[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Memleak in glob()
|
From: |
Tim Rühsen |
|
Subject: |
Memleak in glob() |
|
Date: |
Sat, 01 Jul 2017 20:44:27 +0200 |
|
User-agent: |
KMail/5.2.3 (Linux/4.9.0-3-amd64; KDE/5.28.0; x86_64; ; ) |
Hi,
fuzzing glob.c immediately discovered a leak.
At ~L600 in glob.c, 'dirname' is heap allocated.
It is free'd at label 'out', but some code paths directly return without
jumping there.
Attached is a patch fixing the issue for me, but just take it as a proof of
concept. You might prefer a different approach.
Regards, Tim
0001-Fix-memleak-in-glob.patch
Description: Text Data
signature.asc
Description: This is a digitally signed message part.
- Memleak in glob(),
Tim Rühsen <=
Re: Memleak in glob(), Paul Eggert, 2017/07/02