[PATCH] Fix massive memory leak in read_line (PR middle-end/53510)
Richard Guenther
richard.guenther@gmail.com
Tue May 29 11:15:00 GMT 2012
On Tue, May 29, 2012 at 1:12 PM, Jakub Jelinek <jakub@redhat.com> wrote:
> Hi!
>
> As soon as line length goes over 200 bytes, read_line starts leaking
> memory (for line length x where x > 200 bytes it leaks
> ((1UL << ((x - 199) / 2)) - 1) * 200 bytes).
>
> This patch fixes it. As noted by Manuel, he copied that buggy code
> from gcov.c, so this fixes gcov too.
>
> Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk?
Ok.
Thanks,
Richard.
> 2012-05-29 Jakub Jelinek <jakub@redhat.com>
>
> PR middle-end/53510
> * input.c (read_line): Use XRESIZEVEC instead of XNEWVEC
> to avoid leaking memory. No need to handle memory allocation
> failure. Double string_len on each reallocation instead of
> adding 2.
> * gcov.c (read_line): Likewise.
>
> --- gcc/input.c.jj 2012-05-02 09:38:42.000000000 +0200
> +++ gcc/input.c 2012-05-29 09:22:05.123856883 +0200
> @@ -105,15 +105,8 @@ read_line (FILE *file)
> return string;
> }
> pos += len;
> - ptr = XNEWVEC (char, string_len * 2);
> - if (ptr)
> - {
> - memcpy (ptr, string, pos);
> - string = ptr;
> - string_len += 2;
> - }
> - else
> - pos = 0;
> + string = XRESIZEVEC (char, string, string_len * 2);
> + string_len *= 2;
> }
>
> return pos ? string : NULL;
> --- gcc/gcov.c.jj 2012-01-13 21:47:35.719634891 +0100
> +++ gcc/gcov.c 2012-05-29 10:30:21.862814065 +0200
> @@ -2219,15 +2219,8 @@ read_line (FILE *file)
> return string;
> }
> pos += len;
> - ptr = XNEWVEC (char, string_len * 2);
> - if (ptr)
> - {
> - memcpy (ptr, string, pos);
> - string = ptr;
> - string_len += 2;
> - }
> - else
> - pos = 0;
> + string = XRESIZEVEC (char, string, string_len * 2);
> + string_len *= 2;
> }
>
> return pos ? string : NULL;
>
> Jakub
More information about the Gcc-patches
mailing list