ardupilot icon indicating copy to clipboard operation
ardupilot copied to clipboard
verified publisher icon ArduPilot

AP_GPS: correct asymmetric calloc/free vs new/delete

Open peterbarker opened this issue 9 months ago • 4 comments

we calloc this, so delete is not correct

Picked up by CodeQL here: https://github.com/peterbarker/ardupilot/security/code-scanning/1

peterbarker avatar Jun 05 '25 11:06 peterbarker

Nobody but you seems to have permissions to view the link unfortunately so I can’t see any context from the scanner.

tpwrules avatar Jun 05 '25 14:06 tpwrules

LGTM. BTW how dangerous is this mistake by the way?

rmackay9 avatar Jun 06 '25 00:06 rmackay9

LGTM. BTW how dangerous is this mistake by the way?

I think it comes down to the compiler. I've read that it can be very bad on Windows.

peterbarker avatar Jun 06 '25 00:06 peterbarker

Nobody but you seems to have permissions to view the link unfortunately so I can’t see any context from the scanner.

Sorry, I was actually wondering about that bit too :-) We have a PR which points people at the "Security" tab in github, so I was just playing around with how it worked.

image

peterbarker avatar Jun 06 '25 00:06 peterbarker