Bug 2072

Summary:	memory leak in stdio-common/printf_fp.c
Product:	glibc	Reporter:	Heiko Nardmann <heiko.nardmann>
Component:	libc	Assignee:	Ulrich Drepper <drepper.fsp>
Status:	RESOLVED FIXED
Severity:	minor	CC:	fweimer, glibc-bugs
Priority:	P2	Flags:	fweimer: security-
Version:	2.3.6
Target Milestone:	---
Host:		Target:
Build:		Last reconfirmed:	2006-01-15 16:26:27

Description Heiko Nardmann 2005-12-20 13:22:57 UTC

In stdio-common/printf_fp.c there are some locations (handling error  
situations) in function _printf_fp() where the deallocation of memory for  
wbuffer is not handled. E.g. the macros PADN() und outchar() return to caller  
without checking wbuffer. I'm not sure whether this is intentionally done or  
not.  
  
#define outchar(ch)							      \  
  do									      \  
    {									      \  
      register const int outc = (ch);					      \  
      if (putc (outc, fp) == EOF)					      \  
	return -1;							      \  
      ++done;								      \  
    } while (0)  
  
#define PADN(ch, len)							      \  
  do									      \  
    {									      \  
      if (PAD (fp, ch, len) != len)					      \  
	return -1;							      \  
      done += len;							      \  
    }									      \  
  while (0)

Comment 1 Andreas Jaeger 2006-01-15 16:26:27 UTC

Those really seem to not get freed.

Comment 2 Ulrich Drepper 2006-04-25 18:39:04 UTC

Should be fixed in CVS.

Comment 3 Florian Weimer 2018-04-19 14:11:33 UTC

Flagging as security- because the resource leak does not seem to have been relevant in practice.