Bug #2584
closedPatch for Resource leak
Description
- lighttpd-1.4.35/src/lemon.c
Bug Type: Resource leak
Description: memory is assigned to path in pathsearch(), and then path is returned to tpltname. If fopen() fails to
open template file, then it should be freed before going this memory out of scope. Currently It is not
handled in case of failure.
- lighttpd-1.4.35/src/configfile.c
Bug Type: Dereference null return value
Description: configparserAlloc() will return null if malloc() fails, so there should be check if pParser is null or
not before using it.
- lighttpd-1.4.35/src/http_auth.c
Bug Type: Dereference null return value
Description: array_get_element() may return null, so there should be null check before using it.
- lighttpd-1.4.35/src/keyvalue.c
Bug Type: Dereference null return value
Description: realloc() may fails to allocate memory, will return null. So there should be check before using it.
- lighttpd-1.4.35/src/mod_accesslog.c
Bug Type: Dereference null return value
Description: realloc() may fails to allocate memory, will return null. So there should be check before using it.
- lighttpd-1.4.35/src/mod_auth.c
Bug Type: Dereference null return value
Description: array_get_element() may return null, so there should be null check before using it.
- lighttpd-1.4.35/src/mod_dirlisting.c
Bug Type: Dereference null return value
Description: realloc() may fails to allocate memory, will return null. So there should be check before using it.
- lighttpd-1.4.35/src/mod_rewrite.c
Bug Type: Dereference null return value
Description: realloc() may fails to allocate memory, will return null. So there should be check before using it.
- lighttpd-1.4.35/src/mod_ssi_expr.c
Bug Type: Dereference null return value
Description: ssiexprparserAlloc() will return null if malloc() fails, so there should be check if pParser is null
or not before using it.
Files
Updated by shashank1.m over 10 years ago
- File lightty_patch.patch lightty_patch.patch added
- Status changed from New to Patch Pending
Updated by stbuehler over 10 years ago
Hi, thx for bringing these problems to our attention. I'll answer here too for #2581, #2582 and #2583, because I can't see a logical reason to split them.
lemon.c
: this is just a parser generator; we don't care much about resource leaks or how to handle alloc failures (abort() or segfault.. whatever)get_http_version_name
andget_http_method_name
: if these return NULL there is something seriously wrong (most likely a memory corruption) - "ignoring" this is imho a very bad idea; i'd rather segfault (or `force_assert`).http_auth.c
: mod_auth checks those two lookups are good at "configure" stage; if these break later there must be some serious problem; again I prefer a segfault or assert- ignoring a `realloc` failure leaks memory!
- allocations should probably be checked with `force_assert`; if you can't allocate memory anymore it is very likely you get killed by the kernel soon anyway
I can't see anything serious in these reports; I probably should take a look at them again after I completed the work on my branch http://git.lighttpd.net/lighttpd/lighttpd-1.x.git/log/?h=lighttpd-1.4.x-stbuehler-api-cleanup
Updated by shashank1.m over 10 years ago
- File lighttpd_new_patch.patch lighttpd_new_patch.patch added
Thanks for your input.
As per your suggestions I am attaching new patch. Please review.
Updated by stbuehler over 9 years ago
- Target version changed from 1.4.36 to 1.4.37
Updated by stbuehler over 9 years ago
- Target version changed from 1.4.37 to 1.4.38
Updated by stbuehler about 9 years ago
- Target version changed from 1.4.38 to 1.4.39
Updated by stbuehler almost 9 years ago
- Target version changed from 1.4.39 to 1.4.40
Updated by gstrauss almost 9 years ago
See recent comments in https://redmine.lighttpd.net/issues/2583
In the past few months, there have been numerous commits sprinkling more force_assert()s in the code.
Is this ticket a generic placeholder, or can this ticket be closed?
Updated by stbuehler almost 9 years ago
- Has duplicate Bug #2581: Dereference a null pointer added
Updated by gstrauss almost 9 years ago
x-ref: https://redmine.lighttpd.net/boards/3/topics/6333 offers a large patch which adds lots of force_assert() for many/all memory allocations. That patch might be useful for debugging memory issues, but probably shouldn't be applied using force_assert(), which is always active at runtime. Maybe a debug_mem_assert() which could be enabled with a make macro/define?
Updated by gstrauss over 8 years ago
- Status changed from Patch Pending to Fixed
The specific items identified in lighttpd_new_patch.patch have been addressed.
Also available in: Atom