[lxc-devel] [PATCH lxcfs 3/5] fix leak in realloc loop in must_strcat_pid
Serge Hallyn
serge.hallyn at ubuntu.com
Fri Jan 8 09:26:10 UTC 2016
Quoting Wolfgang Bumiller (w.bumiller at proxmox.com):
>
> > On January 8, 2016 at 2:55 AM Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
> > Quoting Wolfgang Bumiller (w.bumiller at proxmox.com):
> > > Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
> > > ---
> > > lxcfs.c | 2 +-
> > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > >
> > > diff --git a/lxcfs.c b/lxcfs.c
> > > index 8605000..d738e79 100644
> > > --- a/lxcfs.c
> > > +++ b/lxcfs.c
> > > @@ -87,7 +87,7 @@ static void must_strcat_pid(char **src, size_t *sz, size_t
> > > *asz, pid_t pid)
> > > *asz = BUF_RESERVE_SIZE;
> > > } else if (tmplen + *sz + 1 >= *asz) {
> > > do {
> > > - d = realloc(d, *asz + BUF_RESERVE_SIZE);
> > > + d = realloc(*src, *asz + BUF_RESERVE_SIZE);
> >
> > D'oh. This needed to not deref src :) Shoulda spotted that right away.
> > (Pushing the fix to git)
>
> Actually no, it's a pointer-to-src at this point (char**).
> Previously it was 'd' which is:
> | char *d = *src;
> | ^~~~
>
> So here the '*' is required.
Hm, yes, that makes sense (looking at too many *s), but with
the *src it was segving, and with 'src' it does not. I'm going
to sleep right now, but if you can figure out why this would
segv (cat /var/lib/lxcfs/procuptime sufficed iirc) please shout,
else I'll look in the morming.
More information about the lxc-devel
mailing list