public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libc/19039] New: argp leaks memory when argp.options is a non-NULL array of zero length
@ 2015-10-01 0:43 kstauffer at gmail dot com
2015-10-01 0:57 ` [Bug libc/19039] " kstauffer at gmail dot com
2015-10-01 1:05 ` kstauffer at gmail dot com
0 siblings, 2 replies; 3+ messages in thread
From: kstauffer at gmail dot com @ 2015-10-01 0:43 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=19039
Bug ID: 19039
Summary: argp leaks memory when argp.options is a non-NULL
array of zero length
Product: glibc
Version: 2.24
Status: NEW
Severity: normal
Priority: P2
Component: libc
Assignee: unassigned at sourceware dot org
Reporter: kstauffer at gmail dot com
CC: drepper.fsp at gmail dot com
Target Milestone: ---
Created attachment 8662
--> https://sourceware.org/bugzilla/attachment.cgi?id=8662&action=edit
A simple parser with a non-NULL options array of length zero
Run the attached program under valgrind:
$ valgrind --leak-check=full --show-leak-kinds=all ./a --help
==23462== Memcheck, a memory error detector
==23462== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==23462== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
==23462== Command: ./a --help
==23462==
Usage: a [OPTION...]
-?, --help Give this help list
--usage Give a short usage message
==23462==
==23462== HEAP SUMMARY:
==23462== in use at exit: 407 bytes in 3 blocks
==23462== total heap usage: 10 allocs, 7 frees, 969 bytes allocated
==23462==
==23462== 0 bytes in 1 blocks are definitely lost in loss record 1 of 3
==23462== at 0x4C29E6F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==23462== by 0x4F22CDD: argp_hol (in /usr/lib/libc-2.22.so)
==23462== by 0x4F22E85: argp_hol (in /usr/lib/libc-2.22.so)
==23462== by 0x4F241F0: _help (in /usr/lib/libc-2.22.so)
==23462== by 0x4F24909: argp_state_help (in /usr/lib/libc-2.22.so)
==23462== by 0x4F24B89: argp_default_parser (in /usr/lib/libc-2.22.so)
==23462== by 0x4F259E6: argp_parse (in /usr/lib/libc-2.22.so)
==23462== by 0x400568: main (a.c:8)
==23462==
==23462== 1 bytes in 1 blocks are definitely lost in loss record 2 of 3
==23462== at 0x4C29E6F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==23462== by 0x4F22CEC: argp_hol (in /usr/lib/libc-2.22.so)
==23462== by 0x4F22E85: argp_hol (in /usr/lib/libc-2.22.so)
==23462== by 0x4F241F0: _help (in /usr/lib/libc-2.22.so)
==23462== by 0x4F24909: argp_state_help (in /usr/lib/libc-2.22.so)
==23462== by 0x4F24B89: argp_default_parser (in /usr/lib/libc-2.22.so)
==23462== by 0x4F259E6: argp_parse (in /usr/lib/libc-2.22.so)
==23462== by 0x400568: main (a.c:8)
==23462==
==23462== 406 bytes in 1 blocks are still reachable in loss record 3 of 3
==23462== at 0x4C29E6F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==23462== by 0x4F2512F: argp_parse (in /usr/lib/libc-2.22.so)
==23462== by 0x400568: main (a.c:8)
==23462==
==23462== LEAK SUMMARY:
==23462== definitely lost: 1 bytes in 2 blocks
==23462== indirectly lost: 0 bytes in 0 blocks
==23462== possibly lost: 0 bytes in 0 blocks
==23462== still reachable: 406 bytes in 1 blocks
==23462== suppressed: 0 bytes in 0 blocks
==23462==
==23462== For counts of detected and suppressed errors, rerun with: -v
==23462== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 0 from 0)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug libc/19039] argp leaks memory when argp.options is a non-NULL array of zero length
2015-10-01 0:43 [Bug libc/19039] New: argp leaks memory when argp.options is a non-NULL array of zero length kstauffer at gmail dot com
@ 2015-10-01 0:57 ` kstauffer at gmail dot com
2015-10-01 1:05 ` kstauffer at gmail dot com
1 sibling, 0 replies; 3+ messages in thread
From: kstauffer at gmail dot com @ 2015-10-01 0:57 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=19039
--- Comment #1 from Kenny Stauffer <kstauffer at gmail dot com> ---
The leaked memory is allocated here:
argp-help.c:make_hol
hol->entries = malloc (sizeof (struct hol_entry) * hol->num_entries);
hol->short_options = malloc (num_short_options + 1);
When argp.options points to an array of zero length, num_entries is 0.
The leak happens here:
argp-help.c:hol_free
if (hol->num_entries > 0)
{
free (hol->entries);
free (hol->short_options);
}
Of the many ways to fix this, perhaps the easiest would be to change make_hol
from this:
opts = argp.options;
...
if (opts)
To this:
opts = argp.options;
...
if (opts && ! oend (opts))
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug libc/19039] argp leaks memory when argp.options is a non-NULL array of zero length
2015-10-01 0:43 [Bug libc/19039] New: argp leaks memory when argp.options is a non-NULL array of zero length kstauffer at gmail dot com
2015-10-01 0:57 ` [Bug libc/19039] " kstauffer at gmail dot com
@ 2015-10-01 1:05 ` kstauffer at gmail dot com
1 sibling, 0 replies; 3+ messages in thread
From: kstauffer at gmail dot com @ 2015-10-01 1:05 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=19039
Kenny Stauffer <kstauffer at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |kstauffer at gmail dot com
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2015-10-01 1:05 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-10-01 0:43 [Bug libc/19039] New: argp leaks memory when argp.options is a non-NULL array of zero length kstauffer at gmail dot com
2015-10-01 0:57 ` [Bug libc/19039] " kstauffer at gmail dot com
2015-10-01 1:05 ` kstauffer at gmail dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).