View Issue Details

IDProjectCategoryView StatusLast Update
0007590GNUnetutil librarypublic2024-02-29 22:46
Reporterulfvonbelow Assigned ToChristian Grothoff  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Product VersionGit master 
Target Version0.19.3Fixed in Version0.19.3 
Summary0007590: GNUNET_BIO_flush + GNUNET_BIO_write_close = memory leak
DescriptionGNUNET_BIO_write_close doesn't free the handle passed in if it is of type IO_FILE and the file descriptor is 0.

Meanwhile, half a screen down, GNUNET_BIO_flush sets the file descriptor of any handle of type IO_FILE for which a flush fails to 0.

Therefore any handle of type IO_FILE for which a flush fails will be leaked.
Steps To Reproduce1. ./configure --enable-sanitizer
2. make
3. make check
4. Observe the following:
==20550==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 65584 byte(s) in 1 object(s) allocated from:
    #0 0x7f3b970ace4f in __interceptor_malloc (/gnu/store/094bbaq6glba86h1d4cj16xhdi6fk2jl-gcc-10.3.0-lib/lib/libasan.so.6+0xace4f)
    #1 0x7f3b96bef987 in GNUNET_xmalloc_unchecked_ /tmp/guix-build-gnunet-0.19.2.drv-0/source/src/util/common_allocation.c:199
    #2 0x7f3b96beef0e in GNUNET_xmalloc_ /tmp/guix-build-gnunet-0.19.2.drv-0/source/src/util/common_allocation.c:67
    #3 0x7f3b96bdc0db in GNUNET_BIO_write_open_file /tmp/guix-build-gnunet-0.19.2.drv-0/source/src/util/bio.c:522
    #4 0x55d925a628d0 in test_fullfile_rw /tmp/guix-build-gnunet-0.19.2.drv-3/source/src/util/test_bio.c:282
    #5 0x55d925a639df in check_file_rw /tmp/guix-build-gnunet-0.19.2.drv-3/source/src/util/test_bio.c:349
    #6 0x55d925a63b7a in main /tmp/guix-build-gnunet-0.19.2.drv-3/source/src/util/test_bio.c:360
    #7 0x7f3b963a17dc in __libc_start_main (/gnu/store/5h2w4qi9hk1qzzgi1w83220ydslinr4s-glibc-2.33/lib/libc.so.6+0x237dc)
Additional InformationThis particular test case works by trying to write to /dev/full, which understandably fails. There are two other, smaller memory leaks in that test program in test_normal_rw where rString isn't freed after either of the GNUNET_BIO_*_spec_commit() calls that point it to an allocated string.

Attached is a patch for all mentioned leaks.

I question the use of 0 as a special value to indicate "no file descriptor", since 0 is a completely legitimate file descriptor and could occur naturally with the right sequence of close() and open() calls.
Tagsmemory-leak
Attached Files
gnunet-fix-memory-leaks.patch (1,130 bytes)   
diff --git a/src/util/bio.c b/src/util/bio.c
index 70620aea7..2d1be2238 100644
--- a/src/util/bio.c
+++ b/src/util/bio.c
@@ -567,7 +567,10 @@ GNUNET_BIO_write_close (struct GNUNET_BIO_WriteHandle *h, char **emsg)
   {
   case IO_FILE:
     if (NULL == h->fd)
-      return GNUNET_SYSERR;
+    {
+      err = GNUNET_SYSERR;
+      break;
+    }
     if (GNUNET_OK != GNUNET_BIO_flush (h))
     {
       if (NULL != emsg)
diff --git a/src/util/test_bio.c b/src/util/test_bio.c
index 90f0121d4..8dadb8108 100644
--- a/src/util/test_bio.c
+++ b/src/util/test_bio.c
@@ -68,6 +68,7 @@ test_normal_rw (void)
   GNUNET_assert (GNUNET_OK == GNUNET_BIO_read_close (rh, NULL));
   GNUNET_assert (0 == strcmp (TESTSTRING, rString));
   GNUNET_assert (wNum == rNum);
+  GNUNET_free (rString);
 
   GNUNET_assert (GNUNET_OK == GNUNET_DISK_directory_remove (filename));
   GNUNET_free (filename);
@@ -89,6 +90,7 @@ test_normal_rw (void)
   GNUNET_assert (GNUNET_OK == GNUNET_BIO_read_close (rh, NULL));
   GNUNET_assert (0 == strcmp (TESTSTRING, rString));
   GNUNET_assert (wNum == rNum);
+  GNUNET_free (rString);
 
   GNUNET_free (buffer);
 
gnunet-fix-memory-leaks.patch (1,130 bytes)   

Activities

Christian Grothoff

2023-01-16 09:36

manager   ~0019676

Fixed in 6ebbb6fec..31dcac7e2

Christian Grothoff

2023-01-16 09:36

manager   ~0019677

Fixed, thanks for reporting!

ulfvonbelow

2023-01-17 04:19

reporter   ~0019688

It seems the patch wasn't fully applied - there are two calls to GNUNET_free() that need to be added in test_bio.c, since GNUNET_BIO_read_spec_commit() is called twice.

Christian Grothoff

2023-01-17 14:13

manager   ~0019690

Sorry, missed one. Fixed in 31dcac7e2..c4156bb96

schanzen

2023-02-06 05:20

administrator   ~0019752

v0.19.3 released

Issue History

Date Modified Username Field Change
2023-01-15 07:07 ulfvonbelow New Issue
2023-01-15 07:07 ulfvonbelow Tag Attached: bug
2023-01-15 07:07 ulfvonbelow Tag Attached: memory-leak
2023-01-15 07:07 ulfvonbelow File Added: gnunet-fix-memory-leaks.patch
2023-01-16 09:36 Christian Grothoff Note Added: 0019676
2023-01-16 09:36 Christian Grothoff Assigned To => Christian Grothoff
2023-01-16 09:36 Christian Grothoff Status new => resolved
2023-01-16 09:36 Christian Grothoff Resolution open => fixed
2023-01-16 09:36 Christian Grothoff Fixed in Version => 0.19.3
2023-01-16 09:36 Christian Grothoff Note Added: 0019677
2023-01-17 04:19 ulfvonbelow Status resolved => feedback
2023-01-17 04:19 ulfvonbelow Resolution fixed => reopened
2023-01-17 04:19 ulfvonbelow Note Added: 0019688
2023-01-17 14:13 Christian Grothoff Status feedback => resolved
2023-01-17 14:13 Christian Grothoff Note Added: 0019690
2023-01-17 14:13 Christian Grothoff Resolution reopened => fixed
2023-01-17 14:13 Christian Grothoff Target Version => 0.19.3
2023-02-06 05:20 schanzen Note Added: 0019752
2023-02-06 05:20 schanzen Status resolved => closed
2024-02-29 22:46 Christian Grothoff Tag Detached: bug