From owner-freebsd-bugs Thu Mar 21 12:50:19 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 6C86D37B41A for ; Thu, 21 Mar 2002 12:50:02 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g2LKo2U34123; Thu, 21 Mar 2002 12:50:02 -0800 (PST) (envelope-from gnats) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 9434F37B400 for ; Thu, 21 Mar 2002 12:46:49 -0800 (PST) Received: (from nobody@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g2LKknv33411; Thu, 21 Mar 2002 12:46:49 -0800 (PST) (envelope-from nobody) Message-Id: <200203212046.g2LKknv33411@freefall.freebsd.org> Date: Thu, 21 Mar 2002 12:46:49 -0800 (PST) From: Jiu Zheng To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-1.0 Subject: bin/36175: Vsnprintf causes memeory leak Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 36175 >Category: bin >Synopsis: Vsnprintf causes memeory leak >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Mar 21 12:50:02 PST 2002 >Closed-Date: >Last-Modified: >Originator: Jiu Zheng >Release: 4.x >Organization: St Bernard Software >Environment: FreeBSD sunrise.rapid.stbernard.com 4.2-RELEASE FreeBSD 4.2-RELEASE #2: Fri Jan 19 09:29:10 PST 2001 jiu@sunrise.ipinc.com:/usr/src/sys/compile/SUNRISE i386 >Description: *Each time* vsnprintf is called with str == NULL, 1K of memory is allocted and never get freed. This can cause memory leak for certain applications. For example, in the recent Samba 3.0 alpha release, there is such a line len = vsnprintf(NULL, 0, fmt, ap); used to calculate the length of the string. Then a serious memery leak is caused in winbindd (a deamon as a part of samba package). I noticed in revision 1.15 of vsnprintf (CVS) the author said "revert freeing of memory that gets allocated when str == NULL (this will be fixed in a better way)" I am not sure the author really means to allocate 1M of memory if the function is called in such a way 1000 times in a program. I think this should get fix ASAP. Thank you. >How-To-Repeat: Just compile and run the following; and see the prog size grows #include #include void do_print(char const *fmt, ...) { int len; va_list ap; va_start(ap, fmt); len = vsnprintf(NULL, 0, fmt, ap); va_end(ap); } int main() { while(1) do_print("bad\n"); } >Fix: The author, assar, must know >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message