[Bug stdio/26215] New: printf_fp memory leak

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[Bug stdio/26215] New: printf_fp memory leak

Sourceware - glibc-bugs mailing list
https://sourceware.org/bugzilla/show_bug.cgi?id=26215

            Bug ID: 26215
           Summary: printf_fp memory leak
           Product: glibc
           Version: 2.32
            Status: NEW
          Severity: normal
          Priority: P2
         Component: stdio
          Assignee: unassigned at sourceware dot org
          Reporter: jsm28 at gcc dot gnu.org
  Target Milestone: ---

__printf_fp_l has a memory leak in the case of some I/O errors, where both
buffer and wbuffer have been malloced but the handling of I/O errors only frees
wbuffer. The following test illustrates this.

#include <mcheck.h>
#include <stdio.h>
#include <stdlib.h>

int
main (void)
{
  mtrace ();
  FILE *fp;
  if ((fp = fopen ("/dev/full", "w")) == NULL)
    exit (1);
  fprintf (fp, "%.65536f", 1.0);
  fclose (fp);
}

--
You are receiving this mail because:
You are on the CC list for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug stdio/26215] printf_fp memory leak

Sourceware - glibc-bugs mailing list
https://sourceware.org/bugzilla/show_bug.cgi?id=26215

Joseph Myers <jsm28 at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
   Target Milestone|---                         |2.32
         Resolution|---                         |FIXED

--- Comment #1 from Joseph Myers <jsm28 at gcc dot gnu.org> ---
Fixed for 2.32.

commit 90663e9c814a919fa1fb41a878c06ef2fae58ed2
Author: Joseph Myers <[hidden email]>
Date:   Thu Jul 9 21:52:24 2020 +0000

    Fix memory leak in __printf_fp_l (bug 26215).

    __printf_fp_l has a memory leak in the case of some I/O errors, where
    both buffer and wbuffer have been malloced but the handling of I/O
    errors only frees wbuffer.  This patch fixes this by moving the
    declaration of buffer to an outer scope and ensuring that it is freed
    when wbuffer is freed.

    Tested for x86_64 and x86.

--
You are receiving this mail because:
You are on the CC list for the bug.