Uploaded image for project: 'MariaDB Connector/C'
  1. MariaDB Connector/C
  2. CONC-626

memory leak on realloc (mariadb_stmt.c)

    XMLWordPrintable

Details

    Description

      From cppcheck and seems to be correct.

      /home/dan/repos/mariadb-server-10.11/libmariadb/libmariadb/mariadb_stmt.c:749:13: error: Common realloc mistake: 'start' nulled but not freed upon failure [memleakOnRealloc]
            if (!(start= (uchar *)realloc(start, length)))
                  ^
      /home/dan/repos/mariadb-server-10.11/libmariadb/libmariadb/mariadb_stmt.c:772:15: error: Common realloc mistake: 'start' nulled but not freed upon failure [memleakOnRealloc]
              if (!(start= (uchar *)realloc(start, length)))
                    ^
      /home/dan/repos/mariadb-server-10.11/libmariadb/libmariadb/mariadb_stmt.c:842:15: error: Common realloc mistake: 'start' nulled but not freed upon failure [memleakOnRealloc]
              if (!(start= (uchar *)realloc(start, length)))
                    ^
      /home/dan/repos/mariadb-server-10.11/libmariadb/libmariadb/mariadb_stmt.c:967:15: error: Common realloc mistake: 'start' nulled but not freed upon failure [memleakOnRealloc]
              if (!(start= (uchar *)realloc(start, length)))
                    ^
      /home/dan/repos/mariadb-server-10.11/libmariadb/libmariadb/mariadb_stmt.c:1053:17: error: Common realloc mistake: 'start' nulled but not freed upon failure [memleakOnRealloc]
                if (!(start= (uchar *)realloc(start, length)))
                      ^
      

      Fixes of the form:

      diff --git a/libmariadb/mariadb_stmt.c b/libmariadb/mariadb_stmt.c
      index 4e77b5c..db129cf 100644
      --- a/libmariadb/mariadb_stmt.c
      +++ b/libmariadb/mariadb_stmt.c
      @@ -1049,9 +1049,11 @@ unsigned char* ma_stmt_execute_generate_bulk_request(MYSQL_STMT *stmt, size_t *r
               if (free_bytes < size + 20)
               {
                 size_t offset= p - start;
      +         char *new_start;
                 length= MAX(2 * length, offset + size + 20);
      -          if (!(start= (uchar *)realloc(start, length)))
      +          if (!(new_start= (uchar *)realloc(start, length)))
                   goto mem_error;
      +         start= new_start;
                 p= start + offset;
               }
       
      

      Attachments

        Activity

          People

            georg Georg Richter
            danblack Daniel Black
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.