[PATCH] location-gps-nmea: fix memory leaks

Dan Williams dcbw at redhat.com
Thu Aug 3 20:38:39 UTC 2017 

On Thu, 2017-08-03 at 13:25 -0700, Ben Chan wrote:
> This patch fixes the following potential memory leaks in
> MMLocationGpsNmea:
> 
> - When the `trace' string provided to location_gps_nmea_take_trace()
> isn't
>   added to the hash table, its ownership is still considered
> transferred.
>   It should thus be freed. Similarly, the `trace_type' string isn't
>   added the hash table and should thus be freed.
> 
> - mm_location_gps_nmea_add_trace() duplicates a given trace string
> and
>   then passes the trace copy to location_gps_nmea_take_trace(). When
>   location_gps_nmea_take_trace() returns FALSE, the ownership of the
>   copy isn't transferred. mm_location_gps_nmea_add_trace() should
> thus
>   free the copy.
> ---
>  libmm-glib/mm-location-gps-nmea.c | 14 ++++++++++++--
>  1 file changed, 12 insertions(+), 2 deletions(-)
> 
> diff --git a/libmm-glib/mm-location-gps-nmea.c b/libmm-glib/mm-
> location-gps-nmea.c
> index 08ec97ff..577a5d90 100644
> --- a/libmm-glib/mm-location-gps-nmea.c
> +++ b/libmm-glib/mm-location-gps-nmea.c
> @@ -96,8 +96,11 @@ location_gps_nmea_take_trace (MMLocationGpsNmea
> *self,
>              gchar *sequence;
>  
>              /* Skip the trace if we already have it there */
> -            if (strstr (previous, trace))
> +            if (strstr (previous, trace)) {
> +                g_free (trace_type);
> +                g_free (trace);
>                  return TRUE;
> +            }

This looks fine to me.
 
>              sequence = g_strdup_printf ("%s%s%s",
>                                          previous,
> @@ -118,7 +121,14 @@ gboolean
>  mm_location_gps_nmea_add_trace (MMLocationGpsNmea *self,
>                                  const gchar *trace)
>  {
> -    return location_gps_nmea_take_trace (self, g_strdup (trace));
> +    char *trace_copy;
> +
> +    trace_copy = g_strdup (trace);
> +    if (location_gps_nmea_take_trace (self, trace_copy))
> +        return TRUE;
> +
> +    g_free (trace_copy);
> +    return FALSE;
>  }

Since take_trace() is an internal function, and the current callers
don't do anything useful with a FALSE return, maybe we should just
update take_trace() to consume the input regardless of the return? 
Otherwise callers will have some strings consumed, and others not
consumed, and the caller has to track that.  Seems kinda pointless.

Dan

More information about the ModemManager-devel mailing list