This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[PATCH][BZ #15859] Memory leak detected in _dl_map_object_deps()

From: Vinitha Vijayan <vinitha dot vijayann at gmail dot com>
To: libc-alpha at sourceware dot org
Date: Thu, 5 Sep 2013 12:02:29 +0530
Subject: [PATCH][BZ #15859] Memory leak detected in _dl_map_object_deps()
Authentication-results: sourceware.org; auth=none

Hi,
 Memory leak observed in the _dl_map_object_deps().
 The following malloc() causes the leak.

...
            l_reldeps = malloc (sizeof (*l_reldeps)
                                + map->l_reldepsmax
                                  * sizeof (struct link_map *));
...

The issue can be reproduced using a minimal test scenario which is shown below
...
   * libX.so
       \--------> libA.so
       \--------> libB.so
       \--------> libC.so

   * libA.so
       \-------> libB.so
       \........................> libC.so ( relocation dependency)

   * libB.so
       \-------> libC.so
 * main application
  {
   ...
   dlopen(libX.so);
   ...
   dlopen(libA.so)
   }
...
This happens because of duplicate declaration of pointer l_reldeps as
shown below
...
  struct link_map_reldeps *l_reldeps = NULL;       ===> HERE
  if (map->l_reldeps != NULL)
    {
      for (i = 1; i < nlist; ++i)
        map->l_searchlist.r_list[i]->

l_reserved = 1;
      struct link_map **list = &map->l_reldeps->list[0];
      for (i = 0; i < map->l_reldeps->act; ++i)
        if (list[i]->l_reserved)
          {
            /* Need to allocate new array of relocation dependencies.  */
            struct link_map_reldeps *l_reldeps;  ===>  HERE
            l_reldeps = malloc (sizeof (*l_reldeps)
                                + map->l_reldepsmax
                                  * sizeof (struct link_map *));
...

The fix is to remove the duplicate declaration inside the if loop.

Patch:

Index: b/elf/dl-deps.c
===================================================================
--- a/elf/dl-deps.c
+++ b/elf/dl-deps.c
@@ -595,7 +595,6 @@ Filters not supported with LD_TRACE_PREL

  if (list[i]->l_reserved)
   {
     /* Need to allocate new array of relocation dependencies.  */
-    struct link_map_reldeps *l_reldeps;
     l_reldeps = malloc (sizeof (*l_reldeps)
  + map->l_reldepsmax

   * sizeof (struct link_map *));

Regards,
Vinitha Vijayan
Sony India Software Centre Pvt Ltd.

Follow-Ups:
- Re: [PATCH][BZ #15859] Memory leak detected in _dl_map_object_deps()
  - From: OndÅej BÃlka

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]