Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 06 Apr 2019 20:47:50 +0000
From:      bugzilla-noreply@freebsd.org
To:        bugs@FreeBSD.org
Subject:   [Bug 237064] Fix a memory leak in pw when invoked with -V or -R
Message-ID:  <bug-237064-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D237064

            Bug ID: 237064
           Summary: Fix a memory leak in pw when invoked with -V or -R
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: bin
          Assignee: bugs@FreeBSD.org
          Reporter: momchil@xaxo.eu

Created attachment 203432
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D203432&action=
=3Dedit
Proposed solution/patch

pw leaks memory when invoked with the -V  or -R arguments. The following
example leaks memory

  pw -V /etc usershow root

This does not leak any memory

  pw usershow root

The memory leak is more prominent when=20

  pw -V /etc usershow -a

is invoked as a portion of memory is leaked for each entry in the user tabl=
e.

The passwd and group structures are allocated with malloc() in vnextpwent()=
 and
vnextgrent() when the -V or -R options are used. These call pw_scan() and
gr_scan() which call pw_dup() and gr_dup(). The latter calls gr_add() which
does calls malloc(). Calls to GETPWENT(), GETPWNAM(), GETGRENT() and GETGRN=
AM()
are used to obtain the structures. These structures are not later released =
via
free(). The missing calls to free() are probably due the fact that they are=
 not
necessary when pw is not invoked with either -V or -R arguments. In this ca=
se
the functions vnextpwent() and vnextgrent() are not used. Instead, the
functions getpwent() and getgrent() are used. These do not require the user=
 to
free the structures.

The proposed solution: record the last structures provided by vnextpwent() =
and
vnextgrent() and free them upon consecutive calls. This solution is in the
spirit of getpwent() and getgrent().

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-237064-227>