cpp_client_telemetry icon indicating copy to clipboard operation
cpp_client_telemetry copied to clipboard
verified publisher icon microsoft

Potential Use after Free in PrivacyGuard_jni.cpp

Open chrdavis opened this issue 9 months ago • 0 comments

Looks like use after free for whatever the char* is pointing to in the InitializationConfiguration

2025-03-09T03:08:06.0300303Z ../../third_party/oneds_sdk/public/lib/jni/PrivacyGuard_jni.cpp:64:40: error: object backing the pointer config.NotificationEventName will be destroyed at the end of the full-expression [-Werror,-Wdangling-assignment-gsl] 2025-03-09T03:08:06.0300589Z 64 | config.NotificationEventName = JStringToStdString(env, NotificationEventName).c_str(); 2025-03-09T03:08:06.0300768Z | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2025-03-09T03:08:06.0301025Z ../../third_party/oneds_sdk/public/lib/jni/PrivacyGuard_jni.cpp:68:55: error: object backing the pointer config.SemanticContextNotificationEventName will be destroyed at the end of the full-expression [-Werror,-Wdangling-assignment-gsl] 2025-03-09T03:08:06.0301322Z 68 | config.SemanticContextNotificationEventName = JStringToStdString(env, SemanticContextEventName).c_str(); 2025-03-09T03:08:06.0301514Z | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2025-03-09T03:08:06.0301761Z ../../third_party/oneds_sdk/public/lib/jni/PrivacyGuard_jni.cpp:72:35: error: object backing the pointer config.SummaryEventName will be destroyed at the end of the full-expression [-Werror,-Wdangling-assignment-gsl] 2025-03-09T03:08:06.0302026Z 72 | config.SummaryEventName = JStringToStdString(env, SummaryEventName).c_str(); 2025-03-09T03:08:06.0302187Z | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2025-03-09T03:08:06.0302414Z ../../third_party/oneds_sdk/public/lib/jni/PrivacyGuard_jni.cpp:117:40: error: object backing the pointer config.NotificationEventName will be destroyed at the end of the full-expression [-Werror,-Wdangling-assignment-gsl] 2025-03-09T03:08:06.0302663Z 117 | config.NotificationEventName = JStringToStdString(env, NotificationEventName).c_str(); 2025-03-09T03:08:06.0302824Z | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2025-03-09T03:08:06.0303057Z ../../third_party/oneds_sdk/public/lib/jni/PrivacyGuard_jni.cpp:121:55: error: object backing the pointer config.SemanticContextNotificationEventName will be destroyed at the end of the full-expression [-Werror,-Wdangling-assignment-gsl] 2025-03-09T03:08:06.0303328Z 121 | config.SemanticContextNotificationEventName = JStringToStdString(env, SemanticContextEventName).c_str(); 2025-03-09T03:08:06.0303567Z | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2025-03-09T03:08:06.0304070Z ../../third_party/oneds_sdk/public/lib/jni/PrivacyGuard_jni.cpp:125:35: error: object backing the pointer config.SummaryEventName will be destroyed at the end of the full-expression [-Werror,-Wdangling-assignment-gsl] 2025-03-09T03:08:06.0304558Z 125 | config.SummaryEventName = JStringToStdString(env, SummaryEventName).c_str(); 2025-03-09T03:08:06.0304829Z | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2025-03-09T03:08:06.0304958Z 6 errors generated.

chrdavis avatar Mar 09 '25 20:03 chrdavis