From cbbe198c89fa25a80ec0a5f0592ea00132eacd01 Mon Sep 17 00:00:00 2001 From: Nobuyoshi Nakada Date: Sat, 5 Oct 2019 02:08:07 +0900 Subject: Fix potential memory leaks by `rb_imemo_tmpbuf_auto_free_pointer` This function has been used wrongly always at first, "allocate a buffer then wrap it with tmpbuf". This order can cause a memory leak, as tmpbuf creation also can raise a NoMemoryError exception. The right order is "create a tmpbuf then allocate&wrap a buffer". So the argument of this function is rather harmful than just useless. TODO: * Rename this function to more proper name, as it is not used "temporary" (function local) purpose. * Allocate and wrap at once safely, like `ALLOCV`. --- process.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'process.c') diff --git a/process.c b/process.c index fa5de27273..00e140eda7 100644 --- a/process.c +++ b/process.c @@ -2691,8 +2691,8 @@ open_func(void *ptr) static void rb_execarg_allocate_dup2_tmpbuf(struct rb_execarg *eargp, long len) { - VALUE tmpbuf = rb_imemo_tmpbuf_auto_free_pointer(NULL); - ((rb_imemo_tmpbuf_t *)tmpbuf)->ptr = ruby_xmalloc(run_exec_dup2_tmpbuf_size(len)); + VALUE tmpbuf = rb_imemo_tmpbuf_auto_free_pointer(); + rb_imemo_tmpbuf_set_ptr(tmpbuf, ruby_xmalloc(run_exec_dup2_tmpbuf_size(len))); eargp->dup2_tmpbuf = tmpbuf; } -- cgit v1.2.3