iPhoneStreamSource.cc memory overwrite and leak in iTGB 1.2
by Gregg Patton · in iTorque 2D · 08/23/2009 (6:29 pm) · 5 replies
Howdy,
Please correct me if I'm wrong...
In the constructor:
iPhoneStreamSource::iPhoneStreamSource(const char *filename) {
this->registerObject();
int len = dStrlen( filename ); <<< this will return the length of the string without the NULL terminator.
mFilename = new char[len]; <<< this will be one character too short.
dStrcpy( mFilename, filename ); <<< this will overwrite memory.
}
mFilename = new char[len + 1]; seems to fix it.
Also, mFilename doesn't appear to get deleted anywhere. I started deleting it in the destructor.
I was getting all sorts of weird behavior after I would load 3 or 4 MP3 files. Changing to "new char[len +1]" made everything a lot happier.
Please correct me if I'm wrong...
In the constructor:
iPhoneStreamSource::iPhoneStreamSource(const char *filename) {
this->registerObject();
int len = dStrlen( filename ); <<< this will return the length of the string without the NULL terminator.
mFilename = new char[len]; <<< this will be one character too short.
dStrcpy( mFilename, filename ); <<< this will overwrite memory.
}
mFilename = new char[len + 1]; seems to fix it.
Also, mFilename doesn't appear to get deleted anywhere. I started deleting it in the destructor.
I was getting all sorts of weird behavior after I would load 3 or 4 MP3 files. Changing to "new char[len +1]" made everything a lot happier.
#2
Thanks.
08/24/2009 (7:29 pm)
For those not Objective-C savvy, can you post the code changes regarding "deleting it in the destructor"?Thanks.
#3
08/24/2009 (8:28 pm)
Here's the destructor.iPhoneStreamSource::~iPhoneStreamSource() {
stop();
delete [] mFilename;
} 
#4
08/25/2009 (2:36 am)
Going to roll this change into my local project - Excellent catch! 
#5
to
08/26/2009 (2:18 pm)
also in Teardown() change if (mPacketDescs) delete mPacketDescs;
to
if (mPacketDescs)
{
delete [] mPacketDescs;
mPacketDescs = NULL;
}
Torque 3D Owner Ronny Bangsund
Torque Cheerleaders