Fix a leak in libdpkg when querying the deb_packages table #6892
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
libdpkg is leaking memory on every initialization. Initialization happens everytime deb_packages gets queried. The memory leaked is allocated for the "triggersdir" global variable by "dpkg_db_get_path" called in "trigdef_update_start". "trigdef_update_start" is called by "trig_incorporate" just after the memory for "triggersdir" has been allocated. In some occasions "trigdef_update_start" is also called two times in a row. In all these cases the memory do not get deallocated in between calls, so the old memory is lost. Since the result of "dpkg_db_get_path" depends on the database dir that has been set, and in the "trigdef_update_start" function it's not possible to know if it has changed from the previous allocation or not, it's necessary to always deallocate vs just avoid to call "dpkg_db_get_path". Fix also a couple of other leaks on error.
theopolis
approved these changes
Jan 10, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
libdpkg is leaking memory on every initialization.
Initialization happens everytime deb_packages gets queried.
The memory leaked is allocated for the "triggersdir"
global variable by "dpkg_db_get_path" called in "trigdef_update_start".
"trigdef_update_start" is called by "trig_incorporate" just after
the memory for "triggersdir" has been allocated.
In some occasions "trigdef_update_start" is also called two times in a
row. In all these cases the memory do not get deallocated in between calls,
so the old memory is lost.
Since the result of "dpkg_db_get_path" depends on the database dir that
has been set, and in the "trigdef_update_start" function it's not possible
to know if it has changed from the previous allocation or not,
it's necessary to always deallocate vs just avoid to call "dpkg_db_get_path".
Fix also a couple of other leaks on error.
Fixes: #6327
This was often hit by oss-fuzz too, though the stack trace would only contain 2 frames,
vasprintfand the memory allocation.