touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #15336
[Bug 1364584] Re: `getaddrinfo` leaks memory
This bug was fixed in the package eglibc - 2.11.1-0ubuntu7.17
---------------
eglibc (2.11.1-0ubuntu7.17) lucid-security; urgency=medium
* SECURITY REGRESSION: memleak in getaddrinfo (LP: #1364584)
- debian/patches/CVE-2013-4357-memleak.patch: fix memleak in
sysdeps/posix/getaddrinfo.c introduced by patch for CVE-2013-4357.
-- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx> Thu, 04 Sep 2014 19:55:23 -0400
** Changed in: eglibc (Ubuntu Lucid)
Status: In Progress => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4357
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to eglibc in Ubuntu.
https://bugs.launchpad.net/bugs/1364584
Title:
`getaddrinfo` leaks memory
Status in “eglibc” package in Ubuntu:
Invalid
Status in “eglibc” source package in Lucid:
Fix Released
Bug description:
I believe 2.11.1-0ubuntu7.14 (Ubuntu 10.04) introduces a regression in
`getaddrinfo`.
I'm using the test case from [Debian Bug
#304022](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=304022)
(attached as "main.c"). Valgrind detects a leak (output below) that
isn't detected if I'm downgrading to 2.11.1-0ubuntu7.13. Upgrading to
2.11.1-0ubuntu7.16 doesn't resolve this. However, I'm unable to
reproduce on 2.19-0ubuntu6.3 (Ubuntu 14.04).
(The host in the test case yields a NXDOMAIN, but this isn't significant; it seems 1 kB will be leaked per block in any case.)
==7== Memcheck, a memory error detector
==7== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
==7== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
==7== Command: ./a.out
==7==
==7==
==7== HEAP SUMMARY:
==7== in use at exit: 1,024 bytes in 1 blocks
==7== total heap usage: 58 allocs, 57 frees, 9,893 bytes allocated
==7==
==7== 1,024 bytes in 1 blocks are definitely lost in loss record 1 of 1
==7== at 0x4C274A8: malloc (vg_replace_malloc.c:236)
==7== by 0x4EE7EC6: gaih_inet (getaddrinfo.c:858)
==7== by 0x4EEA8F1: getaddrinfo (getaddrinfo.c:2425)
==7== by 0x400606: main (in /tmp/a.out)
==7==
==7== LEAK SUMMARY:
==7== definitely lost: 1,024 bytes in 1 blocks
==7== indirectly lost: 0 bytes in 0 blocks
==7== possibly lost: 0 bytes in 0 blocks
==7== still reachable: 0 bytes in 0 blocks
==7== suppressed: 0 bytes in 0 blocks
==7==
==7== For counts of detected and suppressed errors, rerun with: -v
==7== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1364584/+subscriptions
References