No subject


Tue Jan 27 13:16:53 PST 2009


In file cairo/util/malloc-stats.c:90
Variable "name" is leaking memory I think. strdup allocates memory, but later
if p is not null, the pointer location is moved, which would make it unlikely
for the caller to be able to release the memory correctly. 

I didn't follow the execution path to see what is eventually done to the
returned value, is it freed with free() or not and not even sure what happens
if you call free() for a pointer that is in the middle of allocated memory. 

        name = strdup (strings[0]);

        p = strchr (name, '\t');
        if (p)
                name = p + 1;

        free (strings);

        return name;
}

This bug was found using cppcheck: http://cppcheck.wiki.sourceforge.net/


-- 
Configure bugmail: http://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.


More information about the cairo-bugs mailing list