Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

Re: PATCH 13/17: anon funcs: don't leak shf when ctrl-c in () {:} =(sleep 1)

X-seq: zsh-workers 34129
From: Mikael Magnusson <mikachu@xxxxxxxxx>
To: Peter Stephenson <p.stephenson@xxxxxxxxxxx>
Subject: Re: PATCH 13/17: anon funcs: don't leak shf when ctrl-c in () {:} =(sleep 1)
Date: Tue, 6 Jan 2015 11:14:12 +0100
Cc: zsh workers <zsh-workers@xxxxxxx>
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=4OQIk19z9nTqQIRto+8nhccjEVyF6BM0nTCC+De/cT8=; b=cssz5ChekFyVhdqcqUP6Kp4a6UAZvKyVWEXcjJqChJiV54TXo9mAh7iJFprTDXc3OD Q4c1Q3YkNAGxbOonBE9kUOc9DBOZT34hOhccKUX7yf8CnAJ9NJm7wpJeW8hxjBq7G67F coOZaz4VdUhKmWnZvPaOf/ukX0TzRXkYVIUVfN8yZHmh1bK4CgjPwo5YK/GN0zV64crJ 83TMp9ozq7kexFYOvGiGXjoT/hYSj82ZcoXRN98oL82a7gEFFlN20A8zJFbCpteXMxN4 iblBBDylaZNRzi8LqMe8afUpXGE83eIuYkFYvgRmYkeCv6DEBuARLMC6SsTRaPPRr8s3 Y2jA==
In-reply-to: <20150106095449.081ed9a5@pwslap01u.europe.root.pri>
List-help: <mailto:zsh-workers-help@zsh.org>
List-id: Zsh Workers List <zsh-workers.zsh.org>
List-post: <mailto:zsh-workers@zsh.org>
Mailing-list: contact zsh-workers-help@xxxxxxx; run by ezmlm
References: <1420521949-30483-1-git-send-email-mikachu@gmail.com> <1420521949-30483-14-git-send-email-mikachu@gmail.com> <20150106095449.081ed9a5@pwslap01u.europe.root.pri>

On Tue, Jan 6, 2015 at 10:54 AM, Peter Stephenson
<p.stephenson@xxxxxxxxxxx> wrote:
> On Tue, 6 Jan 2015 06:25:45 +0100
> Mikael Magnusson <mikachu@xxxxxxxxx> wrote:
>> Found by Coverity (Issue 439076).
>> ---
>>  Src/exec.c | 2 ++
>>  1 file changed, 2 insertions(+)
>>
>> diff --git a/Src/exec.c b/Src/exec.c
>> index 6b93008..207e8c1 100644
>> --- a/Src/exec.c
>> +++ b/Src/exec.c
>> @@ -4461,6 +4461,8 @@ execfuncdef(Estate state, Eprog redir_prog)
>>           if (htok && args) {
>>               execsubst(args);
>>               if (errflag) {
>> +                 zsfree(shf->filename);
>> +                 zfree(shf, sizeof(*shf));
>>                   state->pc = end;
>>                   return 1;
>>               }
>
> Can't see how that can be wrong.  Nothing else can take owernship of
> shf in the error case.

I think what I was unsure of in this one, but forgot to write, is if
freeeprog(shf->funcdef) should also be called here? It looks like for
!names, it's all allocated on the heap, but then the non-error path
does free it explicitly anyway (and it looked like freeeprog just
doesn't touch it if it was on the heap), is that just paranoia? And
likewise for shf->redir. And since we have all these heap vs malloc
checks already, why not use zhalloc for shf too? Although the code
might end up neater if we just always do the malloc + free regardless
since there's a bunch of almost-identical code for that stuff.

-- 
Mikael Magnusson

Follow-Ups:
- Re: PATCH 13/17: anon funcs: don't leak shf when ctrl-c in () {:} =(sleep 1)
  - From: Peter Stephenson

References:
- Some valgrind patches
  - From: Mikael Magnusson
- PATCH 13/17: anon funcs: don't leak shf when ctrl-c in () {:} =(sleep 1)
  - From: Mikael Magnusson
- Re: PATCH 13/17: anon funcs: don't leak shf when ctrl-c in () {:} =(sleep 1)
  - From: Peter Stephenson

Messages sorted by: Reverse Date, Date, Thread, Author