[Bug 271874] login_getpath etc. leak memory contrary to manpage

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 07 Jun 2023 01:29:58 UTC

            Bug ID: 271874
           Summary: login_getpath etc. leak memory contrary to manpage
           Product: Base System
           Version: 13.2-STABLE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: bin
          Assignee: bugs@FreeBSD.org
          Reporter: andrew@tao11.riddles.org.uk

The manpage for login_getpath, login_getcapstr, etc., explicitly says that
returned strings are not to be freed, that the memory will be reused or freed
on login_close.

This is an outright lie; the memory is just leaked. Most callers probably don't
care about this, since they're setting up for an exec, but some do,

This isn't new; it was raised nearly 10 YEARS AGO in #195128, which remains
open and unfixed. However, I suggest that the right fix might be to leave the
code alone and change the manpage; at least OpenBSD explicitly documents that
returned capability strings are to be freed if they are not the passed-in
def/err values.

You are receiving this mail because:
You are the assignee for the bug.