[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug #35477] -[NSValue description] dereferences nonretained pointers

From: Dag Ågren
Subject: [bug #35477] -[NSValue description] dereferences nonretained pointers
Date: Wed, 08 Feb 2012 14:42:43 +0000
User-agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.18 (KHTML, like Gecko) Chrome/18.0.1010.0 Safari/535.18


                 Summary: -[NSValue description] dereferences nonretained
                 Project: GNUstep
            Submitted by: waha_06x36
            Submitted on: Wed 08 Feb 2012 02:42:42 PM GMT
                Category: Base/Foundation
                Severity: 3 - Normal
              Item Group: Bug
                  Status: None
                 Privacy: Public
             Assigned to: None
             Open/Closed: Open
         Discussion Lock: Any



Calling description on an NSValue created with valueWithNonretainedPointer:
causes the pointer to be dereferenced, and its desription method to be called.
This is not safe, and causes crashes under several different conditions.

First, the object may have been released. This would make it unsafe to grab
the actual pointer and use it, but calling description should still be safe.

Second, NSValues are often used for breaking retain cycles in complex data
structures. Calling description on the referenced object in this case can
cause an endless loop which blows the stack.

Included is a test program with two statements that crash. Neither should
crash under these circumstances.

The fix is straightforward: Remove the call to description on the contained
object, and merely print the numerical value of the contained pointer. This
matches the behaviour of Cocoa on OS X.


File Attachments:

Date: Wed 08 Feb 2012 02:42:42 PM GMT  Name: test.m  Size: 617B   By:



Reply to this item at:


  Message sent via/by Savannah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]