templates with common string+copy elements, result in memory corruption

[adamyg]

String fields common to multiple template definitions within a templates collection, with copy attributes, result in duplicate memory references. These result in unexpected behavior, including duplicate free's in this simple case,

Example template <mfasttest1.xml>:

<?xml version="1.0" encoding="UTF-8"?>
<templates xmlns="http://www.fixprotocol.org/ns/template-definition" 
      templateNs="http://www.fixprotocol.org/ns/templates/sample" ns="http://www.fixprotocol.org/ns/fix">
            <template name="Template1" id="1">
                    <string name="field1" id="100"><copy/></string>
            </template>
            <template name="Template2" id="2">
                    <string name="field1" id="100"><copy/></string>
            </template>
            <!--<template name="Template3" id="3">
                    <string name="field1" id="100"><copy/></string>
           </template>-->
</templates>

Code example:

debug_allocator allocator;                // <src/tests/debug_allocator.h, modified to trace>
mfast::fast_encoder_v2 encoder(&allocator, mfasttest1::templates_description::instance());
mfasttest1::Template1 msg(&allocator);
mfasttest1::Template1_mref mref(msg.mref());
char buffer[1024];

mref.set_field1().as("1234");
encoder.encode(mref, buffer, sizeof(buffer), true)

Resulting memory profiles:

a) Template1 only:

allocate(64)=0x1129830
allocate(64)=0x11357a0
deallocate(0x1129830)
deallocate(0x11357a0)

b) Template1 & Template2 enabled:

allocate(64)=0x1129830
allocate(64)=0x11357a0
deallocate(0x1129830)
deallocate(0x11357a0)
deallocate(0x11357a0) ==[ duplicate ]

c) Template1, Template2 and Template 3 enabled:

allocate(64)=0x1129830
allocate(64)=0x11357a0
deallocate(0x1129830)
deallocate(0x11357a0)
deallocate(0x11357a0) ==[ duplicate ]
deallocate(0x11357a0) ==[ duplicate ]