cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Crash/memory leak in http_proxy.c when custom memory manager callbacks are used

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Fri, 16 Nov 2012 14:25:07 +0100 (CET)

On Tue, 13 Nov 2012, Ajit Dhumale wrote:

> While investigating a memory leak, I observed that ¡http_proxy.c¢ calls
> ¡free¢ but does not include ¡curl_memory.h¢. When a custom memory manager is
> used (using curl_global_init_mem), memory allocation is done using the
> custom memory manager callbacks but ¡free¢ in http_proxy.c still uses the
> default ¡free¢ function. This could lead to either a crash or memory leak. I
> am attaching a patch which fixed the memory leak I observed.

Awesome find, thanks!

I took it a step further and did:

$ egrep -l '(free|malloc)\(' *.c > memory-users.txt
$ grep -l curl_memory.h `cat memory-users.txt` > memory-includers.txt
$ sort memory-includers.txt memory-users.txt | uniq -u

This fun game showed me totally 8 files which suffer from the same problem.
They use memory functions but they don't include curl_memory.h:

dict.c
gopher.c
http_proxy.c
idn_win32.c
md5.c
non-ascii.c
nwlib.c
strdup.c

Clearly we need to come up with a system that better yells at us when we
accidentally do this.

I think we have a similar flaw in that memdebug.h isn't always included
either, and both SHOULD be included in all .c files that use memory related
functions.

I'll need to think about this some more...

-- 
  / daniel.haxx.se

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2012-11-16