All users were logged out of Bugzilla on October 13th, 2018

FileMgr::FileMgr leaks st

RESOLVED FIXED

Status

()

--
minor
RESOLVED FIXED
9 years ago
3 months ago

People

(Reporter: timeless, Unassigned)

Tracking

(Blocks: 1 bug, {coverity, memory-leak})

Trunk
coverity, memory-leak
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

(URL)

(Reporter)

Description

9 years ago
51 FileMgr::FileMgr(const char * file, const char * key) {
55     if (!fin) {
56         // check hzipped file
57         char * st = (char *) malloc(strlen(file) + strlen(HZIP_EXTENSION));
58         if (st) {
59             strcpy(st, file);
60             strcat(st, HZIP_EXTENSION);
61             hin = new Hunzip(st, key);
62         }
63     }    

59 Hunzip::Hunzip(const char * file, const char * key) {
60     bufsiz = 0;
61     lastbit = 0;
62     inc = 0;
63     outc = 0;
64     dec = NULL;
65     filename = (char *) malloc(strlen(file) + 1);
66     if (filename) strcpy(filename, file);
67     if (getcode(key) == -1) bufsiz = -1;
68     else bufsiz = getbuf();
69 }
(Reporter)

Comment 1

9 years ago
While you're fixing this code, please note that the strlen math is bad:

Event buffer_alloc: Called allocating function "malloc" which allocated memory dictated by parameter "strlen(file) + strlen(&".hz")"
Event alloc_strlen: Allocated memory does not have space for the terminating NUL of the string
Event var_assign: Assigned "st" to storage allocated by "malloc(strlen(file) + strlen(&".hz"))"
57   	        char * st = (char *) malloc(strlen(file) + strlen(HZIP_EXTENSION));
At conditional (1): "st" taking true path
58   	        if (st) {
59   	            strcpy(st, file);
60   	            strcat(st, HZIP_EXTENSION);

Comment 2

9 years ago
FWIW these are fixed in hunspell CVS for 1.2.10
Depends on: 564608
Fixed by bug 564608
Status: NEW → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → FIXED
Blocks: 1230156
You need to log in before you can comment on or make changes to this bug.