These were found by valgrind and verified by hand. I do not think they
are serious. I'm sorry for not including line numbers, but I doubt they
would be the same as in your actual source files anyway.
1. string returned from find_home_dir() not freed in process_sqliterc().
The find_home_dir() function returns a string allocated by malloc()
which the caller must free. But process_sqliterc() does not. This
function stores the string in a local variable called home_dir then uses
it to calculate another string with a full path. Excerpt:
home_dir = find_home_dir();
if( home_dir==0 ){
fprintf(stderr, "-- warning: cannot find home directory;"
" cannot read ~/.sqliterc\n");
return;
}
sqlite3_initialize();
zBuf = sqlite3_mprintf("%s/.sqliterc",home_dir);
sqliterc = zBuf;
It appears a good place to call free() would be at the end of this code
block, as home_dir is not used afterwards.
2. ShellState.zKey not freed
In the SEE shell, the shell accepts an encryption key using the -key and
-hexkey command-line arguments. Strings are allocated by
sqlite3_mprintf() and stored in the zKey field of the ShellState struct
as shown in the excerpt below.
}else if( strcmp(argv[i],"-key")==0 ){
data.zKey = sqlite3_mprintf("%s",cmdline_option_value(argc,argv,++i));
data.nKey = strlen(data.zKey);
}else if( strcmp(argv[i],"-hexkey")==0 ){
data.zKey = sqlite3_mprintf("%s",cmdline_option_value(argc,argv,++i));
data.nKey = shellHexToBin(data.zKey);
if( data.nKey<0 ){
fprintf(stderr, "%s: invalid key string\n", argv[0]);
exit(1);
}
The contract for sqlite3_mprintf is that the caller must free the result
using sqlite3_free(). But this never happens. A reasonable place to
perform the free would be at the end of main() where other cleanup is
also performed.
JKL
