"fix" use after free in tef.

git-svn-id: http://gpsbabel.googlecode.com/svn/trunk@4674 f51c46e8-681c-474f-0cfe-069cfd0219fb

diff --git a/gpsbabel/tef_xml.cc b/gpsbabel/tef_xml.cc
index daab9674dd43ee52e39f5a1635196c9b5f97e0c8..707b7c275d931562d48014c2b9fa549a389013a0 100644 (file)
--- a/gpsbabel/tef_xml.cc
+++ b/gpsbabel/tef_xml.cc
@@ -127,9 +127,10 @@ tef_list_start(xg_string args, const QXmlStreamAttributes* attrv)
  * fix_notes tries to create a new PointDescription, which
  * should be "Wittlicher Strasse (L34)" for the example above
  */
-
+// FIXME: the calling convention here is screwy.  notes is an input AND
+// output argument and may be modified.
 static char*
-fix_notes(char* name, char* notes)
+fix_notes(const char* name, char* notes)
 {
   const char* cleft, *cright, *cback;
   char* ctmp;
@@ -166,13 +167,13 @@ static char*
 fix_notes(const QString& name, const QString& notes)
 {
 
-// WTH?  fix_notes() modifies the note string...and
-// may reallocate it.
   char* cname = xstrdup(name);
   char* cnotes = xstrdup(notes);
   char *r =  fix_notes(cname, cnotes);
   xfree(cname);
-  xfree(cnotes);
+// WTH?  fix_notes() modifies the note string...and
+// may reallocate it.
+//  xfree(cnotes);
   return r;
 }