[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Memleak in glob()
|
From: |
Bruno Haible |
|
Subject: |
Re: Memleak in glob() |
|
Date: |
Thu, 06 Jul 2017 23:25:39 +0200 |
|
User-agent: |
KMail/5.1.3 (Linux/4.4.0-83-generic; KDE/5.18.0; x86_64; ; ) |
Tim Rühsen wrote:
> > > Attached is a patch fixing the issue for me
> >
> > The 'return 0;' in line 1104 is correct, because 'dirname' is stuffed into
> > the result array in the lines before. Therefore dirname must NOT be freed
> > here.
>
> This is right for one path, but not all the paths before 'return 0' stuff
> 'dirname' into that array.
Fixed like this. Let's see what remaining issues Coverity reports in glob.c
(next Monday).
2017-07-06 Bruno Haible <address@hidden>
glob: Fix more memory leaks.
* lib/glob.c (glob): Free dirname before returning.
Reported by Coverity and Tim Rühsen.
diff --git a/lib/glob.c b/lib/glob.c
index dc0aff6..a38cf22 100644
--- a/lib/glob.c
+++ b/lib/glob.c
@@ -1091,6 +1091,8 @@ glob (const char *pattern, int flags, int (*errfunc)
(const char *, int),
p = mempcpy (pglob->gl_pathv[newcount], dirname, dirlen);
p[0] = '/';
p[1] = '\0';
+ if (__glibc_unlikely (malloc_dirname))
+ free (dirname);
}
else
{
Re: Memleak in glob(), Paul Eggert, 2017/07/02