diff options
author | Tim King <taking@google.com> | 2015-10-23 15:35:57 -0700 |
---|---|---|
committer | Tim King <taking@google.com> | 2015-10-23 19:13:32 -0700 |
commit | 3a67d649379f20000b2416b02860aa057ac38607 (patch) | |
tree | a19d644a8f025303693ee3d504082de11f2359ef | |
parent | c9b7de773cdc53044e5cf4a55d4893d2be476b60 (diff) |
Specify that the default initialization must always be done for CDOhash_map's data field. Without doing this, there exists a loop where uninitialized data can be read. This can happen if T is a type like bool. The trace goes: CDOhash_map::set(data) calls ContextObj::make_current(). Now (d_pScope->isCurrent()) is false. So ContextObj::make_current() calls ContextObj::update(). ContextObj::update() calls CDOhash_map::save(). CDOhash_map::save() calls return new(pCMM) CDOhash_map(*this) which calls the copy constructor which reads the data using d_data(other.d_data).
-rw-r--r-- | src/context/cdhashmap.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/context/cdhashmap.h b/src/context/cdhashmap.h index 324a5a2b4..338c46b0d 100644 --- a/src/context/cdhashmap.h +++ b/src/context/cdhashmap.h @@ -188,6 +188,7 @@ public: bool allocatedInCMM = false) : ContextObj(allocatedInCMM, context), d_key(key), + d_data(), d_map(NULL), d_noTrash(allocatedInCMM) { |