Ubuntu
eglibc package

`getaddrinfo` leaks memory

Bug #1364584 reported by Troels Thomsen
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
eglibc (Ubuntu)
Invalid
Undecided
Unassigned
Lucid
Fix Released
Undecided
Marc Deslauriers

Bug Description

I believe 2.11.1-0ubuntu7.14 (Ubuntu 10.04) introduces a regression in `getaddrinfo`.

I'm using the test case from [Debian Bug #304022](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=304022) (attached as "main.c"). Valgrind detects a leak (output below) that isn't detected if I'm downgrading to 2.11.1-0ubuntu7.13. Upgrading to 2.11.1-0ubuntu7.16 doesn't resolve this. However, I'm unable to reproduce on 2.19-0ubuntu6.3 (Ubuntu 14.04).

(The host in the test case yields a NXDOMAIN, but this isn't significant; it seems 1 kB will be leaked per block in any case.)

    ==7== Memcheck, a memory error detector
    ==7== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
    ==7== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
    ==7== Command: ./a.out
    ==7==
    ==7==
    ==7== HEAP SUMMARY:
    ==7== in use at exit: 1,024 bytes in 1 blocks
    ==7== total heap usage: 58 allocs, 57 frees, 9,893 bytes allocated
    ==7==
    ==7== 1,024 bytes in 1 blocks are definitely lost in loss record 1 of 1
    ==7== at 0x4C274A8: malloc (vg_replace_malloc.c:236)
    ==7== by 0x4EE7EC6: gaih_inet (getaddrinfo.c:858)
    ==7== by 0x4EEA8F1: getaddrinfo (getaddrinfo.c:2425)
    ==7== by 0x400606: main (in /tmp/a.out)
    ==7==
    ==7== LEAK SUMMARY:
    ==7== definitely lost: 1,024 bytes in 1 blocks
    ==7== indirectly lost: 0 bytes in 0 blocks
    ==7== possibly lost: 0 bytes in 0 blocks
    ==7== still reachable: 0 bytes in 0 blocks
    ==7== suppressed: 0 bytes in 0 blocks
    ==7==
    ==7== For counts of detected and suppressed errors, rerun with: -v
    ==7== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)

Revision history for this message
Troels Thomsen (troelsthomsen) wrote :
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in eglibc (Ubuntu):
status: New → Confirmed
Troels Thomsen (troelsthomsen)
Changed in eglibc (Ubuntu):
status: Confirmed → Incomplete
status: Incomplete → Confirmed
Marc Deslauriers (mdeslaur)
Changed in eglibc (Ubuntu Lucid):
status: New → Confirmed
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in eglibc (Ubuntu):
status: Confirmed → Invalid
Adam Conrad (adconrad)
Changed in eglibc (Ubuntu Lucid):
status: Confirmed → In Progress
Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

Thanks for reporting this issue. Packages to fix it are currently building in the security team PPA here:

https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages

I will be releasing them on monday after they have gone through testing.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package eglibc - 2.11.1-0ubuntu7.17

---------------
eglibc (2.11.1-0ubuntu7.17) lucid-security; urgency=medium

  * SECURITY REGRESSION: memleak in getaddrinfo (LP: #1364584)
    - debian/patches/CVE-2013-4357-memleak.patch: fix memleak in
      sysdeps/posix/getaddrinfo.c introduced by patch for CVE-2013-4357.
 -- Marc Deslauriers <email address hidden> Thu, 04 Sep 2014 19:55:23 -0400

Changed in eglibc (Ubuntu Lucid):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.