#540 The source code may be bug

1.8.x
closed-invalid
modules (454)
2
2012-07-07
2012-06-28
luodaidong
No

In the modules tm, The t_fwd.c has a function whose name is pre_print_uac_request;
I don't understand the following source code, this may has memory leak, and the source code is bad.
if (t->on_branch) {
/* need to pkg_malloc the dst_uri */
if ( request->dst_uri.s && request->dst_uri.len>0 ) {
if ( (p=pkg_malloc(request->dst_uri.len))==0 ) {
LM_ERR("no more pkg mem\n");
ser_error=E_OUT_OF_MEM;
goto error;
}
memcpy( p, request->dst_uri.s, request->dst_uri.len);
request->dst_uri.s = p;
}
/* need to pkg_malloc the new_uri */
if ( (p=pkg_malloc(request->new_uri.len))==0 ) {
LM_ERR("no more pkg mem\n");
ser_error=E_OUT_OF_MEM;
goto error;
}
memcpy( p, request->new_uri.s, request->new_uri.len);
request->new_uri.s = p;

Discussion

  • Bogdan-Andrei Iancu

    • priority: 5 --> 2
    • assigned_to: nobody --> bogdan_iancu
    • status: open --> open-invalid
     
  • Bogdan-Andrei Iancu

    I double checked the code and I see no leak...Could you point to a case / scenario where a leak may happen ?

    Thanks and regards,
    Bogdan

     
  • Nobody/Anonymous

    request->dst_uri.s = p;

    request->dst_uri.s no need free ?why?

     
  • Bogdan-Andrei Iancu

    • status: open-invalid --> closed-invalid
     
  • Bogdan-Andrei Iancu

    the "p" buffer is attached to the sip message (request) - everything attached to the message is freed when the entire message is freed.

     

Log in to post a comment.