Page MenuHomePhabricator
Create Task
Maniphest T2197

Crash in MicroBird/MedSAFE tracking device: access to a deleted member variable
Closed, ResolvedPublic
Actions

Description

Bug in MicroBird/MedSAFE tracking device files. (core\igt\igttrackingdevices\)

Calling the destructor ~TrackingDeviceSource leads to the call of
TrackingDeviceSource::Disconnect();
which then calls MedSAFETrackingDevice::CloseConnection();

In this CloseConnection(), the members m_TransmitterConfig and
m_SensorConfig are deleted but NOT set to NULL.
if (m_TransmitterConfig)

delete [] m_TransmitterConfig;

if (m_SensorConfig)

delete [] m_SensorConfig;

This will be also done by the destructor of the tracking device, in this
case ~MedSAFEtrackingDevice(); which , if I'm not mistaken, always is
preceded by the above CloseConnection(); call .The condition "if
(m_TransmitterConfig)" stays true and delete will be called again even
if the array is already deleted. Hence m_TransmitterConfig and
m_SensorConfig have to be set to NULL within the
MedSAFETrackingDevice::CloseConnection(); or the member array deletion
has to be removed completely.

The same problem subsists in the core code of MircoBird and should be
changed.

Regards,
Matthias

Event Timeline

nollm added projects: MITK, Bugzilla.Jul 7 2009, 11:12 PM
neuhaus added a subscriber: neuhaus.Jul 8 2009, 10:59 AM

I will look into it today.

neuhaus added a comment.Jul 8 2009, 4:15 PM

I committed a fix in revision #18043. We don't have a MicroBird/medSAFE available for testing. Matthias, could you test it for us?

nolden added a subscriber: nolden.Feb 8 2010, 11:46 AM

I just wrote a pmail to the reporter, let's see

nolden added a comment.Feb 11 2010, 1:13 PM

The reporter confirmed by mail that the fix works.

MITK · MIC · IMSY · DKFZ