sure that syntax processing stops and that
@@ -92,7 +102,9 @@ x,y,z
 ])
 
 AT_CLEANUP
+
 
+
 AT_BANNER([PRESERVE and RESTORE])
 
 AT_SETUP([PRESERVE of SET FORMAT])