GNU bug report logs - #19580
Memory Leak in coreutils/lib/localcharset.c

Previous Next

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 19580 in the body.
You can then email your comments to 19580 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Zhaopeng Li <zpli <at> ustc.edu.cn>
To: bug-coreutils <at> gnu.org
Subject: Memory Leak in coreutils/lib/localcharset.c
Date: Tue, 13 Jan 2015 18:31:18 +0800

[Message part 1 (text/plain, inline)]

At line 221, the assignment (old_res_ptr = res_ptr) will lead to memory leak when iteration of corresponding loop is greater than 3.


 
 189 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l189>                   /* Parse the file's contents.  */
 190 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l190>                   char *res_ptr = NULL;
 191 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l191>                   size_t res_size = 0;
 192 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l192> 
 193 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l193>                   for (;;)
 194 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l194>                     {
 195 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l195>                       int c;
 196 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l196>                       char buf1[50+1];
 197 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l197>                       char buf2[50+1];
 198 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l198>                       size_t l1, l2;
 199 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l199>                       char *old_res_ptr;
 200 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l200> 
 201 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l201>                       c = getc (fp);
 202 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l202>                       if (c == EOF)
 203 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l203>                         break;
 204 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l204>                       if (c == '\n' || c == ' ' || c == '\t')
 205 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l205>                         continue;
 206 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l206>                       if (c == '#')
 207 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l207>                         {
 208 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l208>                           /* Skip comment, to end of line.  */
 209 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l209>                           do
 210 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l210>                             c = getc (fp);
 211 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l211>                           while (!(c == EOF || c == '\n'));
 212 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l212>                           if (c == EOF)
 213 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l213>                             break;
 214 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l214>                           continue;
 215 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l215>                         }
 216 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l216>                       ungetc (c, fp);
 217 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l217>                       if (fscanf (fp, "%50s %50s", buf1, buf2) < 2)
 218 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l218>                         break;
 219 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l219>                       l1 = strlen (buf1);
 220 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l220>                       l2 = strlen (buf2);
 221 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l221>                       old_res_ptr = res_ptr;
 222 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l222>                       if (res_size == 0)
 223 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l223>                         {
 224 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l224>                           res_size = l1 + 1 + l2 + 1;
 225 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l225>                           res_ptr = (char *) malloc (res_size + 1);
 226 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l226>                         }
 227 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l227>                       else
 228 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l228>                         {
 229 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l229>                           res_size += l1 + 1 + l2 + 1;
 230 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l230>                           res_ptr = (char *) realloc (res_ptr, res_size + 1);
 231 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l231>                         }
 232 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l232>                       if (res_ptr == NULL)
 233 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l233>                         {
 234 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l234>                           /* Out of memory. */
 235 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l235>                           res_size = 0;
 236 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l236>                           free (old_res_ptr);
 237 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l237>                           break;
 238 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l238>                         }
 239 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l239>                       strcpy (res_ptr + res_size - (l2 + 1) - (l1 + 1), buf1);
 240 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l240>                       strcpy (res_ptr + res_size - (l2 + 1), buf2);
 241 <http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/localcharset.c;h=b4af28cd#l241>                     }

[Message part 2 (text/html, inline)]

Message #8 received at 19580 <at> debbugs.gnu.org (full text, mbox):

From: Pádraig Brady <P <at> draigBrady.com>
To: Zhaopeng Li <zpli <at> ustc.edu.cn>, 19580 <at> debbugs.gnu.org
Subject: Re: bug#19580: Memory Leak in coreutils/lib/localcharset.c
Date: Tue, 13 Jan 2015 10:55:36 +0000

forcemerge 19580 19578
stop

On 13/01/15 10:31, Zhaopeng Li wrote:
> At line 221, the assignment (old_res_ptr = res_ptr) will lead to memory leak when iteration of corresponding loop is greater than 3.

Same non issue really.
We don't want to free() here.
I'm not sure how to avoid the warning though?

thanks,
Pádraig.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.