Bug#364037: libc6: memory leak in regcomp
Package: libc6
Version: 2.3.2.ds1-22sarge3
Severity: important
Hi, i found memory leak in regcomp.
If regcomp fail due to invalid regular expression containing opening
bracket"(" , 40 bytes are lost.
see example source:
--- tmp.c begins here ---
#include <regex.h>
int
main(int argc, char **argv)
{
regex_t preg;
for (;;)
{
regcomp(&preg, "(", REG_EXTENDED);
regfree(&preg);
//break;
}
return 0;
}
--- tmp.c ends here ---
bug exists on sarge i386, whith and without libc6-i686 installed.
Trying this on amd64 testing does not have memory leak.
--- ps output begins here ---
% while : ; do ps -C tmp o rsz,vsz,sz ; sleep 1 ; done
RSZ VSZ SZ
RSZ VSZ SZ
RSZ VSZ SZ
17080 18112 4528
RSZ VSZ SZ
52616 53752 13438
RSZ VSZ SZ
87880 88996 22249
RSZ VSZ SZ
123412 124504 31126
RSZ VSZ SZ
158848 159880 39970
RSZ VSZ SZ
194424 195520 48880
RSZ VSZ SZ
230280 231424 57856
RSZ VSZ SZ
265084 266140 66535
RSZ VSZ SZ
300124 301252 75313
RSZ VSZ SZ
334572 335704 83926
RSZ VSZ SZ
369112 370156 92539
^C
--- ps output ends here ---
--- valgrind output begins here ---
% valgrind --leak-check=full ./tmp
==6295== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 13 from 1)
==6295== malloc/free: in use at exit: 40 bytes in 1 blocks.
==6295== malloc/free: 6 allocs, 5 frees, 436 bytes allocated.
==6295== For counts of detected errors, rerun with: -v
==6295== searching for pointers to 1 not-freed blocks.
==6295== checked 77824 bytes.
==6295==
==6295== 40 bytes in 1 blocks are definitely lost in loss record 1 of 1
==6295== at 0x1B90459D: malloc (vg_replace_malloc.c:130)
==6295== by 0x1B9CD57B: (within /lib/tls/i686/cmov/libc-2.3.2.so)
==6295== by 0x1B9CAE62: (within /lib/tls/i686/cmov/libc-2.3.2.so)
==6295== by 0x1B9CAA3F: (within /lib/tls/i686/cmov/libc-2.3.2.so)
==6295== by 0x1B9CA615: (within /lib/tls/i686/cmov/libc-2.3.2.so)
==6295== by 0x1B9CA48D: (within /lib/tls/i686/cmov/libc-2.3.2.so)
==6295== by 0x1B9CA3AE: (within /lib/tls/i686/cmov/libc-2.3.2.so)
==6295== by 0x1B9C8DFC: (within /lib/tls/i686/cmov/libc-2.3.2.so)
==6295== by 0x1B9C8A94: regcomp (in /lib/tls/i686/cmov/libc-2.3.2.so)
==6295== by 0x80483EE: main (tmp.c:10)
==6295==
==6295== LEAK SUMMARY:
==6295== definitely lost: 40 bytes in 1 blocks.
==6295== possibly lost: 0 bytes in 0 blocks.
==6295== still reachable: 0 bytes in 0 blocks.
==6295== suppressed: 0 bytes in 0 blocks.
==6295== Reachable blocks (those to which a pointer was found) are not shown.
==6295== To see them, rerun with: --show-reachable=yes
%
--- valgrind output ends here ---
Regards,
Jamil Djadala
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-3-686
Locale: LANG=bg_BG, LC_CTYPE=bg_BG (charmap=CP1251)
Versions of packages libc6 depends on:
ii libdb1-compat 2.1.3-7 The Berkeley database routines [gl
-- no debconf information
Reply to: