Double-free in flatcc on invalid schema. #7
Description
My first impression came when I wrote up a simple schema file for testing, and forgot the semicolon after namespace id and the compiler crashed.
$ cat test.idl
namespace dummy
$ ./flatcc test.idl
test.idl:2:1: error: '': missing ';' expected by namespace at: test.idl:1:11: 'dummy'
*** Error in `./flatcc': corrupted double-linked list: 0x0000000000fa9490 ***
======= Backtrace: =========
/lib64/libc.so.6(+0x7beb2)[0x7f639aec6eb2]
/lib64/libc.so.6(+0x7cf36)[0x7f639aec7f36]
./flatcc(flatcc_destroy_context+0x41)[0x4065a8]
./flatcc(main+0x3ad)[0x40542d]
/lib64/libc.so.6(__libc_start_main+0xf5)[0x7f639ae6cb15]
./flatcc[0x404459]
======= Memory map: ========
...
In fact the same happens if you leave the identifier out.
(gdb) bt
#0 0x00007f8af44a45f7 in raise () from /lib64/libc.so.6
#1 0x00007f8af44a5ce8 in abort () from /lib64/libc.so.6
#2 0x00007f8af44e4327 in __libc_message () from /lib64/libc.so.6
#3 0x00007f8af44eaeb2 in malloc_consolidate () from /lib64/libc.so.6
#4 0x00007f8af44ebf36 in _int_free () from /lib64/libc.so.6
#5 0x00000000004065a8 in flatcc_destroy_context (ctx=0x205c050) at /home/eddy/src/EXT/flatcc/src/compiler/flatcc.c:503
#6 0x000000000040542d in main (argc=2, argv=0x7ffe098e0938) at /home/eddy/src/EXT/flatcc/src/cli/flatcc_cli.c:436
(gdb) frame 5
#5 0x00000000004065a8 in flatcc_destroy_context (ctx=0x205c050) at /home/eddy/src/EXT/flatcc/src/compiler/flatcc.c:503
503 free(P);
I'm at revision ed90f67 (tag v0.3.5)