#407 Error in md5.c

1.3.0
closed-fixed
Erik
None
1
2014-03-19
2013-12-07
VG
No

This is what I see in md5.c, line 266:

memset(ctx, 0, sizeof(ctx))

Looks like an error to me, should be memset(ctx, 0, sizeof(*ctx))

Discussion

  • VG

    VG - 2013-12-07

    I shouldn't have hurried to post this issue. There are more:

    metadata_iterator.c around line 1213: function returns without freeing node, so node leaks

    metadata_iterator.c around line 1415: function returns without closing a file f

     
  • Oliver Stöneberg

    The main issue reported is actually fixed in the 1.3.0. The memset() was incorrect and in the wrong place in 1.2.1 causing the structure not to be completely reset and causing a memory leak.

    But there is still an issue with this then according to

    http://www.viva64.com/en/d/0208/

    since the compiler might delete the memset at the end of an function, so the structure is never cleared at all.

     
  • Erik

    Erik - 2014-03-15

    The compiler could only optimize out the memset if the MD5Context was local. Since the MD5Context is actually a function parameter, the calling function can rightly expect that FLAC_MD5Final does indeed clear it.

    However, I have added a test to the test suite to validate that FLAC__MD5Final does indeed clear the MD5Context.

    See:

    commit cf55fc7bd7e53b0b15b241b5f9b894b9a051bb99
    Author: Erik de Castro Lopo <erikd@mega-nerd.com>
    Date:   Sat Mar 15 18:25:22 2014 +1100
    
    Add a test to validate that FLAC__MD5Final clears the MD5Context.
    
     
  • Erik

    Erik - 2014-03-19
    • status: open --> closed-fixed
    • assigned_to: Erik
     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks