* regex: avoid memory leak
@ 2019-07-24 3:03 Bruno Haible
2019-07-26 7:03 ` Paul Eggert
0 siblings, 1 reply; 3+ messages in thread
From: Bruno Haible @ 2019-07-24 3:03 UTC (permalink / raw)
To: bug-gnulib
Can someone please review this?
2019-07-23 Bruno Haible <bruno@clisp.org>
regex: Avoid memory leak.
Reported by Coverity (CID 1484201).
* lib/regex_internal.c (create_cd_newstate): Free newstate if we cannot
allocate newstate->entrance_nodes.
diff --git a/lib/regex_internal.c b/lib/regex_internal.c
index 9004ce8..02b2e09 100644
--- a/lib/regex_internal.c
+++ b/lib/regex_internal.c
@@ -1724,7 +1724,10 @@ create_cd_newstate (const re_dfa_t *dfa, const re_node_set *nodes,
}
if (re_node_set_init_copy (newstate->entrance_nodes, nodes)
!= REG_NOERROR)
- return NULL;
+ {
+ free_state (newstate);
+ return NULL;
+ }
nctx_nodes = 0;
newstate->has_constraint = 1;
}
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: regex: avoid memory leak
2019-07-24 3:03 regex: avoid memory leak Bruno Haible
@ 2019-07-26 7:03 ` Paul Eggert
2019-07-28 15:31 ` Bruno Haible
0 siblings, 1 reply; 3+ messages in thread
From: Paul Eggert @ 2019-07-26 7:03 UTC (permalink / raw)
To: Bruno Haible; +Cc: bug-gnulib
I think there's a related memory bug nearby. See:
https://sourceware.org/bugzilla/show_bug.cgi?id=24844
glibc is currently frozen, and I plan to install that patch into glibc after the
next glibc release comes out, and then propagate the patch into gnulib. Comments
welcome.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: regex: avoid memory leak
2019-07-26 7:03 ` Paul Eggert
@ 2019-07-28 15:31 ` Bruno Haible
0 siblings, 0 replies; 3+ messages in thread
From: Bruno Haible @ 2019-07-28 15:31 UTC (permalink / raw)
To: Paul Eggert; +Cc: bug-gnulib
Hi Paul,
> I think there's a related memory bug nearby. See:
>
> https://sourceware.org/bugzilla/show_bug.cgi?id=24844
Good catch. Yes, when looking at the definitions of free_state,
re_node_set_free, re_free, it's clear that storing NULL in
newstate->entrance_nodes is going to cause a crash.
Bruno
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-07-28 15:31 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-07-24 3:03 regex: avoid memory leak Bruno Haible
2019-07-26 7:03 ` Paul Eggert
2019-07-28 15:31 ` Bruno Haible
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).