`getaddrinfo` leaks memory

Bug #1364584 reported by Troels Thomsen on 2014-09-02
This bug affects 2 people
Affects Status Importance Assigned to Milestone
eglibc (Ubuntu)
Marc Deslauriers

Bug Description

I believe 2.11.1-0ubuntu7.14 (Ubuntu 10.04) introduces a regression in `getaddrinfo`.

I'm using the test case from [Debian Bug #304022](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=304022) (attached as "main.c"). Valgrind detects a leak (output below) that isn't detected if I'm downgrading to 2.11.1-0ubuntu7.13. Upgrading to 2.11.1-0ubuntu7.16 doesn't resolve this. However, I'm unable to reproduce on 2.19-0ubuntu6.3 (Ubuntu 14.04).

(The host in the test case yields a NXDOMAIN, but this isn't significant; it seems 1 kB will be leaked per block in any case.)

    ==7== Memcheck, a memory error detector
    ==7== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
    ==7== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
    ==7== Command: ./a.out
    ==7== HEAP SUMMARY:
    ==7== in use at exit: 1,024 bytes in 1 blocks
    ==7== total heap usage: 58 allocs, 57 frees, 9,893 bytes allocated
    ==7== 1,024 bytes in 1 blocks are definitely lost in loss record 1 of 1
    ==7== at 0x4C274A8: malloc (vg_replace_malloc.c:236)
    ==7== by 0x4EE7EC6: gaih_inet (getaddrinfo.c:858)
    ==7== by 0x4EEA8F1: getaddrinfo (getaddrinfo.c:2425)
    ==7== by 0x400606: main (in /tmp/a.out)
    ==7== LEAK SUMMARY:
    ==7== definitely lost: 1,024 bytes in 1 blocks
    ==7== indirectly lost: 0 bytes in 0 blocks
    ==7== possibly lost: 0 bytes in 0 blocks
    ==7== still reachable: 0 bytes in 0 blocks
    ==7== suppressed: 0 bytes in 0 blocks
    ==7== For counts of detected and suppressed errors, rerun with: -v
    ==7== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)

Troels Thomsen (troelsthomsen) wrote :
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in eglibc (Ubuntu):
status: New → Confirmed
Changed in eglibc (Ubuntu):
status: Confirmed → Incomplete
status: Incomplete → Confirmed
Changed in eglibc (Ubuntu Lucid):
status: New → Confirmed
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in eglibc (Ubuntu):
status: Confirmed → Invalid
Adam Conrad (adconrad) on 2014-09-05
Changed in eglibc (Ubuntu Lucid):
status: Confirmed → In Progress
Marc Deslauriers (mdeslaur) wrote :

Thanks for reporting this issue. Packages to fix it are currently building in the security team PPA here:


I will be releasing them on monday after they have gone through testing.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package eglibc - 2.11.1-0ubuntu7.17

eglibc (2.11.1-0ubuntu7.17) lucid-security; urgency=medium

  * SECURITY REGRESSION: memleak in getaddrinfo (LP: #1364584)
    - debian/patches/CVE-2013-4357-memleak.patch: fix memleak in
      sysdeps/posix/getaddrinfo.c introduced by patch for CVE-2013-4357.
 -- Marc Deslauriers <email address hidden> Thu, 04 Sep 2014 19:55:23 -0400

Changed in eglibc (Ubuntu Lucid):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers