From 200dd4d96febeef4ed0720dfca7fa988676c6afe Mon Sep 17 00:00:00 2001
From: Ben Pfaff <blp@gnu.org>
Date: Mon, 15 Feb 2010 14:41:55 -0800
Subject: [PATCH] FACTOR: Avoid freeing indeterminate pointer.

The first test in cmd_factor() is:
    if (!lex_force_match_id (lexer, "VARIABLES"))

If this fails, then control jumps to the "error" label, which frees
factor.vars, which has not been initialized at this point.

This commit fixes the problem by initializing factor.vars to NULL.  It is
not strictly necessary to also initialize factor.n_vars to 0, but it seems
like a good idea.

Found by Clang (http://clang-analyzer.llvm.org).
---
 src/language/stats/factor.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/language/stats/factor.c b/src/language/stats/factor.c
index 0679c5f5..a53e7334 100644
--- a/src/language/stats/factor.c
+++ b/src/language/stats/factor.c
@@ -524,6 +524,8 @@ cmd_factor (struct lexer *lexer, struct dataset *ds)
   const struct dictionary *dict = dataset_dict (ds);
 
   struct cmd_factor factor;
+  factor.n_vars = 0;
+  factor.vars = NULL;
   factor.method = METHOD_CORR;
   factor.missing_type = MISS_LISTWISE;
   factor.exclude = MV_ANY;
-- 
2.30.2