kuldeep gupta created THRIFT-2018:
-------------------------------------
Summary: Resource Leak in TBufferTransports in cpp library of
thrift 0.9.0
Key: THRIFT-2018
URL: https://issues.apache.org/jira/browse/THRIFT-2018
Project: Thrift
Issue Type: Bug
Components: C++ - Library
Affects Versions: 0.9
Environment: thrift 0.9.0 on Linux 2.6.32-220.el6.x86_64
Reporter: kuldeep gupta
In file lib/cpp/src/thrift/transport/TBufferTransports.cpp
void TMemoryBuffer::ensureCanWrite(uint32_t len) {
333 // Check available space
334 uint32_t avail = available_write();
335 if (len <= avail) {
336 return;
337 }
338
339 if (!owner_) {
340 throw TTransportException("Insufficient space in external
MemoryBuffer");
341 }
342
343 // Grow the buffer as necessary.
344 uint32_t new_size = bufferSize_;
345 while (len > avail) {
346 new_size = new_size > 0 ? new_size * 2 : 1;
347 avail = available_write() + (new_size - bufferSize_);
348 }
349
350 // Allocate into a new pointer so we don't bork ours if it fails.
351 void* new_buffer = std::realloc(buffer_, new_size);
352 if (new_buffer == NULL) {
353 throw std::bad_alloc();
354 }
355 bufferSize_ = new_size;
356
357 ptrdiff_t offset = (uint8_t*)new_buffer - buffer_;
358 buffer_ += offset;
359 rBase_ += offset;
360 rBound_ += offset;
361 wBase_ += offset;
362 wBound_ = buffer_ + bufferSize_;
363 }
In the Above code at line number 351.
1. Storage is returned from allocation function "realloc(void *, size_t)".
2. Assigning: "new_buffer" = storage returned from "realloc(this->buffer_,
new_size)".
3. At line number 363
Variable "new_buffer" going out of scope leaks the storage it points to.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
