[Crash-utility] [PATCH] fix segfaults in sial during script unload

[Rabin Vincent]

There are a couple of segfault-causing memory accesses in sial when
scripts are unloaded.  Also, I noticed a memory leak in the vicinity of
one of the segfaults.

The patch below fixes these.

(1) in reg_callback, while unloading, help_str, an unitialized
    pointer, is passed to sial_free()

(2) the help_data pointers are sial_strdup()'d and not freed.  the
    help_data itself is malloc()'d but not freed

(3) in sial_deletefile(), the call to sial_freefile() frees the fdata,
    but it is removed from the list (a process which accesses
    this fdata) only in sial_findfile(name, 1).

Rabin

diff --git a/extensions/libsial/sial_func.c b/extensions/libsial/sial_func.c
index cd4648f..c5373ef 100644
--- a/extensions/libsial/sial_func.c
+++ b/extensions/libsial/sial_func.c
@@ -317,8 +317,8 @@ fdata *fd=sial_findfile(name, 0);
 
 	if(fd) {
 
-		sial_freefile(fd);
                 (void)sial_findfile(name, 1);
+		sial_freefile(fd);
 		return 1;
 
 	}
diff --git a/extensions/sial.c b/extensions/sial.c
index 49ae417..3b7df90 100644
--- a/extensions/sial.c
+++ b/extensions/sial.c
@@ -887,6 +887,10 @@ struct command_table_entry *cp, *end;
     for (cp = command_table; cp->name; cp++) {
         if (!strcmp(cp->name, name)) {
             sial_free(cp->name);
+            sial_free(cp->help_data[0]);
+            sial_free(cp->help_data[2]);
+            sial_free(cp->help_data[3]);
+            free(cp->help_data);
             memmove(cp, cp+1, sizeof *cp *(NCMDS-(cp-command_table)-1));
             break;
         }
@@ -937,7 +941,6 @@ char **help=malloc(sizeof *help * 5);
             }
             else rm_sial_cmd(name);
         }
-        sial_free(help_str);
     }
     free(help);
     return;