ext/com_dotnet: release the held IUnknown in com_get_active_object()#22378
Open
iliaal wants to merge 1 commit into
Open
ext/com_dotnet: release the held IUnknown in com_get_active_object()#22378iliaal wants to merge 1 commit into
iliaal wants to merge 1 commit into
Conversation
The cleanup block guarded on `unk` but released `obj`, so a successful GetActiveObject() released the IDispatch proxy twice (once already under the obj guard) and never released the IUnknown it returned, leaking it. Release `unk` so each interface pointer is released exactly once.
devnexen
approved these changes
Jun 21, 2026
devnexen
left a comment
devnexen
left a comment
Member
There was a problem hiding this comment.
This also fixes a NULL-deref crash, not just a leak. On the QueryInterface failure branch (com_com.c:310-313), obj stays NULL while unk is valid, so the old if (unk)
IUnknown_Release(obj) at com_com.c:325 releases NULL through a NULL vtable and crashes instead of throwing. IUnknown_Release(unk) is guarded non-NULL, so it's correct
there too. Worth a line in the commit message IMO.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The cleanup block guards on
unkbut releasesobj, so a successful GetActiveObject() releases the IDispatch proxy twice and never releases the IUnknown it returned, leaking it. Releaseunkso each interface pointer is released exactly once. Windows-only; no test, since it needs a live Running Object Table entry.