This is the mail archive of the newlib@sourceware.org mailing list for the newlib project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Memory leak in vsnprintf

From: Paul Mattes <paul dot mattes at usa dot net>
To: newlib at sources dot redhat dot com
Date: Wed, 15 Mar 2006 14:52:48 -0600
Subject: Memory leak in vsnprintf

I believe I have found a memory leak in the newlib version of vsnprintf(). If it is called with a NULL 'str' parameter and a 0 'length', it leaks a BUFSIZ-sized buffer. (Per C99 and SUSv3, calling vsnprintf() with a NULL 'str' and 0 'length' is a way to find out how big the formatted string would be without actually storing it anywhere.)

Here is an example program:

  #include <stdio.h>
  #include <stdarg.h>

  int
  waste_it(char *fmt, ...)
  {
          int ns;
          va_list a;

          va_start(a, fmt);
          ns = vsnprintf(NULL, 0, fmt, a);
          va_end(a);
          return ns;
  }

  main(int argc, char *argv[])
  {
          int i;
          int n;

          for (i = 0; i < 10000; i++) {
                  n += waste_it("%s foo %d", "hello", 49);
          }
  }

This program will consume quite a lot of memory on Cygwin, which is where it was first reported to me.

--
       pdm

Follow-Ups:
- Re: Memory leak in vsnprintf
  - From: Jeff Johnston

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]