Closed Bug 557863 Opened 10 years ago Closed 10 years ago

FileMgr::FileMgr leaks st

Categories

(Core :: Spelling checker, defect, minor)

defect
Not set
minor

Tracking

()

RESOLVED FIXED

People

(Reporter: timeless, Unassigned)

References

(Blocks 1 open bug, )

Details

(Keywords: coverity, memory-leak)

51 FileMgr::FileMgr(const char * file, const char * key) {
55     if (!fin) {
56         // check hzipped file
57         char * st = (char *) malloc(strlen(file) + strlen(HZIP_EXTENSION));
58         if (st) {
59             strcpy(st, file);
60             strcat(st, HZIP_EXTENSION);
61             hin = new Hunzip(st, key);
62         }
63     }    

59 Hunzip::Hunzip(const char * file, const char * key) {
60     bufsiz = 0;
61     lastbit = 0;
62     inc = 0;
63     outc = 0;
64     dec = NULL;
65     filename = (char *) malloc(strlen(file) + 1);
66     if (filename) strcpy(filename, file);
67     if (getcode(key) == -1) bufsiz = -1;
68     else bufsiz = getbuf();
69 }
While you're fixing this code, please note that the strlen math is bad:

Event buffer_alloc: Called allocating function "malloc" which allocated memory dictated by parameter "strlen(file) + strlen(&".hz")"
Event alloc_strlen: Allocated memory does not have space for the terminating NUL of the string
Event var_assign: Assigned "st" to storage allocated by "malloc(strlen(file) + strlen(&".hz"))"
57   	        char * st = (char *) malloc(strlen(file) + strlen(HZIP_EXTENSION));
At conditional (1): "st" taking true path
58   	        if (st) {
59   	            strcpy(st, file);
60   	            strcat(st, HZIP_EXTENSION);
FWIW these are fixed in hunspell CVS for 1.2.10
Depends on: 564608
Fixed by bug 564608
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.