* patch by marcin mantis 36765. Avoid double free, and add some more nilling after free to avoid similar cases. S

git-svn-id: trunk@44277 -

packages/paszlib/src/gzio.pas

@@ -529,6 +529,7 @@ begin
   if Assigned (s^.outbuf) then
     FreeMem(s^.outbuf, Z_BUFSIZE);
   FreeMem(s, sizeof(gz_stream));
+  s := nil;
 
 end;
 

packages/paszlib/src/infblock.pas

@@ -33,7 +33,7 @@ procedure inflate_blocks_reset (var s : inflate_blocks_state;
                                 c : Pcardinal); { check value on output }
 
 
-function inflate_blocks_free(s : pInflate_blocks_state;
+function inflate_blocks_free(var s : pInflate_blocks_state;
                              var z : z_stream) : integer;
 
 procedure inflate_set_dictionary(var s : inflate_blocks_state;
@@ -103,7 +103,10 @@ begin
   if (c <> nil) then
     c^ := s.check;
   if (s.mode = BTREE) or (s.mode = DTREE) then
+  begin
     freemem(s.sub.trees.blens);
+    s.sub.trees.blens := nil;
+  end;
   if (s.mode = CODES) then
     inflate_codes_free(s.sub.decode.codes, z);
 
@@ -587,6 +590,7 @@ begin
         if (t <> Z_OK) then
         begin
           freemem(s.sub.trees.blens);
+          s.sub.trees.blens := nil;
           r := t;
           if (r = Z_DATA_ERROR) then
             s.mode := BLKBAD;
@@ -707,6 +711,7 @@ begin
                ((c = 16) and (i < 1)) then
             begin
               freemem(s.sub.trees.blens);
+              s.sub.trees.blens := nil;
               s.mode := BLKBAD;
               z.msg := 'invalid bit length repeat';
               r := Z_DATA_ERROR;
@@ -741,6 +746,7 @@ begin
                   1 + ((t shr 5) and $1f),
                   s.sub.trees.blens^, bl, bd, tl, td, s.hufts^, z);
           freemem(s.sub.trees.blens);
+          s.sub.trees.blens := nil;
           if (t <> Z_OK) then
           begin
             if (t = cardinal(Z_DATA_ERROR)) then
@@ -913,13 +919,14 @@ begin
 end;
 
 
-function inflate_blocks_free(s : pInflate_blocks_state;
+function inflate_blocks_free(var s : pInflate_blocks_state;
                              var z : z_stream) : integer;
 begin
   inflate_blocks_reset(s^, z, nil);
   freemem(s^.window);
   freemem(s^.hufts);
   dispose(s);
+  s := nil;
   {$IFDEF ZLIB_DEBUG}
   Trace('inflate:   blocks freed');
   {$ENDIF}  

packages/paszlib/src/infcodes.pas

@@ -25,7 +25,7 @@ function inflate_codes(var s : inflate_blocks_state;
                        var z : z_stream;
                        r : integer) : integer;
 
-procedure inflate_codes_free(c : pInflate_codes_state;
+procedure inflate_codes_free(var c : pInflate_codes_state;
                              var z : z_stream);
 
 implementation
@@ -575,10 +575,11 @@ begin
 end;
 
 
-procedure inflate_codes_free(c : pInflate_codes_state;
+procedure inflate_codes_free(var c : pInflate_codes_state;
                              var z : z_stream);
 begin
   dispose(c);
+  c := nil;
   {$IFDEF ZLIB_DEBUG}  
   Tracev('inflate:       codes free');
   {$ENDIF}

packages/paszlib/src/zip.pas

@@ -184,7 +184,7 @@ begin
   allocate_new_datablock := ldi;
 end;
 
-procedure free_datablock(ldi: linkedlist_datablock_internal_ptr);
+procedure free_datablock(var ldi: linkedlist_datablock_internal_ptr);
 var
   ldinext: linkedlist_datablock_internal_ptr;
 begin
@@ -686,6 +686,7 @@ begin
     err := add_data_in_datablock(@zi^.central_dir, zi^.ci.central_header, longint(zi^.ci.size_centralheader));
 
   FreeMem(zi^.ci.central_header);
+  zi^.ci.central_header := nil;
 
   if (err = ZIP_OK) then
   begin