Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 06 Apr 2019 20:47:50 +0000
From:      bugzilla-noreply@freebsd.org
To:        bugs@FreeBSD.org
Subject:   [Bug 237064] Fix a memory leak in pw when invoked with -V or -R
Message-ID:  <bug-237064-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | raw e-mail 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=237064

            Bug ID: 237064
           Summary: Fix a memory leak in pw when invoked with -V or -R
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: bin
          Assignee: bugs@FreeBSD.org
          Reporter: momchil@xaxo.eu

Created attachment 203432
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=203432&action=edit
Proposed solution/patch

pw leaks memory when invoked with the -V  or -R arguments. The following
example leaks memory

  pw -V /etc usershow root

This does not leak any memory

  pw usershow root

The memory leak is more prominent when 

  pw -V /etc usershow -a

is invoked as a portion of memory is leaked for each entry in the user table.

The passwd and group structures are allocated with malloc() in vnextpwent() and
vnextgrent() when the -V or -R options are used. These call pw_scan() and
gr_scan() which call pw_dup() and gr_dup(). The latter calls gr_add() which
does calls malloc(). Calls to GETPWENT(), GETPWNAM(), GETGRENT() and GETGRNAM()
are used to obtain the structures. These structures are not later released via
free(). The missing calls to free() are probably due the fact that they are not
necessary when pw is not invoked with either -V or -R arguments. In this case
the functions vnextpwent() and vnextgrent() are not used. Instead, the
functions getpwent() and getgrent() are used. These do not require the user to
free the structures.

The proposed solution: record the last structures provided by vnextpwent() and
vnextgrent() and free them upon consecutive calls. This solution is in the
spirit of getpwent() and getgrent().

-- 
You are receiving this mail because:
You are the assignee for the bug.
help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-237064-227>