Memory leak in vsnprintf

Paul Mattes paul.mattes@usa.net
Wed Mar 15 21:25:00 GMT 2006


I believe I have found a memory leak in the newlib version of 
vsnprintf().  If it is called with a NULL 'str' parameter and a 0 
'length', it leaks a BUFSIZ-sized buffer.  (Per C99 and SUSv3, calling 
vsnprintf() with a NULL 'str' and 0 'length' is a way to find out how 
big the formatted string would be without actually storing it anywhere.)

Here is an example program:

   #include <stdio.h>
   #include <stdarg.h>

   int
   waste_it(char *fmt, ...)
   {
           int ns;
           va_list a;

           va_start(a, fmt);
           ns = vsnprintf(NULL, 0, fmt, a);
           va_end(a);
           return ns;
   }

   main(int argc, char *argv[])
   {
           int i;
           int n;

           for (i = 0; i < 10000; i++) {
                   n += waste_it("%s foo %d", "hello", 49);
           }
   }

This program will consume quite a lot of memory on Cygwin, which is 
where it was first reported to me.

-- 
        pdm



More information about the Newlib mailing list