nano-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Nano-devel] [PATCH] fix random memory leaks

From: Mike Frysinger
Subject: [Nano-devel] [PATCH] fix random memory leaks
Date: Wed, 22 Jul 2015 02:56:34 -0400 
The rc logic will duplicate the keybinding, but when unbinding the key,
that string is leaked.  When binding, it is stored in the binding struct.

Direct leak of 10 byte(s) in 3 object(s) allocated from:
    #0 0x7fee4c026782 in malloc (.../libasan.so.2+0x98782)
    #1 0x45639e in nmalloc ./src/utils.c:386
    #2 0x456464 in mallocstrncpy ./src/utils.c:417
    #3 0x4564c6 in mallocstrcpy ./src/utils.c:427
    #4 0x43a8a5 in parse_binding ./src/rcfile.c:443
    #5 0x43da44 in parse_rcfile ./src/rcfile.c:1183
    #6 0x43eeab in do_rcfile ./src/rcfile.c:1443
    #7 0x4330c6 in main ./src/nano.c:2464
    #8 0x7fee4b57b74f in __libc_start_main (/lib64/libc.so.6+0x2074f)

When checking the .nanorc file, we construct the path, but never free it.

Direct leak of 19 byte(s) in 1 object(s) allocated from:
    #0 0x7f3e144ac782 in malloc (.../libasan.so.2+0x98782)
    #1 0x4563ac in nmalloc ./src/utils.c:386
    #2 0x41b027 in construct_filename ./src/files.c:2912
    #3 0x41b359 in check_dotnano ./src/files.c:2956
    #4 0x433551 in main ./src/nano.c:2531
    #5 0x7f3e13a0174f in __libc_start_main (/lib64/libc.so.6+0x2074f)

With debug builds, make sure we free the linter string.

Direct leak of 45 byte(s) in 4 object(s) allocated from:
    #0 0x7fec88963782 in malloc (.../libasan.so.2+0x98782)
    #1 0x45bfe7 in nmalloc ./src/utils.c:386
    #2 0x45c0ad in mallocstrncpy ./src/utils.c:417
    #3 0x45c10f in mallocstrcpy ./src/utils.c:427
    #4 0x4416cd in parse_linter ./src/rcfile.c:1006
    #5 0x44233e in parse_rcfile ./src/rcfile.c:1173
    #6 0x43fd0d in _parse_include ./src/rcfile.c:616
    #7 0x43ff3c in parse_include ./src/rcfile.c:635
    #8 0x4421d8 in parse_rcfile ./src/rcfile.c:1153
    #9 0x4436f1 in do_rcfile ./src/rcfile.c:1402
    #10 0x436d4d in main ./src/nano.c:2464
    #11 0x7fec87eb874f in __libc_start_main (/lib64/libc.so.6+0x2074f)

With debug builds, make sure we free the formatter string.

Direct leak of 9 byte(s) in 1 object(s) allocated from:
    #0 0x7fec88963782 in malloc (.../libasan.so.2+0x98782)
    #1 0x45bfe7 in nmalloc ./src/utils.c:386
    #2 0x45c0ad in mallocstrncpy ./src/utils.c:417
    #3 0x45c10f in mallocstrcpy ./src/utils.c:427
    #4 0x441856 in parse_formatter ./src/rcfile.c:1032
    #5 0x44236a in parse_rcfile ./src/rcfile.c:1176
    #6 0x43fd0d in _parse_include ./src/rcfile.c:616
    #7 0x43ff3c in parse_include ./src/rcfile.c:635
    #8 0x4421d8 in parse_rcfile ./src/rcfile.c:1153
    #9 0x4436f1 in do_rcfile ./src/rcfile.c:1402
    #10 0x436d4d in main ./src/nano.c:2464
    #11 0x7fec87eb874f in __libc_start_main (/lib64/libc.so.6+0x2074f)
---
 src/files.c  | 8 +++++---
 src/global.c | 2 ++
 src/rcfile.c | 3 ++-
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/src/files.c b/src/files.c
index 3c417b7..ea14e39 100644
--- a/src/files.c
+++ b/src/files.c
@@ -2952,6 +2952,7 @@ void history_error(const char *msg, ...)
  * successfully created, and return 0 otherwise. */
 int check_dotnano(void)
 {
+    int ret = 1;
     struct stat dirstat;
     char *nanodir = construct_filename("/.nano");
 
@@ -2960,15 +2961,16 @@ int check_dotnano(void)
            history_error(N_("Unable to create directory %s: %s\n"
                             "It is required for saving/loading search history 
or cursor positions.\n"),
                                nanodir, strerror(errno));
-           return 0;
+           ret = 0;
        }
     } else if (!S_ISDIR(dirstat.st_mode)) {
        history_error(N_("Path %s is not a directory and needs to be.\n"
                         "Nano will be unable to load or save search history or 
cursor positions.\n"),
                                nanodir);
-       return 0;
+       ret = 0;
     }
-    return 1;
+    free(nanodir);
+    return ret;
 }
 
 /* Load the search and replace histories from ~/.nano/search_history. */
diff --git a/src/global.c b/src/global.c
index 209fc4e..4e28e7a 100644
--- a/src/global.c
+++ b/src/global.c
@@ -1613,6 +1613,8 @@ void thanks_for_all_the_fish(void)
        syntaxtype *bill = syntaxes;
 
        free(syntaxes->desc);
+       free(syntaxes->linter);
+       free(syntaxes->formatter);
        while (syntaxes->extensions != NULL) {
            regexlisttype *bob = syntaxes->extensions;
            syntaxes->extensions = bob->next;
diff --git a/src/rcfile.c b/src/rcfile.c
index f07e80c..2f93323 100644
--- a/src/rcfile.c
+++ b/src/rcfile.c
@@ -571,7 +571,8 @@ void parse_binding(char *ptr, bool dobind)
        /* Add the new shortcut at the start of the list. */
        newsc->next = sclist;
        sclist = newsc;
-    }
+    } else
+       free(keycopy);
 }
 
 
-- 
2.4.4
reply via email to
[Prev in Thread] Current Thread [Next in Thread]