help-cfengine
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 2.1.17 memory leaks and other problems in cfservd

From: Mark Burgess
Subject: Re: 2.1.17 memory leaks and other problems in cfservd
Date: Thu, 22 Dec 2005 21:15:41 +0100 
It's great that you have these tools! THanks for this. I think the
important leak is occurring during connection. I have made some patches
to the svn and snapshot versions now (snapshot takes 1/2 hr to update).
If you have any way of testing the running code it would be great!!

M

On Thu, 2005-12-22 at 15:09 -0500, Joe Buehler wrote:
> Here are some memory leaks found with insure++.  They just cover
> cfservd startup; I haven't actually done anything with the
> running cfservd yet...
> 
> 1. AddAuthHostItem creates a list with SplitStringAsItemList
> but never frees the list.  Note that parts of the list are
> re-used (ip->name) so the list cannot just be wholesale deleted.
> 
> \"/home/project-releases/tmp/cfengine-2.1.17/src/install.c\", line 6243:
> (LEAK_SCOPE)
> >>       return;
> 
>   Memory leaked leaving scope: malloc(sizeof(struct Item))
> 
>   Lost block : 0x200d28d8 thru 0x200d28f7 (32 bytes)
>                malloc(sizeof(struct Item)), allocated at item.c, 316
>                           malloc()  (interface)
>                       AppendItem()  item.c, 316
>            SplitStringAsItemList()  item.c, 1138
>                  AddAuthHostItem()  install.c, 6231
>                  InstallAuthPath()  install.c, 6208
>                  InstallAuthItem()  install.c, 5164
>                 HandleServerRule()  parse.c, 909
>                            yylex()  cflex.l, 501
>                          yyparse()  bison.simple, 432
>                        ParseFile()  parse.c, 1051
>                   ParseInputFile()  parse.c, 82
>                             main()  cfservd.c, 144
>                          __start()  crt0main.s
> 
> 2. In cfservd.c:
> 
> if (StrStr(VSYSNAME.nodename,ToLowerStr(VDOMAIN)))
> 
> The problem is that StrStr() calls ToLowerStr() internally
> and that function returns a pointer to a static area.  ToLowerStr
> should be rewritten to use a buffer passed in as a parameter.
> 
> \"/home/project-releases/tmp/cfengine-2.1.17/src/cfservd.c\", line 416:
> (COPY_DANGLING)
> >> if (StrStr(VSYSNAME.nodename,ToLowerStr(VDOMAIN)))
> 
>   Copying dangling pointer: StrStr
> 
>   Pointer : 0x2ff1e324
>   In block: 0x2ff1e324 thru 0x2ff1f323 (4096 bytes)
>                   buf1, declared at patches.c, 59
>                    popped off stack at patches.c, 63
> 
>   Stack trace where the error occurred:
>                   CheckVariables()  cfservd.c, 416
>                             main()  cfservd.c, 148
>                          __start()  crt0main.s
> 
> 3. nodename[] may not have any '.' characters in it -- note that
> if I recall correctly it may not be null-terminated either.
> 
> \"/home/project-releases/tmp/cfengine-2.1.17/src/cfservd.c\", line 420:
> (READ_BAD_INDEX)
> >>    while(VSYSNAME.nodename[i++] != '.')
> 
>   Reading array out of range: VSYSNAME.nodename[i++]
> 
>   Index used : 32
> 
>   Valid range: 0 thru 31 (inclusive)
> 
>   Stack trace where the error occurred:
>                   CheckVariables()  cfservd.c, 420
>                             main()  cfservd.c, 148
>                          __start()  crt0main.s
reply via email to
[Prev in Thread] Current Thread [Next in Thread]