14521 – setenv overrite & unsetenv lead memory leak

Bug 14521 - setenv overrite & unsetenv lead memory leak

Summary: setenv overrite & unsetenv lead memory leak

Status:	NEW

Alias:	None

Product:	uClibc
Classification:	Unclassified
Component:	Other (show other bugs)
Version:	0.9.33.2
Hardware:	All Linux

Importance:	P1 critical
Target Milestone:	---
Assignee:	unassigned

URL:
Keywords:

Depends on:
Blocks:

Reported:	2022-01-13 09:38 UTC by lei.liu
Modified:	2024-02-23 06:04 UTC (History)
CC List:	1 user (show)

See Also:
Host:
Target:
Build:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description lei.liu 2022-01-13 09:38:46 UTC

setenv overrite & unsetenv does not free the old key-value string which lead memory leak

Comment 1 hanjunnung 2024-02-23 01:15:28 UTC

The use of valgrind and POC programs proved that SETENV and UNSETENV had a memory leak problem.

int main(int argc, char **argv)
{
    setenv("test_setenv", "test_setenv", 1);
    setenv("test_setenv", "test_setenv2", 1);
    setenv("test_setenv", "test_setenv22222", 1);
    putenv("test_setenv");
    return 0;    
}

==18333== HEAP SUMMARY:
==18333==     in use at exit: 147 bytes in 5 blocks
==18333==   total heap usage: 6 allocs, 1 frees, 191 bytes allocated
==18333==
==18333== 78 bytes in 3 blocks are definitely lost in loss record 3 of 3
==18333==    at 0x482DAA4: malloc (vg_replace_malloc.c:381)
==18333==    by 0x48D3020: __add_to_environ (in /lib/libuClibc-0.9.33.so)
==18333==
==18333== LEAK SUMMARY:
==18333==    definitely lost: 78 bytes in 3 blocks
==18333==    indirectly lost: 0 bytes in 0 blocks
==18333==      possibly lost: 0 bytes in 0 blocks
==18333==    still reachable: 69 bytes in 2 blocks
==18333==         suppressed: 0 bytes in 0 blocks