Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

Memory leak in math expression parser

X-seq: zsh-workers 53737
From: Ben Kallus <benjamin.p.kallus.gr@xxxxxxxxxxxxx>
To: zsh-workers@xxxxxxx
Subject: Memory leak in math expression parser
Date: Thu, 5 Jun 2025 23:25:55 -0400
Archived-at: <https://zsh.org/workers/53737>
List-id: <zsh-workers.zsh.org>

Hi everyone,

Zsh leaks 24 bytes when you run the following command:
```
zsh -c '$((\(<< 0))'
```

You can see this by building zsh from source with ASan, then running
the command. You should get an error like this:

Direct leak of 24 byte(s) in 1 object(s) allocated from:
    #0 0x7c5ebbb20e15 in malloc
/usr/src/debug/gcc/gcc/libsanitizer/asan/asan_malloc_linux.cpp:67
    #1 0x5b6e492c261c in zalloc /home/bkallus/clones/zsh/Src/mem.c:966
    #2 0x5b6e493559b9 in par_redir /home/bkallus/clones/zsh/Src/parse.c:2288
    #3 0x5b6e49352fc1 in par_simple /home/bkallus/clones/zsh/Src/parse.c:1996
    #4 0x5b6e4934aab0 in par_cmd /home/bkallus/clones/zsh/Src/parse.c:1050
    #5 0x5b6e493495f7 in par_pline /home/bkallus/clones/zsh/Src/parse.c:897
    #6 0x5b6e49349583 in par_sublist2 /home/bkallus/clones/zsh/Src/parse.c:878
    #7 0x5b6e49348e85 in par_sublist /home/bkallus/clones/zsh/Src/parse.c:827
    #8 0x5b6e493485b3 in par_list /home/bkallus/clones/zsh/Src/parse.c:779
    #9 0x5b6e4934f364 in par_subsh /home/bkallus/clones/zsh/Src/parse.c:1624
    #10 0x5b6e4934a8f5 in par_cmd /home/bkallus/clones/zsh/Src/parse.c:1009
    #11 0x5b6e493495f7 in par_pline /home/bkallus/clones/zsh/Src/parse.c:897
    #12 0x5b6e49349583 in par_sublist2 /home/bkallus/clones/zsh/Src/parse.c:878
    #13 0x5b6e49348e85 in par_sublist /home/bkallus/clones/zsh/Src/parse.c:827
    #14 0x5b6e49347326 in par_event /home/bkallus/clones/zsh/Src/parse.c:647
    #15 0x5b6e49347136 in parse_event /home/bkallus/clones/zsh/Src/parse.c:618
    #16 0x5b6e4929bcdc in skipcomm /home/bkallus/clones/zsh/Src/lex.c:2236
    #17 0x5b6e49291eda in cmd_or_math_sub /home/bkallus/clones/zsh/Src/lex.c:572
    #18 0x5b6e49294cf5 in gettokstr /home/bkallus/clones/zsh/Src/lex.c:1035
    #19 0x5b6e492941f3 in gettok /home/bkallus/clones/zsh/Src/lex.c:919
    #20 0x5b6e4928fd4d in zshlex /home/bkallus/clones/zsh/Src/lex.c:275
    #21 0x5b6e49347aa6 in parse_list /home/bkallus/clones/zsh/Src/parse.c:699
    #22 0x5b6e4919aa65 in parse_string /home/bkallus/clones/zsh/Src/exec.c:296
    #23 0x5b6e491a5c94 in execstring /home/bkallus/clones/zsh/Src/exec.c:1244
    #24 0x5b6e4925b3d9 in init_misc /home/bkallus/clones/zsh/Src/init.c:1536
    #25 0x5b6e492607e1 in zsh_main /home/bkallus/clones/zsh/Src/init.c:1917
    #26 0x5b6e49113068 in main main.c:93
    #27 0x7c5ebb8376b4  (/usr/lib/libc.so.6+0x276b4) (BuildId:
468e3585c794491a48ea75fceb9e4d6b1464fc35)
    #28 0x7c5ebb837768 in __libc_start_main
(/usr/lib/libc.so.6+0x27768) (BuildId:
468e3585c794491a48ea75fceb9e4d6b1464fc35)
    #29 0x5b6e49112f74 in _start
(/home/bkallus/clones/zsh/Src/zsh+0x3c6f74) (BuildId:
b42f9dca998f30ca5e656767d1f64762fd7e7b57)

SUMMARY: AddressSanitizer: 24 byte(s) leaked in 1 allocation(s).

Platform info:
linux 6.14.7
glibc 2.41
zsh built from source at commit 4171ca56481387db79649933c442f6b1f7b6ca7c

Thank you!
Ben

Follow-Ups:
- Re: Memory leak in math expression parser
  - From: Peter Stephenson

Messages sorted by: Reverse Date, Date, Thread, Author