Possible memory leak in auparse_interpret_sock_parts()
Tarun Ramesh
tramesh at acalvio.com
Fri Jun 21 11:34:12 UTC 2019
Hi,
In the function auparse_interpret_sock_parts() in auparse/auparse.c, for
the line:
const char *val = nvlist_interp_cur_val(r, au->escape_mode);
I see that the function nvlist_interp_cur_val() eventually calls
auparse_do_interpretation() which has the comment "Returns a malloc'ed
buffer that the caller must free"
The call path is:
nvlist_interp_cur_val() -> interpret() -> auparse_do_interpretation()
In auparse_interpret_sock_parts():
const char *val = nvlist_interp_cur_val(r, au->escape_mode);
is called and then the value of 'val' is overwritten by:
val = strstr(tmp, field);
The initial memory pointed to by 'val' is never freed, which might be a
memory leak.
Please let me know if I;m missing something.
Thanks,
Tarun
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20190621/885a0633/attachment.htm>
More information about the Linux-audit
mailing list