Package: libmagic1
Version: 1:5.22+15-2+deb8u2
Severity: normal
libmagic suffers from a memory leak, apparently due to magic_load()
not satisfying its contract:0
As per man magic_load:
--
The magic_load() function must be used to load the the colon separated
list of database files passed in as filename, or NULL for the default
database file before any magic queries can performed.
The default database file is named by the MAGIC environment variable.
If that variable is not set, the default database file name is
/usr/share/misc/magic. magic_load() adds “.mgc” to the database
filename as appropriate.
--
Steps to reproduce:
$ cat test.c
#include <magic.h>
#include <stdlib.h>
int main ()
{ magic_t _magic = magic_open (MAGIC_MIME); int r = magic_load
(_magic, NULL); magic_close (_magic); }
$ gcc test.c -lmagic
valgrind ./a.out
==30967== Memcheck, a memory error detector
==30967== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==30967== Using Valgrind-3.10.0 and LibVEX; rerun with -h for copyright info
==30967== Command: ./a.out
==30967==
==30967==
==30967== HEAP SUMMARY:
==30967== in use at exit: 48 bytes in 3 blocks
==30967== total heap usage: 28 allocs, 25 frees, 2,179 bytes allocated
==30967==
==30967== LEAK SUMMARY:
==30967== definitely lost: 48 bytes in 1 blocks
==30967== indirectly lost: 0 bytes in 2 blocks
==30967== possibly lost: 0 bytes in 0 blocks
==30967== still reachable: 0 bytes in 0 blocks
==30967== suppressed: 0 bytes in 0 blocks
==30967== Rerun with --leak-check=full to see details of leaked memory
==30967==
==30967== For counts of detected and suppressed errors, rerun with: -v
==30967== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
To fix the above, either:
- use "MAGIC=/usr/share/misc/magic valgrind ./a.out"
- or modify the above test code "magic_load (_magic, "/usr/share/misc/magic")
It turns out the private function get_default_magic() returns
"/etc/magic" instead of the document default "/usr/share/misc/magic",
which in turns generates some lost blocks.
Solution:
Either fix upstream or export the MAGIC environment variable (probably
better / easier considering the code!).
Side notes:
- Reported with details by Michal Vyskocil from the Eaton Opensource Team
- Redhat has a similar ticket which they solved:
https://bugzilla.redhat.com/show_bug.cgi?id=919466
cheers,
Arno
--
Eaton Data Center Automation Solutions - Opensource Leader
NUT (Network UPS Tools) Project Leader - http://www.networkupstools.org
Debian Developer - http://www.debian.org
Free Software Developer - http://arnaud.quette.fr
