public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libc/2451] New: dlopen can leak small amounts of memory if it fails
@ 2006-03-13  4:43 umbrook0 at cs dot umanitoba dot ca
  2006-03-13  4:43 ` [Bug libc/2451] " umbrook0 at cs dot umanitoba dot ca
                   ` (6 more replies)
  0 siblings, 7 replies; 8+ messages in thread
From: umbrook0 at cs dot umanitoba dot ca @ 2006-03-13  4:43 UTC (permalink / raw)
  To: glibc-bugs

Valgrind reports that dlopen() leaks memory if it fails because the file is invalid.

To duplicate:
1. echo "Test" > not-a-lib.so
2. gcc -g test.c -ldl
3. valgrind --leak-check=full ./a.out

Result:
==5903== 15 bytes in 1 blocks are definitely lost in loss record 1 of 1
==5903==    at 0x1B909222: malloc (vg_replace_malloc.c:130)
==5903==    by 0x1B8EB8C7: expand_dynamic_string_token (in /lib/ld-2.3.5.so)
==5903==    by 0x1B8EC410: _dl_map_object (in /lib/ld-2.3.5.so)
==5903==    by 0x1B8F5273: dl_open_worker (in /lib/ld-2.3.5.so)
==5903==    by 0x1B8F1C6D: _dl_catch_error (in /lib/ld-2.3.5.so)
==5903==    by 0x1B8F59C8: _dl_open (in /lib/ld-2.3.5.so)
==5903==    by 0x5ABD41: dlopen_doit (in /lib/libdl-2.3.5.so)
==5903==    by 0x1B8F1C6D: _dl_catch_error (in /lib/ld-2.3.5.so)
==5903==    by 0x5AC3E2: _dlerror_run (in /lib/libdl-2.3.5.so)
==5903==    by 0x5ABDD1: dlopen@@GLIBC_2.1 (in /lib/libdl-2.3.5.so)
==5903==    by 0x8048422: main (test.c:7)

I found this problem on Fedora Core 4 (glibc 2.3.5).

The problem seems to be that it allocates variable called realname (using
expand_dynamic_string_token) in _dl_map_object, but may call _dl_signal_error
later in the function without freeing the variable.  It looks like a variable
called name_copy has the same problem.

If that is the problem, then, looking at the source code for glibc 2.4, it looks
like the problem is still there.

-- 
           Summary: dlopen can leak small amounts of memory if it fails
           Product: glibc
           Version: 2.3.5
            Status: NEW
          Severity: minor
          Priority: P2
         Component: libc
        AssignedTo: drepper at redhat dot com
        ReportedBy: umbrook0 at cs dot umanitoba dot ca
                CC: glibc-bugs at sources dot redhat dot com


http://sourceware.org/bugzilla/show_bug.cgi?id=2451

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.


^ permalink raw reply	[flat|nested] 8+ messages in thread
end of thread, other threads:[~2007-01-19 19:20 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2006-03-13  4:43 [Bug libc/2451] New: dlopen can leak small amounts of memory if it fails umbrook0 at cs dot umanitoba dot ca
2006-03-13  4:43 ` [Bug libc/2451] " umbrook0 at cs dot umanitoba dot ca
2006-03-14 11:19 ` avuton at gmail dot com
2006-03-14 11:21 ` jakub at redhat dot com
2006-03-14 11:21 ` jakub at redhat dot com
2006-04-01 19:05 ` drepper at redhat dot com
2007-01-19 19:20 ` wtchang at redhat dot com
2007-01-19 19:20 ` wtchang at redhat dot com

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).