diff mbox

Fix massive memory leak in read_line (PR middle-end/53510)

Message ID 20120529111206.GG16117@tyan-ft48-01.lab.bos.redhat.com
State New
Headers show

Commit Message

Jakub Jelinek May 29, 2012, 11:12 a.m. UTC 
Hi!

As soon as line length goes over 200 bytes, read_line starts leaking
memory (for line length x where x > 200 bytes it leaks
((1UL << ((x - 199) / 2)) - 1) * 200 bytes).

This patch fixes it.  As noted by Manuel, he copied that buggy code
from gcov.c, so this fixes gcov too.

Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk?

2012-05-29  Jakub Jelinek  <jakub@redhat.com>

	PR middle-end/53510
	* input.c (read_line): Use XRESIZEVEC instead of XNEWVEC
	to avoid leaking memory.  No need to handle memory allocation
	failure.  Double string_len on each reallocation instead of
	adding 2.
	* gcov.c (read_line): Likewise.


	Jakub

Comments

Richard Biener May 29, 2012, 11:14 a.m. UTC | #1 
On Tue, May 29, 2012 at 1:12 PM, Jakub Jelinek <jakub@redhat.com> wrote:
> Hi!
>
> As soon as line length goes over 200 bytes, read_line starts leaking
> memory (for line length x where x > 200 bytes it leaks
> ((1UL << ((x - 199) / 2)) - 1) * 200 bytes).
>
> This patch fixes it.  As noted by Manuel, he copied that buggy code
> from gcov.c, so this fixes gcov too.
>
> Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk?

Ok.

Thanks,
Richard.

> 2012-05-29  Jakub Jelinek  <jakub@redhat.com>
>
>        PR middle-end/53510
>        * input.c (read_line): Use XRESIZEVEC instead of XNEWVEC
>        to avoid leaking memory.  No need to handle memory allocation
>        failure.  Double string_len on each reallocation instead of
>        adding 2.
>        * gcov.c (read_line): Likewise.
>
> --- gcc/input.c.jj      2012-05-02 09:38:42.000000000 +0200
> +++ gcc/input.c 2012-05-29 09:22:05.123856883 +0200
> @@ -105,15 +105,8 @@ read_line (FILE *file)
>          return string;
>        }
>       pos += len;
> -      ptr = XNEWVEC (char, string_len * 2);
> -      if (ptr)
> -       {
> -         memcpy (ptr, string, pos);
> -         string = ptr;
> -         string_len += 2;
> -       }
> -      else
> -       pos = 0;
> +      string = XRESIZEVEC (char, string, string_len * 2);
> +      string_len *= 2;
>     }
>
>   return pos ? string : NULL;
> --- gcc/gcov.c.jj       2012-01-13 21:47:35.719634891 +0100
> +++ gcc/gcov.c  2012-05-29 10:30:21.862814065 +0200
> @@ -2219,15 +2219,8 @@ read_line (FILE *file)
>          return string;
>        }
>       pos += len;
> -      ptr = XNEWVEC (char, string_len * 2);
> -      if (ptr)
> -       {
> -         memcpy (ptr, string, pos);
> -         string = ptr;
> -         string_len += 2;
> -       }
> -      else
> -       pos = 0;
> +      string = XRESIZEVEC (char, string, string_len * 2);
> +      string_len *= 2;
>     }
>
>   return pos ? string : NULL;
>
>        Jakub
diff mbox

Patch

--- gcc/input.c.jj	2012-05-02 09:38:42.000000000 +0200
+++ gcc/input.c	2012-05-29 09:22:05.123856883 +0200
@@ -105,15 +105,8 @@  read_line (FILE *file)
 	  return string;
 	}
       pos += len;
-      ptr = XNEWVEC (char, string_len * 2);
-      if (ptr)
-	{
-	  memcpy (ptr, string, pos);
-	  string = ptr;
-	  string_len += 2;
-	}
-      else
-	pos = 0;
+      string = XRESIZEVEC (char, string, string_len * 2);
+      string_len *= 2;
     }
       
   return pos ? string : NULL;
--- gcc/gcov.c.jj	2012-01-13 21:47:35.719634891 +0100
+++ gcc/gcov.c	2012-05-29 10:30:21.862814065 +0200
@@ -2219,15 +2219,8 @@  read_line (FILE *file)
 	  return string;
 	}
       pos += len;
-      ptr = XNEWVEC (char, string_len * 2);
-      if (ptr)
-	{
-	  memcpy (ptr, string, pos);
-	  string = ptr;
-	  string_len += 2;
-	}
-      else
-	pos = 0;
+      string = XRESIZEVEC (char, string, string_len * 2);
+      string_len *= 2;
     }
       
   return pos ? string : NULL;