[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Memleak in glob()

From: Tim Rühsen
Subject: Re: Memleak in glob()
Date: Mon, 3 Jul 2017 11:05:21 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1

On 07/03/2017 01:22 AM, Paul Eggert wrote:
> On 07/01/2017 01:44 PM, Tim Rühsen wrote:
>> Hi,
>> fuzzing glob.c immediately discovered a leak.
>> At ~L600 in glob.c, 'dirname' is heap allocated.
>> It is free'd at label 'out', but some code paths directly return without
>> jumping there.
>> Attached is a patch fixing the issue for me, but just take it as a
>> proof of
>> concept. You might prefer a different approach.
>> Regards, Tim
> glob.c is taken from glibc, right? Have you investigated whether these
> problems have been reported and/or fixed in glibc?

I don't know if glibc takes the code from gnulib or the other way round.
But a quick look at [1] around L1012 looks like the same issue in glibc.

[1] https://code.woboq.org/userspace/glibc/posix/glob.c.html

Regards, Tim

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]