[patch] Fix BZ 19012 -- memory leak on error path in iconv_open

Mike Frysinger vapier@gentoo.org
Mon Sep 28 17:31:00 GMT 2015


On 27 Sep 2015 14:22, Paul Pluzhnikov wrote:
> --- a/iconv/gconv_db.c
> +++ b/iconv/gconv_db.c
> @@ -279,6 +279,12 @@ gen_steps (struct derivation_step *best, const char *toset,
>  	      if (shlib_handle == NULL)
>  		{
>  		  failed = 1;
> +
> +		  /* Don't leak memory.  BZ #19012.  */
> +		  if (step_cnt == 0)
> +		    free (result[step_cnt].__from_name);
> +		  free (result[*nsteps - 1].__to_name);
> +
>  		  break;
>  		}

what about the other failure case (init_fct returns an error) ?

the strduping seems a bit convoluted and makes error handling error prone.
what about something a bit more straightforward:
	char *to_name = NULL;
	char *from_name = NULL;
	...
	result[step_cnt].__from_name = (step_cnt == 0
	                                ? from_name = __strdup (fromset)
	                                : (char *)current->last->result_set);
	result[step_cnt].__to_name = (step_cnt + 1 == *nsteps
	                              ? fo_name = __strdup (current->result_set)
	                              : result[step_cnt + 1].__from_name);
	...

and then in the common clean up at the end:
	if (__builtin_expect (failed, 0) != 0) {
		...
		free (result);
		free (to_name);
		free (from_name);
		...
-mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://sourceware.org/pipermail/libc-alpha/attachments/20150928/56f99286/attachment.sig>


More information about the Libc-alpha mailing list