This is the mail archive of the libc-hacker@sources.redhat.com mailing list for the glibc project.

Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[PATCH] Fix memory leaks in getaddrinfo


Hi!

For details see
http://bugzilla.redhat.com/beta2/show_bug.cgi?id=139559
gaih_inet was not freeing air, furthermore there are a couple of issues
in __nscd_getai itself:
1) if malloc fails, it wouldn't close the socket nor drop map ref
2) if it detects database corruption, it wouldn't free resultbuf
3) if drop_map_ref fails and retval != -1, we could have stored already
   resultbuf we are going to free to *result.  But if for some reason during
   the retry we end up returning -1 or ENOENT/0 (i.e. we don't overwrite
   *result), the caller will be looking into freed up buffer

2004-11-22  Jakub Jelinek  <jakub@redhat.com>

	* nscd/nscd_getai (__nscd_getai): Avoid memory and file descriptor
	leaks.
	* sysdeps/posix/getaddrinfo.c (gaih_inet): Free air.

--- libc/nscd/nscd_getai.c.jj	2004-11-10 10:30:32.000000000 +0100
+++ libc/nscd/nscd_getai.c	2004-11-22 11:03:41.658695898 +0100
@@ -104,7 +104,7 @@ __nscd_getai (const char *key, struct ns
       if (resultbuf == NULL)
 	{
 	  *h_errnop = NETDB_INTERNAL;
-	  return -1;
+	  goto out_close;
 	}
 
       /* Set up the data structure, including pointers.  */
@@ -140,7 +140,10 @@ __nscd_getai (const char *key, struct ns
 	  if (resultbuf->canon != NULL
 	      && resultbuf->canon[ai_resp->canonlen - 1] != '\0')
 	    /* We cannot use the database.  */
-	    goto out_close;
+	    {
+	      free (resultbuf);
+	      goto out_close;
+	    }
 
 	  retval = 0;
 	  *result = resultbuf;
@@ -173,6 +176,7 @@ __nscd_getai (const char *key, struct ns
 	  mapped = NO_MAPPING;
 	}
 
+      *result = NULL;
       free (resultbuf);
 
       goto retry;
--- libc/sysdeps/posix/getaddrinfo.c.jj	2004-09-30 00:50:11.000000000 +0200
+++ libc/sysdeps/posix/getaddrinfo.c	2004-11-22 11:03:57.679819031 +0100
@@ -767,6 +767,8 @@ gaih_inet (const char *name, const struc
 		      addrs += size;
 		    }
 
+		  free (air);
+
 		  if (at->family == AF_UNSPEC)
 		    return (GAIH_OKIFUNSPEC | -EAI_NONAME);
 

	Jakub


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]