So although "al" itself is static variable, its field "device"
points to dynamically allocated memory (in this case, allocated
by strdup()). Thus the old memory allocated for al->device need
to be freed before new memory is allocated for al->device.
In fact, parasoft's insure++ reports a memory leak at this strdup()
which is where I come from.
I did the following patch and it seems the "memory leak" is gone:
[libnet_if_addr.c]
238
+ if (al->device) free(al->device);
239 if ((al->device = strdup(device)) == NULL)
240 {
241 snprintf(errbuf, LIBNET_ERRBUF_SIZE,
242 "%s(): strdup not enough memory\n", __func__);
243 return(-1);
244 }
Thanks
Kevin
--- Frédéric Raynal <pappy-ml (at) security-labs (dot) org [email concealed]> wrote:
> Hello
>
> On Mon, Apr 05, 2004 at 06:08:12PM -0700, hekaddr-reg (at) yahoo (dot) com [email concealed] wrote:
> > Hi Mike,
> >
> > It seems the following "strdup" is a memory leak
> >
> > libnet-1.1.2:
> >
> > [libnet_if_addr.c]
> > 238
> > 239 if ((al->device = strdup(device)) == NULL)
> > 240 {
> > 241 snprintf(errbuf, LIBNET_ERRBUF_SIZE,
> > 242 "%s(): strdup not enough memory\n", __func__);
> > 243 return(-1);
> > 244 }
> >
> >
> > Should we do a "free" before each strdup() except when al->device
> > is NULL ?
> >
>
> I dont think so : al is a pointer on a static array of structures.
> It can easily be checked with valgrind for instance ... but as I am on
> vacation and connected on a Mac OS X through a 56k line, I'll let that
> to the reader as an exercise ;-)
>
>
> Fred Raynal
>
"AL" is a structure of the following type:
struct libnet_ifaddr_list
{
u_int32_t addr;
int8_t *device;
};
So although "al" itself is static variable, its field "device"
points to dynamically allocated memory (in this case, allocated
by strdup()). Thus the old memory allocated for al->device need
to be freed before new memory is allocated for al->device.
In fact, parasoft's insure++ reports a memory leak at this strdup()
which is where I come from.
I did the following patch and it seems the "memory leak" is gone:
[libnet_if_addr.c]
238
+ if (al->device) free(al->device);
239 if ((al->device = strdup(device)) == NULL)
240 {
241 snprintf(errbuf, LIBNET_ERRBUF_SIZE,
242 "%s(): strdup not enough memory\n", __func__);
243 return(-1);
244 }
Thanks
Kevin
--- Frédéric Raynal <pappy-ml (at) security-labs (dot) org [email concealed]> wrote:
> Hello
>
> On Mon, Apr 05, 2004 at 06:08:12PM -0700, hekaddr-reg (at) yahoo (dot) com [email concealed] wrote:
> > Hi Mike,
> >
> > It seems the following "strdup" is a memory leak
> >
> > libnet-1.1.2:
> >
> > [libnet_if_addr.c]
> > 238
> > 239 if ((al->device = strdup(device)) == NULL)
> > 240 {
> > 241 snprintf(errbuf, LIBNET_ERRBUF_SIZE,
> > 242 "%s(): strdup not enough memory\n", __func__);
> > 243 return(-1);
> > 244 }
> >
> >
> > Should we do a "free" before each strdup() except when al->device
> > is NULL ?
> >
>
> I dont think so : al is a pointer on a static array of structures.
> It can easily be checked with valgrind for instance ... but as I am on
> vacation and connected on a Mac OS X through a 56k line, I'll let that
> to the reader as an exercise ;-)
>
>
> Fred Raynal
>
[ reply ]