[vdr] 1.3.22: memory leaks
Daniel THOMPSON
daniel.thompson at st.com
Wed Mar 30 10:34:14 CEST 2005
Stefan Huelswitt wrote:
> On 29 Mar 2005 Daniel THOMPSON <daniel.thompson at st.com> wrote:
>
> Hi,
>
>
>>There are routes through tComponent::FromString() that explicitly set
>>description to NULL without checking its value first (when n != 4). This
>>appears to me to be the leak.
>>
>>Running the following code it is obvious that glibc malloc'ed desc even
>>when desc is not converted.
>
>
> Wow, this is cool. How did you get the idea to search in that
> direction?
I got the idea from the reading your patch and the premise that it was
unlikely that there was a bug in glibc.
Put simply I *never* blame core software like glibc or the compiler for
bugs unless it is proved to me. These bits of software are so widely
used that while blaming them is not *always* wrong it usually saves a
lot of time to audit your own code first. Also I've met Ulrich Drepper
and wouldn't want to let him catch me blaming glibc for something it
didn't do.
> Anyways, I think the man page isn't very clear on this fact...
Agreed and I guess this is why the 'know your interfaces' maxim is so
important.
>>While that are more robust ways to handle the case then desc is NULL
>>(which for my glibc it never is) the above code is safe since both
>>isempty() and glibc's free() can safely handle NULL pointers.
>
> What about this?
>
> if (description!=NULL && (n != 4 || isempty(description)))
Looks fine to me. For belt and braces we should probably also assert
that description is NULL when we enter the call (or test it and free it).
--
Daniel Thompson (STMicroelectronics) <daniel.thompson at st.com>
1000 Aztec West, Almondsbury, Bristol, BS32 4SQ. 01454 462659
If a car is a horseless carriage then is a motorcycle a horseless horse?
More information about the vdr
mailing list