Date: Tue, 10 Oct 2006 10:01:03 -0400 From: John Baldwin <jhb@freebsd.org> To: freebsd-current@freebsd.org Cc: "Sean C. Farley" <sean-freebsd@farley.org> Subject: Re: Fix for memory leak in setenv/unsetenv Message-ID: <200610101001.04286.jhb@freebsd.org> In-Reply-To: <20061006200320.T1063@baba.farley.org> References: <20061006200320.T1063@baba.farley.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Friday 06 October 2006 21:13, Sean C. Farley wrote: > Many a moon ago[1], I put together a patch to fix the leak in setenv() > and unsetenv(). A few months ago, I submitted a PR (kern/99826[2]) for > the final fix. I was wondering if anyone would take a look at it to see > if any changes are still warranted. The PR contains information about > the patch and sample programs to test it out. > > Thank you. > > Sean > 1. http://lists.freebsd.org/pipermail/freebsd-hackers/2005-February/010463.html > 2. http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/99826 This still won't work. The reason for the intentional leak is because of this code sequence: char *a; setenv("FOO", "0", 1); a = getenv("FOO"); setenv("FOO", "bar", 1); printf("FOO was %s\n", a); With the memory leak fixed this will use free'd memory. While this code may seem weird in a program, it actually is quite possible for a library to read and cache the value of an environment variable. If you didn't leave the leak around, the library could cause a crash if the main program (or another library) changed the environment variable the first library had a cached pointer to the value of. I know for one app at my last job we had a problem with this with TZ, and so we explicitly space padded the timezone name out to a fixed-size each time to avoid the leak. -- John Baldwin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200610101001.04286.jhb>