From unknown Tue Jun 24 07:00:18 2025 X-Loop: help-debbugs@gnu.org Subject: bug#19578: Memory leaks in coreutils/lib/locale_charset.c Resent-From: Zhaopeng Li Original-Sender: "Debbugs-submit" Resent-CC: bug-coreutils@gnu.org Resent-Date: Tue, 13 Jan 2015 05:49:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 19578 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: 19578@debbugs.gnu.org X-Debbugs-Original-To: bug-coreutils@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.1421128134739 (code B ref -1); Tue, 13 Jan 2015 05:49:02 +0000 Received: (at submit) by debbugs.gnu.org; 13 Jan 2015 05:48:54 +0000 Received: from localhost ([127.0.0.1]:54891 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YAuLV-0000Bq-4e for submit@debbugs.gnu.org; Tue, 13 Jan 2015 00:48:54 -0500 Received: from eggs.gnu.org ([208.118.235.92]:48135) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YAt48-0006fx-Co for submit@debbugs.gnu.org; Mon, 12 Jan 2015 23:26:53 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YAt42-0007Nb-91 for submit@debbugs.gnu.org; Mon, 12 Jan 2015 23:26:47 -0500 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,HTML_MESSAGE autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:53098) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YAt42-0007NX-79 for submit@debbugs.gnu.org; Mon, 12 Jan 2015 23:26:46 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:49852) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YAt41-0006Iq-AE for bug-coreutils@gnu.org; Mon, 12 Jan 2015 23:26:46 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YAt3s-0007M5-6M for bug-coreutils@gnu.org; Mon, 12 Jan 2015 23:26:45 -0500 Received: from email6.ustc.edu.cn ([2001:da8:d800::8]:60457 helo=ustc.edu.cn) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YAt3r-0007LK-Fk for bug-coreutils@gnu.org; Mon, 12 Jan 2015 23:26:36 -0500 Received: from [10.10.0.7] (unknown [116.251.221.242]) by newmailweb.ustc.edu.cn (Coremail) with SMTP id LkAmygA3PPSxmbRUFBlvAg--.33027S3; Tue, 13 Jan 2015 12:06:13 +0800 (CST) From: Zhaopeng Li Content-Type: multipart/alternative; boundary="Apple-Mail=_2978A446-7F39-4E5D-BCD1-CE7E53DE8CB4" Message-Id: <9638C542-25D7-4FA3-9D12-64E264FDDF64@ustc.edu.cn> Date: Tue, 13 Jan 2015 12:06:08 +0800 Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\)) X-Mailer: Apple Mail (2.1993) X-CM-TRANSID: LkAmygA3PPSxmbRUFBlvAg--.33027S3 X-Coremail-Antispam: 1UD129KBjvdXoW7Xr1rJF17tFy3Kw1fXryDGFg_yoWfJrb_Cr 98KFs0v3y0ka1Skr45ZrWfA3Z0qr45Jry8AryIvw12vr15Xw4UXa1jyrs5Aa45t39Ykryj krs5JrsxAr13KjkaLaAFLSUrUUUUUb8apTn2vfkv8UJUUUU8Yxn0WfASr-VFAUDa7-sFnT 9fnUUIcSsGvfJTRUUUb5kYjsxI4VWkCwAYFVCjjxCrM7AC8VAFwI0_Jr0_Gr1l1xkIjI8I 6I8E6xAIw20EY4v20xvaj40_Wr0E3s1l1IIY67AEw4v_Jr0_Jr4l8cAvFVAK0II2c7xJM2 8CjxkF64kEwVA0rcxSw2x7M28EF7xvwVC0I7IYx2IY67AKxVWDJVCq3wA2z4x0Y4vE2Ix0 cI8IcVCY1x0267AKxVW8Jr0_Cr1UM28EF7xvwVC2z280aVAFwI0_GcCE3s1l84ACjcxK6I 8E87Iv6xkF7I0E14v26rxl6s0DM2AIxVAIcxkEcVAq07x20xvEncxIr21lYx0E2Ix0cI8I cVAFwI0_Jr0_Jr4lYx0Ex4A2jsIE14v26r1j6r4UMcvjeVCFs4IE7xkEbVWUJVW8JwACjc xG0xvY0x0EwIxGrwCF04k20xvY0x0EwIxGrwCFx2IqxVCFs4IE7xkEbVWUJVW8JwC20s02 6c02F40E14v26r106r1rMI8I3I0E7480Y4vE14v26r106r1rMI8E67AF67kF1VAFwI0_Jr 0_JrylIxkGc2Ij64vIr41lIxAIcVC0I7IYx2IY67AKxVWUJVWUCwCI42IY6xIIjxv20xvE c7CjxVAFwI0_Jr0_Gr1lIxAIcVCF04k26cxKx2IYs7xG6rWUJVWrZr1UMIIF0xvEx4A2js IE14v26r1j6r4UMIIF0xvEx4A2jsIEc7CjxVAFwI0_Jr0_GrUvcSsGvfC2KfnxnUUI43ZE Xa7IU87xhJUUUUU== X-CM-SenderInfo: p2soxqpxvwuhxhgxhubq/ X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -4.0 (----) X-Mailman-Approved-At: Tue, 13 Jan 2015 00:48:51 -0500 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -4.0 (----) --Apple-Mail=_2978A446-7F39-4E5D-BCD1-CE7E53DE8CB4 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Platform: Ubuntu 14.10 64-bit Coreutils Version 8.23 At line 534 of coreutils/lib/locale_charset.c, var =E2=80=98aliases' = points to a buffer which is allocated using malloc() . This buffer is not freed when codeset is still an empty string after the = loop (Line 534~542). So it will be leaked under such situation. Line 533 /* Resolve alias. */ Line 534 for (aliases =3D get_charset_aliases (); *aliases !=3D '\0'; aliases +=3D strlen (aliases) + 1, aliases +=3D strlen = (aliases) + 1) if (strcmp (codeset, aliases) =3D=3D 0 || (aliases[0] =3D=3D '*' && aliases[1] =3D=3D '\0')) { codeset =3D aliases + strlen (aliases) + 1; break; } /* Don't return an empty string. GNU libc and GNU = libiconv interpret the empty string as denoting "the locale's character = encoding", thus GNU libiconv would call this function a second = time. */ if (codeset[0] =3D=3D '\0') codeset =3D "ASCII";= --Apple-Mail=_2978A446-7F39-4E5D-BCD1-CE7E53DE8CB4 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8
Platform: Ubuntu 14.10 64-bit
Coreutils Version 8.23



At line 534 of = coreutils/lib/locale_charset.c, var =E2=80=98aliases' points to a buffer = which is allocated using malloc() .

This buffer is not freed when codeset = is still an empty string after the loop (Line 534~542).

So it will be leaked = under such situation.



Line 533    /* Resolve alias. */
Line 534   for (aliases =3D get_charset_aliases ();
        *aliases = !=3D '\0';
        aliases = +=3D strlen (aliases) + 1, aliases +=3D strlen (aliases) + 1)
    if (strcmp (codeset, = aliases) =3D=3D 0
        = || (aliases[0] =3D=3D '*' && aliases[1] =3D=3D '\0'))
      {
        = codeset =3D aliases + strlen (aliases) + 1;
  =       = break;
      = }

  = /* Don't return an empty string.  GNU libc and GNU libiconv = interpret
     the empty = string as denoting "the locale's character encoding",
     thus GNU = libiconv would call this function a second time.  */
  if (codeset[0] =3D=3D = '\0')
    = codeset =3D "ASCII";
= --Apple-Mail=_2978A446-7F39-4E5D-BCD1-CE7E53DE8CB4-- From unknown Tue Jun 24 07:00:18 2025 X-Loop: help-debbugs@gnu.org Subject: bug#19578: Memory leaks in coreutils/lib/locale_charset.c Resent-From: Daiki Ueno Original-Sender: "Debbugs-submit" Resent-CC: bug-coreutils@gnu.org Resent-Date: Tue, 13 Jan 2015 09:36:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 19578 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Zhaopeng Li Cc: 19578@debbugs.gnu.org Received: via spool by 19578-submit@debbugs.gnu.org id=B19578.142114171321958 (code B ref 19578); Tue, 13 Jan 2015 09:36:02 +0000 Received: (at 19578) by debbugs.gnu.org; 13 Jan 2015 09:35:13 +0000 Received: from localhost ([127.0.0.1]:54961 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YAxsX-0005i6-8s for submit@debbugs.gnu.org; Tue, 13 Jan 2015 04:35:13 -0500 Received: from fencepost.gnu.org ([208.118.235.10]:60835 ident=Debian-exim) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YAxsV-0005hv-No for 19578@debbugs.gnu.org; Tue, 13 Jan 2015 04:35:12 -0500 Received: from du-a.org ([2001:e41:db5e:fb14::1]:40533 helo=localhost.localdomain) by fencepost.gnu.org with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1YAxsS-000522-Qc; Tue, 13 Jan 2015 04:35:09 -0500 Message-ID: From: Daiki Ueno References: <9638C542-25D7-4FA3-9D12-64E264FDDF64@ustc.edu.cn> Date: Tue, 13 Jan 2015 18:35:05 +0900 In-Reply-To: <9638C542-25D7-4FA3-9D12-64E264FDDF64@ustc.edu.cn> (Zhaopeng Li's message of "Tue, 13 Jan 2015 12:06:08 +0800") User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -5.0 (-----) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -5.0 (-----) Zhaopeng Li writes: > At line 534 of coreutils/lib/locale_charset.c, var =E2=80=98aliases' poin= ts > to a buffer which is allocated using malloc() . > This buffer is not freed when codeset is still an empty string after > the loop (Line 534~542). > > So it will be leaked under such situation. > Line 533 /* Resolve alias. */ > Line 534 for (aliases =3D get_charset_aliases (); I got the same error from clang-analyzer, but I think the leak is intentional and harmless. The return value of get_charset_aliases is saved in a global variable charset_aliases and won't be allocated twice. Regards, -- Daiki Ueno From unknown Tue Jun 24 07:00:18 2025 X-Loop: help-debbugs@gnu.org Subject: bug#19578: Memory leaks in coreutils/lib/locale_charset.c Resent-From: =?UTF-8?Q?P=C3=A1draig?= Brady Original-Sender: "Debbugs-submit" Resent-CC: bug-coreutils@gnu.org Resent-Date: Tue, 13 Jan 2015 10:04:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 19578 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Zhaopeng Li , 19578@debbugs.gnu.org Received: via spool by 19578-submit@debbugs.gnu.org id=B19578.142114339024791 (code B ref 19578); Tue, 13 Jan 2015 10:04:02 +0000 Received: (at 19578) by debbugs.gnu.org; 13 Jan 2015 10:03:10 +0000 Received: from localhost ([127.0.0.1]:54970 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YAyJZ-0006Rn-Kp for submit@debbugs.gnu.org; Tue, 13 Jan 2015 05:03:09 -0500 Received: from mail1.vodafone.ie ([213.233.128.43]:31508) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YAyJX-0006RC-62 for 19578@debbugs.gnu.org; Tue, 13 Jan 2015 05:03:08 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AmoLAKzstFRtTtD4/2dsb2JhbABbDoJ4UlgBgjVPww2FbAECAoESQwEBAQEBfYQNAQUjDwFWCw0BCgICBRYLAgIJAwIBAgFFBgEMCAEBiCwBCLkUhWmNfwwggSGOX4JogUEFkgKLeINPh3kigzE9PjIBAYJAAQEB Received: from unknown (HELO localhost.localdomain) ([109.78.208.248]) by mail1.vodafone.ie with ESMTP; 13 Jan 2015 10:03:00 +0000 Message-ID: <54B4ED53.6010200@draigBrady.com> Date: Tue, 13 Jan 2015 10:02:59 +0000 From: =?UTF-8?Q?P=C3=A1draig?= Brady User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0 MIME-Version: 1.0 References: <9638C542-25D7-4FA3-9D12-64E264FDDF64@ustc.edu.cn> In-Reply-To: <9638C542-25D7-4FA3-9D12-64E264FDDF64@ustc.edu.cn> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) On 13/01/15 04:06, Zhaopeng Li wrote: > Platform: Ubuntu 14.10 64-bit > Coreutils Version 8.23 > > > > At line 534 of coreutils/lib/locale_charset.c, var ‘aliases' points to a buffer which is allocated using malloc() . > > This buffer is not freed when codeset is still an empty string after the loop (Line 534~542). > > So it will be leaked under such situation. > > > > Line 533 /* Resolve alias. */ > Line 534 for (aliases = get_charset_aliases (); > *aliases != '\0'; > aliases += strlen (aliases) + 1, aliases += strlen (aliases) + 1) > if (strcmp (codeset, aliases) == 0 > || (aliases[0] == '*' && aliases[1] == '\0')) > { > codeset = aliases + strlen (aliases) + 1; > break; > } > > /* Don't return an empty string. GNU libc and GNU libiconv interpret > the empty string as denoting "the locale's character encoding", > thus GNU libiconv would call this function a second time. */ > if (codeset[0] == '\0') > codeset = "ASCII"; What reports this leak? Note that file name is not present in coreutils? The code you're referring to is: http://git.sv.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l588 Though aliases is never freed here, nor should it be. What am I missing? thanks, Pádraig From unknown Tue Jun 24 07:00:18 2025 X-Loop: help-debbugs@gnu.org Subject: bug#19578: Memory leaks in coreutils/lib/locale_charset.c Resent-From: =?UTF-8?Q?P=C3=A1draig?= Brady Original-Sender: "Debbugs-submit" Resent-CC: bug-coreutils@gnu.org Resent-Date: Tue, 13 Jan 2015 10:08:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 19578 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: Daiki Ueno , Zhaopeng Li Cc: 19578@debbugs.gnu.org Received: via spool by 19578-submit@debbugs.gnu.org id=B19578.142114364525183 (code B ref 19578); Tue, 13 Jan 2015 10:08:02 +0000 Received: (at 19578) by debbugs.gnu.org; 13 Jan 2015 10:07:25 +0000 Received: from localhost ([127.0.0.1]:54976 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YAyNg-0006Y1-JW for submit@debbugs.gnu.org; Tue, 13 Jan 2015 05:07:24 -0500 Received: from mail1.vodafone.ie ([213.233.128.43]:19371) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YAyNe-0006Xi-Ed; Tue, 13 Jan 2015 05:07:22 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AtsGAOLttFRtTtD4/2dsb2JhbABbDoJ4gSqBI4ETT8h8AoESQwEBAQEBfYQNAQUjDwFGEAsNCwICBRYLAgIJAwIBAgFFBgEMAQUCAQGILAG5HIVpjX8BAQEBBgEBAQEBHYEhjlgHgmiBQQEEnXqDT4d5IoMxPT4xgkMBAQE Received: from unknown (HELO localhost.localdomain) ([109.78.208.248]) by mail1.vodafone.ie with ESMTP; 13 Jan 2015 10:07:16 +0000 Message-ID: <54B4EE54.6000702@draigBrady.com> Date: Tue, 13 Jan 2015 10:07:16 +0000 From: =?UTF-8?Q?P=C3=A1draig?= Brady User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0 MIME-Version: 1.0 References: <9638C542-25D7-4FA3-9D12-64E264FDDF64@ustc.edu.cn> In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) tag 19578 notabug close 19578 stop On 13/01/15 09:35, Daiki Ueno wrote: > Zhaopeng Li writes: > >> At line 534 of coreutils/lib/locale_charset.c, var ‘aliases' points >> to a buffer which is allocated using malloc() . > >> This buffer is not freed when codeset is still an empty string after >> the loop (Line 534~542). >> >> So it will be leaked under such situation. > >> Line 533 /* Resolve alias. */ >> Line 534 for (aliases = get_charset_aliases (); > > I got the same error from clang-analyzer, but I think the leak is > intentional and harmless. The return value of get_charset_aliases is > saved in a global variable charset_aliases and won't be allocated twice. Thanks Daiki. Closing for now. From unknown Tue Jun 24 07:00:18 2025 X-Loop: help-debbugs@gnu.org Subject: bug#19578: the code References: <9638C542-25D7-4FA3-9D12-64E264FDDF64@ustc.edu.cn> In-Reply-To: <9638C542-25D7-4FA3-9D12-64E264FDDF64@ustc.edu.cn> Resent-From: Zhaopeng Li Original-Sender: "Debbugs-submit" Resent-CC: bug-coreutils@gnu.org Resent-Date: Tue, 13 Jan 2015 10:19:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 19578 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: notabug To: 19578@debbugs.gnu.org Received: via spool by 19578-submit@debbugs.gnu.org id=B19578.142114429731388 (code B ref 19578); Tue, 13 Jan 2015 10:19:02 +0000 Received: (at 19578) by debbugs.gnu.org; 13 Jan 2015 10:18:17 +0000 Received: from localhost ([127.0.0.1]:54983 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YAyYC-0008AC-Sw for submit@debbugs.gnu.org; Tue, 13 Jan 2015 05:18:17 -0500 Received: from smtp2.ustc.edu.cn ([202.38.64.46]:39047 helo=ustc.edu.cn) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YAyY8-00089m-Q6 for 19578@debbugs.gnu.org; Tue, 13 Jan 2015 05:18:14 -0500 Received: from [10.10.0.21] (unknown [116.251.221.242]) by newmailweb.ustc.edu.cn (Coremail) with SMTP id LkAmygBHTADV8LRULO1wAg--.37513S3; Tue, 13 Jan 2015 18:17:59 +0800 (CST) From: Zhaopeng Li Content-Type: multipart/alternative; boundary="Apple-Mail=_4F2136DA-0F9E-4D2F-AF52-86E2824D067D" Message-Id: <6768DE12-E58B-4569-A8BD-6B05866400A9@ustc.edu.cn> Date: Tue, 13 Jan 2015 18:17:57 +0800 Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\)) X-Mailer: Apple Mail (2.1993) X-CM-TRANSID: LkAmygBHTADV8LRULO1wAg--.37513S3 X-Coremail-Antispam: 1UD129KBjvdXoW7Gr4UJr1kAFyrXw13KF1xXwb_yoWkurg_Cr n8KFn8X3y0kw1Skw45trWrXFyYyr1DGr1rZFyvvw4UJFy5ZF4UWr4UAws5Za4FqrZYk34j 9r45JwsxCrn8KjkaLaAFLSUrUUUUUb8apTn2vfkv8UJUUUU8Yxn0WfASr-VFAUDa7-sFnT 9fnUUIcSsGvfJTRUUUbFxYjsxI4VWkKwAYFVCjjxCrM7AC8VAFwI0_Jr0_Gr1l1xkIjI8I 6I8E6xAIw20EY4v20xvaj40_Wr0E3s1l1IIY67AEw4v_Jr0_Jr4l8cAvFVAK0II2c7xJM2 8CjxkF64kEwVA0rcxSw2x7M28EF7xvwVC0I7IYx2IY67AKxVW7JVWDJwA2z4x0Y4vE2Ix0 cI8IcVCY1x0267AKxVW8Jr0_Cr1UM28EF7xvwVC2z280aVAFwI0_GcCE3s1l84ACjcxK6I 8E87Iv6xkF7I0E14v26rxl6s0DM2AIxVAIcxkEcVAq07x20xvEncxIr21lYx0E2Ix0cI8I cVAFwI0_JrI_JrylYx0Ex4A2jsIE14v26r1j6r4UMcvjeVCFs4IE7xkEbVWUJVW8JwACjc xG0xvY0x0EwIxGrwCjr7xvwVCIw2I0I7xG6c02F41l42xK82IYc2Ij64vIr41l4I8I3I0E 4IkC6x0Yz7v_Jr0_Gr1lx2IqxVAqx4xG67AKxVWUGVWUWwC20s026x8GjcxK67AKxVWUGV WUWwC2zVAF1VAY17CE14v26r1j6r15MIIYrxkI7VAKI48JMIIF0xvE2Ix0cI8IcVAFwI0_ Jr0_JF4lIxAIcVC0I7IYx2IY6xkF7I0E14v26r1j6r4UMIIF0xvE42xK8VAvwI8IcIk0rV WrJr0_WFyUJwCI42IY6I8E87Iv67AKxVWUJVW8JwCI42IY6I8E87Iv6xkF7I0E14v26r1j 6r4UYxBIdaVFxhVjvjDU0xZFpf9x07b8GQDUUUUU= X-CM-SenderInfo: p2soxqpxvwuhxhgxhubq/ X-Spam-Score: -0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.0 (/) --Apple-Mail=_4F2136DA-0F9E-4D2F-AF52-86E2824D067D Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 At line 589 of coreutils/lib/locale_charset.c, var =E2=80=98aliases' = points to a buffer which is allocated using malloc() .This buffer is not = freed when codeset is still an empty string after the loop (Line = 589~597). So it will be leaked under such situation. Our static analysis tool reports this problem. 588 = /* Resolve alias. */ 589 = for (aliases =3D get_charset_aliases (); 590 = *aliases !=3D '\0'; 591 = aliases +=3D strlen (aliases) + 1, = aliases +=3D strlen (aliases) + 1) 592 = if (strcmp (codeset, aliases) =3D=3D 0 593 = || (aliases[0] =3D=3D '*' && = aliases[1] =3D=3D '\0')) 594 = { 595 = codeset =3D aliases + strlen = (aliases) + 1; 596 = break; 597 = } 598 = =20 599 = /* Don't return an empty string. GNU = libc and GNU libiconv interpret 600 = the empty string as denoting "the = locale's character encoding", 601 = thus GNU libiconv would call this = function a second time. */ 602 = if (codeset[0] =3D=3D '\0') 603 = codeset =3D "ASCII=E2=80=9D; 604 = =20 605 = #ifdef DARWIN7 606 = /* Mac OS X sets MB_CUR_MAX to 1 when = LC_ALL=3DC, and "UTF-8" 607 = (the default codeset) does not work = when MB_CUR_MAX is 1. */ 608 = if (strcmp (codeset, "UTF-8") =3D=3D 0 && = MB_CUR_MAX_L (uselocale (NULL)) <=3D 1) 609 = codeset =3D "ASCII"; 610 = #endif 611 = =20 612 = return codeset; 613 = }= --Apple-Mail=_4F2136DA-0F9E-4D2F-AF52-86E2824D067D Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 
At line 589 =
of coreutils/lib/locale_charset.c, var =E2=80=98aliases' points to a =
buffer which is allocated using malloc() .This buffer is not freed when =
codeset is still an empty string after the loop (Line 589~597).

So it will be leaked under such situation.
Our static =
analysis tool reports this problem.



588 =   /* Resolve alias. */
589 =   for (aliases =3D get_charset_aliases ();
590 =        *aliases !=3D '\0';
591 =        aliases +=3D strlen&nb= sp;(aliases) + 1, aliases +=3D strlen (alias= es) + 1)
592 =     if (strcmp (codeset, aliases) = =3D=3D 0
593 =         || (aliases[0] =3D= =3D '*' && aliases[1] =3D=3D '\0'))
=
594 =       {
595 =         codeset =3D alia= ses + strlen (aliases) + 1;
596 =         break;
597 =       }
598
599 =   /* Don't return an empty string. = ; GNU libc and GNU libiconv interpret
<= div class=3D"pre" style=3D"font-family: monospace; font-size: small; = white-space: pre;"> 600 =      the empty string as deno= ting "the locale's character encoding",
601 =      thus GNU libiconv would = call this function a second time.  */
602 =   if (codeset[0] =3D=3D '\0')
603 =     codeset =3D "ASCII=E2=80=9D;
604
605 = #ifdef DARWIN7
606 =   /* Mac OS X sets MB_CUR_MAX to&n= bsp;1 when LC_ALL=3DC, and "UTF-8"
607 =      (the default codeset) does&nb= sp;not work when MB_CUR_MAX is 1.  */
608 =   if (strcmp (codeset, "UTF-8") =3D=3D = 0 && MB_CUR_MAX_L (uselocale (NULL)) <= =3D 1)
609 =     codeset =3D "ASCII";
610 #endif
611
612 =   return codeset;
613 = }
= --Apple-Mail=_4F2136DA-0F9E-4D2F-AF52-86E2824D067D-- From debbugs-submit-bounces@debbugs.gnu.org Tue Jan 13 05:55:46 2015 Received: (at control) by debbugs.gnu.org; 13 Jan 2015 10:55:47 +0000 Received: from localhost ([127.0.0.1]:54999 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YAz8U-0000dY-5s for submit@debbugs.gnu.org; Tue, 13 Jan 2015 05:55:46 -0500 Received: from mail1.vodafone.ie ([213.233.128.43]:22615) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YAz8R-0000dF-Sn; Tue, 13 Jan 2015 05:55:44 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AsAGAGj4tFRtTtD4/2dsb2JhbABbDoJ4gk2BE8Z6gk8CgRNDAQEBAQF9hA0BBTIBVgsNAQoJFg8JAwIBAgFFBgEMCAEBiCwBvniOAAELIJAAhCkBBJ16i0gigzE9PoJ0AQEB Received: from unknown (HELO localhost.localdomain) ([109.78.208.248]) by mail1.vodafone.ie with ESMTP; 13 Jan 2015 10:55:37 +0000 Message-ID: <54B4F9A8.4090007@draigBrady.com> Date: Tue, 13 Jan 2015 10:55:36 +0000 From: =?windows-1252?Q?P=E1draig_Brady?= User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0 MIME-Version: 1.0 To: Zhaopeng Li , 19580@debbugs.gnu.org Subject: Re: bug#19580: Memory Leak in coreutils/lib/localcharset.c References: <37746A77-739A-4763-A5F3-DD6ECA6DBB77@ustc.edu.cn> In-Reply-To: <37746A77-739A-4763-A5F3-DD6ECA6DBB77@ustc.edu.cn> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) forcemerge 19580 19578 stop On 13/01/15 10:31, Zhaopeng Li wrote: > At line 221, the assignment (old_res_ptr = res_ptr) will lead to memory leak when iteration of corresponding loop is greater than 3. Same non issue really. We don't want to free() here. I'm not sure how to avoid the warning though? thanks, Pádraig. From debbugs-submit-bounces@debbugs.gnu.org Tue Jan 13 06:15:55 2015 Received: (at control) by debbugs.gnu.org; 13 Jan 2015 11:15:55 +0000 Received: from localhost ([127.0.0.1]:55009 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YAzRy-0002TU-R6 for submit@debbugs.gnu.org; Tue, 13 Jan 2015 06:15:54 -0500 Received: from mail1.vodafone.ie ([213.233.128.43]:16175) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YAzRx-0002TH-23 for control@debbugs.gnu.org; Tue, 13 Jan 2015 06:15:53 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AmUMAP/8tFRtTtD4/2dsb2JhbABbgwaBDYFAgRNPaogkqySUQDVoQwEBAQEBfYQsCipUDQIFFgsCCwMCAQIBOQYCAggNCAEBiCwBqUOPRoVpji2BIZFHgUEFnXqLSCKBRQEBCAEBAQGCGz6CdAIBAg Received: from unknown (HELO localhost.localdomain) ([109.78.208.248]) by mail1.vodafone.ie with ESMTP; 13 Jan 2015 11:15:47 +0000 Message-ID: <54B4FE63.2040509@draigBrady.com> Date: Tue, 13 Jan 2015 11:15:47 +0000 From: =?UTF-8?B?UMOhZHJhaWcgQnJhZHk=?= User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0 MIME-Version: 1.0 To: GNU bug tracker automated control server Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: close 19580 stop [...] Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [213.233.128.43 listed in list.dnswl.org] 1.8 MISSING_SUBJECT Missing Subject: header 0.2 NO_SUBJECT Extra score for no subject X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: close 19580 stop [...] Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [213.233.128.43 listed in list.dnswl.org] 1.8 MISSING_SUBJECT Missing Subject: header 0.2 NO_SUBJECT Extra score for no subject close 19580 stop