This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [patch]: Fix memory leak of c-exp.y

From: Jan Kratochvil <jan dot kratochvil at redhat dot com>
To: Hui Zhu <teawater at gmail dot com>
Cc: Thiago Jung Bauermann <bauerman at br dot ibm dot com>, gdb-patches at sourceware dot org
Date: Tue, 24 Jun 2008 15:35:40 +0200
Subject: Re: [patch]: Fix memory leak of c-exp.y
References: <daef60380806232332n429917efu4eec3c7ca1731987@mail.gmail.com>

On Tue, 24 Jun 2008 08:32:44 +0200, teawater wrote:
> ChangeLog:
> 2008-06-21  Hui Zhu <teawater@gmail.com>
>        * gdb/c-exp.y: Fix memory leak of function parse_number

Agreed with the fix just IMO the block of code needs more cleanups.  [attached]
The leak was brought in by:
  http://sourceware.org/ml/gdb-patches/2007-10/msg00395.html

Just please check the GNU Coding Standards document for the ChangeLog style, it
should have been more like:

2008-06-21  Hui Zhu  <teawater@gmail.com>

	* c-exp.y (parse_number): Fix a memory leak.

Thanks,
Jan

2008-06-24  Jan Kratochvil  <jan.kratochvil@redhat.com>

	Fix a memory leak found by Hui Zhu <teawater@gmail.com>.
	* c-exp.y (parse_number): Move the S and SAVED_CHAR initialization
	after the DECFLOAT detection to fix a memory leak.  Remove the
	redundant NUM initialization.  Protect the DECFLOAT detection memory
	access before the P block.  Restore the P memory content for the
	DECFLOAT detection.

--- ./gdb/c-exp.y	9 Jun 2008 19:25:14 -0000	1.45
+++ ./gdb/c-exp.y	24 Jun 2008 13:03:26 -0000
@@ -1118,45 +1118,46 @@ parse_number (p, len, parsed_float, puti
   if (parsed_float)
     {
       /* It's a float since it contains a point or an exponent.  */
-      char *s = malloc (len);
-      int num = 0;	/* number of tokens scanned by scanf */
-      char saved_char = p[len];
-
-      p[len] = 0;	/* null-terminate the token */
+      char *s;
+      int num;	/* number of tokens scanned by scanf */
+      char saved_char;
 
       /* If it ends at "df", "dd" or "dl", take it as type of decimal floating
          point.  Return DECFLOAT.  */
 
-      if (p[len - 2] == 'd' && p[len - 1] == 'f')
+      if (len >= 2 && p[len - 2] == 'd' && p[len - 1] == 'f')
 	{
 	  p[len - 2] = '\0';
 	  putithere->typed_val_decfloat.type
 	    = builtin_type (current_gdbarch)->builtin_decfloat;
 	  decimal_from_string (putithere->typed_val_decfloat.val, 4, p);
-	  p[len] = saved_char;
-	  return (DECFLOAT);
+	  p[len - 2] = 'd';
+	  return DECFLOAT;
 	}
 
-      if (p[len - 2] == 'd' && p[len - 1] == 'd')
+      if (len >= 2 && p[len - 2] == 'd' && p[len - 1] == 'd')
 	{
 	  p[len - 2] = '\0';
 	  putithere->typed_val_decfloat.type
 	    = builtin_type (current_gdbarch)->builtin_decdouble;
 	  decimal_from_string (putithere->typed_val_decfloat.val, 8, p);
-	  p[len] = saved_char;
-	  return (DECFLOAT);
+	  p[len - 2] = 'd';
+	  return DECFLOAT;
 	}
 
-      if (p[len - 2] == 'd' && p[len - 1] == 'l')
+      if (len >= 2 && p[len - 2] == 'd' && p[len - 1] == 'l')
 	{
 	  p[len - 2] = '\0';
 	  putithere->typed_val_decfloat.type
 	    = builtin_type (current_gdbarch)->builtin_declong;
 	  decimal_from_string (putithere->typed_val_decfloat.val, 16, p);
-	  p[len] = saved_char;
-	  return (DECFLOAT);
+	  p[len - 2] = 'd';
+	  return DECFLOAT;
 	}
 
+      s = malloc (len);
+      saved_char = p[len];
+      p[len] = 0;	/* null-terminate the token */
       num = sscanf (p, "%" DOUBLEST_SCAN_FORMAT "%s",
 		    &putithere->typed_val_float.dval, s);
       p[len] = saved_char;	/* restore the input stream */

Follow-Ups:
- Re: [patch]: Fix memory leak of c-exp.y
  - From: teawater

References:
- [patch]: Fix memory leak of c-exp.y
  - From: teawater

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]