Replace all free calls with VVV_free[func]

This replaces all calls to SDL_free with a new macro, VVV_free, that nulls the pointer afterwards. This mitigates any use-after-frees and also completely eliminates double-frees. The same is done for any function to free specific objects such as SDL_FreeSurface, with the VVV_freefunc macro. No exceptions for any of these calls, even if the pointer is discarded or zeroed afterwards anyway. Better safe than sorry. This is a macro rather than a function that takes in a pointer-to-pointer because such a function would have type issues that require casting and that's just not safe. Even though SDL_free and other SDL functions already check for NULL, the macro has a NULL check for other functions that don't. For example, FAudioVoice_DestroyVoice does not check for NULL. FILESYSTEM_freeMemory has been axed in favor of VVV_free because it functionally does the same thing except for `unsigned char*` only.
2026-01-29 17:38:16 +03:00 · 2022-11-30 22:30:16 -08:00
parent 6e583d949b
commit a926ce9851
15 changed files with 95 additions and 100 deletions
--- a/desktop_version/src/VFormat.c
+++ b/desktop_version/src/VFormat.c
@@ -4,6 +4,7 @@
 #include <SDL.h>
 #include <stdbool.h>

+#include "Alloc.h"
 #include "CWrappers.h"


@@ -64,8 +65,8 @@ static inline void call_with_upper(format_callback callback, void* userdata, con
        /* Never mind the capitalization then! Better than nothing. */
        callback(userdata, string, bytes);

-        SDL_free(utf32);
-        SDL_free(utf8);
+        VVV_free(utf32);
+        VVV_free(utf8);
        return;
    }

@@ -78,8 +79,8 @@ static inline void call_with_upper(format_callback callback, void* userdata, con

    callback(userdata, utf8, SDL_strlen(utf8));

-    SDL_free(utf32);
-    SDL_free(utf8);
+    VVV_free(utf32);
+    VVV_free(utf8);
 }


@@ -263,7 +264,7 @@ void vformat_cb_valist(
                            {
                                callback(userdata, number, SDL_strlen(number));
                            }
-                            SDL_free(number);
+                            VVV_free(number);
                        }
                        else
                        {
@@ -458,7 +459,7 @@ char* vformat_alloc(
 )
 {
    /* Format to an automatically allocated and resized buffer.
-     * Caller must SDL_free. */
+     * Caller must VVV_free. */

    va_list args;
    va_start(args, args_index);