In the error-handling paths of notmuch_database_open, we call notmuch_database_close, which "delete"s several objects referenced by the notmuch_database_t object. However, some of these pointers may be uninitialized, resulting in undefined behavior. Hence, allocate the notmuch_database_t with talloc_zero to make sure these pointers are NULL so that "delete"ing them is harmless. --- lib/database.cc | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/lib/database.cc b/lib/database.cc index 8103bd9..a6d15a1 100644 --- a/lib/database.cc +++ b/lib/database.cc @@ -617,7 +617,7 @@ notmuch_database_open (const char *path, initialized = 1; } - notmuch = talloc (NULL, notmuch_database_t); + notmuch = talloc_zero (NULL, notmuch_database_t); notmuch->exception_reported = FALSE; notmuch->path = talloc_strdup (notmuch, path); -- 1.7.7.3