2072 – memory leak in stdio-common/printf_fp.c

Bug 2072 - memory leak in stdio-common/printf_fp.c

Summary: memory leak in stdio-common/printf_fp.c

Status:	RESOLVED FIXED

Alias:	None

Product:	glibc
Classification:	Unclassified
Component:	libc (show other bugs)
Version:	2.3.6

Importance:	P2 minor
Target Milestone:	---
Assignee:	Ulrich Drepper

URL:
Keywords:

Depends on:
Blocks:

Reported:	2005-12-20 13:22 UTC by Heiko Nardmann
Modified:	2018-04-19 14:11 UTC (History)
CC List:	2 users (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:	2006-01-15 16:26:27

Flags:	fweimer: security-

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Heiko Nardmann 2005-12-20 13:22:57 UTC

In stdio-common/printf_fp.c there are some locations (handling error  
situations) in function _printf_fp() where the deallocation of memory for  
wbuffer is not handled. E.g. the macros PADN() und outchar() return to caller  
without checking wbuffer. I'm not sure whether this is intentionally done or  
not.  
  
#define outchar(ch)							      \  
  do									      \  
    {									      \  
      register const int outc = (ch);					      \  
      if (putc (outc, fp) == EOF)					      \  
	return -1;							      \  
      ++done;								      \  
    } while (0)  
  
#define PADN(ch, len)							      \  
  do									      \  
    {									      \  
      if (PAD (fp, ch, len) != len)					      \  
	return -1;							      \  
      done += len;							      \  
    }									      \  
  while (0)

Comment 1 Andreas Jaeger 2006-01-15 16:26:27 UTC

Those really seem to not get freed.

Comment 2 Ulrich Drepper 2006-04-25 18:39:04 UTC

Should be fixed in CVS.

Comment 3 Florian Weimer 2018-04-19 14:11:33 UTC

Flagging as security- because the resource leak does not seem to have been relevant in practice.