gnucash stable: xaccAccountDeleteAllTransactions: Avoid UAF crashes
John Ralls
jralls at code.gnucash.org
Fri Mar 7 18:46:28 EST 2025
Updated via https://github.com/Gnucash/gnucash/commit/90662d72 (commit)
from https://github.com/Gnucash/gnucash/commit/0e15e12e (commit)
commit 90662d72a2857cbc1300bc8c5f8a526cd296b784
Author: John Ralls <jralls at ceridwen.us>
Date: Fri Mar 7 15:42:17 2025 -0800
xaccAccountDeleteAllTransactions: Avoid UAF crashes
Chris Lam pointed out that the original algo would crash if a
transaction had more than one split in the account being deleted.
Deduplicate the transaction vector first to protect against that.
Also suspend qof events for a 4x speedup.
Summary of changes:
libgnucash/engine/Account.cpp | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
More information about the gnucash-patches
mailing list