[Bug 2938] New: minor memory leak during channel_init_channels()

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Wed Dec 5 03:09:46 AEDT 2018


https://bugzilla.mindrot.org/show_bug.cgi?id=2938

            Bug ID: 2938
           Summary: minor memory leak during channel_init_channels()
           Product: Portable OpenSSH
           Version: 7.9p1
          Hardware: ix86
                OS: All
            Status: NEW
          Severity: trivial
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: markus at blueflash.cc

Created attachment 3208
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3208&action=edit
patch to fix memory leak

Note: This is my first contribution to the openssh source and I'm
porting my findings from a macOS/Windows port back to the original
source. So please be gentle with my possible wrongdoings and errors.


In any case, I think this should be pretty straightforward:

In channels.c there is the channel_init_channels() function, which
initially callocates memory for the sc structure and immediately also
callocates and fills the sc->channel_pre and sc->channel_post pointer
members.

Then, after a few lines of code, it finally calls the
channel_handler_init(sc) function.

Now, the channel channel_handler_init() also callocates memory for pre
and post and finally assigns its pointers into the sc struct pointer
members.

        sc->channel_pre = pre;
        sc->channel_post = post;

However, at this point, sc->channel_pre and sc->channel_post are
already filled with the pointers to the memory blocks which
channel_init_channels() had allocated.

Thus these pointers get lost and the memory blocks leak.


Proposal: don't have chanell_init_channel() allocate these.  Let
channel_init_channels() do it.


A patch is attached.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list