← Back to team overview

touch-packages team mailing list archive

[Bug 1364584] Re: `getaddrinfo` leaks memory

 

This bug was fixed in the package eglibc - 2.11.1-0ubuntu7.17

---------------
eglibc (2.11.1-0ubuntu7.17) lucid-security; urgency=medium

  * SECURITY REGRESSION: memleak in getaddrinfo (LP: #1364584)
    - debian/patches/CVE-2013-4357-memleak.patch: fix memleak in
      sysdeps/posix/getaddrinfo.c introduced by patch for CVE-2013-4357.
 -- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx>   Thu, 04 Sep 2014 19:55:23 -0400

** Changed in: eglibc (Ubuntu Lucid)
       Status: In Progress => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4357

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to eglibc in Ubuntu.
https://bugs.launchpad.net/bugs/1364584

Title:
  `getaddrinfo` leaks memory

Status in “eglibc” package in Ubuntu:
  Invalid
Status in “eglibc” source package in Lucid:
  Fix Released

Bug description:
  I believe 2.11.1-0ubuntu7.14 (Ubuntu 10.04) introduces a regression in
  `getaddrinfo`.

  I'm using the test case from [Debian Bug
  #304022](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=304022)
  (attached as "main.c"). Valgrind detects a leak (output below) that
  isn't detected if I'm downgrading to 2.11.1-0ubuntu7.13. Upgrading to
  2.11.1-0ubuntu7.16 doesn't resolve this. However, I'm unable to
  reproduce on 2.19-0ubuntu6.3 (Ubuntu 14.04).

  (The host in the test case yields a NXDOMAIN, but this isn't significant; it seems 1 kB will be leaked per block in any case.)
      
      ==7== Memcheck, a memory error detector
      ==7== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
      ==7== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
      ==7== Command: ./a.out
      ==7==
      ==7==
      ==7== HEAP SUMMARY:
      ==7==     in use at exit: 1,024 bytes in 1 blocks
      ==7==   total heap usage: 58 allocs, 57 frees, 9,893 bytes allocated
      ==7==
      ==7== 1,024 bytes in 1 blocks are definitely lost in loss record 1 of 1
      ==7==    at 0x4C274A8: malloc (vg_replace_malloc.c:236)
      ==7==    by 0x4EE7EC6: gaih_inet (getaddrinfo.c:858)
      ==7==    by 0x4EEA8F1: getaddrinfo (getaddrinfo.c:2425)
      ==7==    by 0x400606: main (in /tmp/a.out)
      ==7==
      ==7== LEAK SUMMARY:
      ==7==    definitely lost: 1,024 bytes in 1 blocks
      ==7==    indirectly lost: 0 bytes in 0 blocks
      ==7==      possibly lost: 0 bytes in 0 blocks
      ==7==    still reachable: 0 bytes in 0 blocks
      ==7==         suppressed: 0 bytes in 0 blocks
      ==7==
      ==7== For counts of detected and suppressed errors, rerun with: -v
      ==7== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1364584/+subscriptions


References