Fix for memory leak in setenv/unsetenv
John Baldwin
jhb at freebsd.org
Tue Oct 10 07:05:57 PDT 2006
On Friday 06 October 2006 21:13, Sean C. Farley wrote:
> Many a moon ago[1], I put together a patch to fix the leak in setenv()
> and unsetenv(). A few months ago, I submitted a PR (kern/99826[2]) for
> the final fix. I was wondering if anyone would take a look at it to see
> if any changes are still warranted. The PR contains information about
> the patch and sample programs to test it out.
>
> Thank you.
>
> Sean
> 1. http://lists.freebsd.org/pipermail/freebsd-hackers/2005-February/010463.html
> 2. http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/99826
This still won't work. The reason for the intentional leak is because
of this code sequence:
char *a;
setenv("FOO", "0", 1);
a = getenv("FOO");
setenv("FOO", "bar", 1);
printf("FOO was %s\n", a);
With the memory leak fixed this will use free'd memory. While this code
may seem weird in a program, it actually is quite possible for a library
to read and cache the value of an environment variable. If you didn't
leave the leak around, the library could cause a crash if the main
program (or another library) changed the environment variable the first
library had a cached pointer to the value of.
I know for one app at my last job we had a problem with this with TZ, and so
we explicitly space padded the timezone name out to a fixed-size each time
to avoid the leak.
--
John Baldwin
More information about the freebsd-current
mailing list