[PATCH FOR REVIEW] Potential Buffer Overflow in java_props_md.c (original) (raw)
Andrew Hughes ahughes at redhat.com
Fri Aug 3 15:59:56 UTC 2012
- Previous message: [PATCH FOR REVIEW] Potential Buffer Overflow in java_props_md.c
- Next message: [PATCH FOR REVIEW] Potential Buffer Overflow in java_props_md.c
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
----- Original Message -----
On 02/08/2012 03:14, David Holmes wrote: > Andrew et al, > > AFAICS here: > > 220 encodingvariant = malloc(strlen(temp)+1); > 221 if (encodingvariant == NULL) { > 222 JNUThrowOutOfMemoryError(env, NULL); > 223 return 0; > 224 } > > we also need to do free(temp). Similarly later where we return with > OOM due to realloc failure, don't we also need to free what was > previously malloc'd? > > David I see there are follow-on mails to this but just to say that this is System.initProperties time so if there is a malloc failure this early in startup then it will cause the VM initialization to fail. So for completeness (and perhaps native memory leak detection tools) then I agree but if we do have problems here then we aren't go to go very far.
This was my thinking too when I first spotted it. I've now posted a webrev following David's suggestions.
-Alan.
-- Andrew :)
Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com)
PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07
- Previous message: [PATCH FOR REVIEW] Potential Buffer Overflow in java_props_md.c
- Next message: [PATCH FOR REVIEW] Potential Buffer Overflow in java_props_md.c
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]