This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/15894] New: Apparent memory leak of new_environ in stdlib/setenv.c.
- From: "brooks at gcc dot gnu.org" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Mon, 26 Aug 2013 18:20:41 +0000
- Subject: [Bug libc/15894] New: Apparent memory leak of new_environ in stdlib/setenv.c.
- Auto-submitted: auto-generated
http://sourceware.org/bugzilla/show_bug.cgi?id=15894
Bug ID: 15894
Summary: Apparent memory leak of new_environ in
stdlib/setenv.c.
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: libc
Assignee: unassigned at sourceware dot org
Reporter: brooks at gcc dot gnu.org
CC: drepper.fsp at gmail dot com
As per OndÅej BÃlka's cppcheck results
(http://sourceware.org/ml/libc-alpha/2013-08/msg00448.html), there is a memory
leak in stdlib/setenv.c on line 197. This code is a conditional exit:
if (__builtin_expect (new_environ[size] == NULL, 0))
{
UNLOCK;
return -1;
}
Here, it appears that new_environ may or may not need to be freed depending on
what happens with the realloc on line 142:
new_environ = (char **) realloc (last_environ,
(size + 2) * sizeof (char *));
In particular, I note that there is different logic used for the conditional
exit on line 171:
if (new_value == NULL)
{
UNLOCK;
if (last_environ == NULL)
free (new_environ);
return -1;
}
It's not clear that either of these is entirely correct; as far as I can tell,
the only way we don't leak new_environ is if (a) it happens to be the same as
last_environ due to the behavior of the realloc() call, or (b) we get to line
222, which saves it:
last_environ = __environ = new_environ;
--
You are receiving this mail because:
You are on the CC list for the bug.