[gnutls-devel] GnuTLS | getline() functions calls' result handling (#1573)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Mon Aug 19 08:57:52 CEST 2024
Ekaterina Zilotina created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1573
In result of static analyse of gnutls source code I found error with "memory leak" category there:
file **certtool-cfg.c** in lines [623](https://gitlab.com/gnutls/gnutls/-/blob/master/src/certtool-cfg.c#L623), [649](https://gitlab.com/gnutls/gnutls/-/blob/master/src/certtool-cfg.c#L649) and [791](https://gitlab.com/gnutls/gnutls/-/blob/master/src/certtool-cfg.c#L791) contains calls of **`getline()`**. Of course, there are checks of return values there which loks like that:
```
char *lineptr = NULL;
size_t linesize = 0;
...
ret = getline(&lineptr, &linesize, stdin);
if (ret == -1)
return ...;
```
But [docs says](https://pubs.opengroup.org/onlinepubs/9799919799/functions/getline.html#:\~:text=If%20\*lineptr%20is,the%20new%20size.) that when we using **`getline()`** with lineptr==NULL and linesize==0 the memory will be allocated. In case when [getdelim()](https://gitlab.com/libidn/gnulib-mirror/-/blob/bd1e981434c98751b1106a1744e77a27317b52b3/lib/getdelim.c#L63) returns whith negative value (error means) we just exit with no memory clearing. By this I have a question: how about to add **`free(lineptr)`** in blocks of **`ret`** checking after getline call?
There are similar call in file [**cli.c**](https://gitlab.com/gnutls/gnutls/-/blob/master/src/cli.c#L1920)
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1573
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20240819/6c94904a/attachment.html>
More information about the Gnutls-devel
mailing list