<<< Date Index >>>     <<< Thread Index >>>

[PATCH] Fix memory leaks



Hi,

attached is a patch fixing three memory leaks.

In score.c the comment explains why there's a leak.

In imap/command.c, I read the code as looping over all defined mailboxes to parse the response of STATUS. In every loop the 'value' parameter is strdup()'d but only free()'d for a match not for no match.

In imap/message.c with header caching, h.data is allocated at line 150. After the hcache block, it gets initialized to 0 thus leaking the already allocated h.data.

valgrind(1) reports another one I'm not sure how to fix it: in imap_new_idata() a new idata->cmdbuf BUFFER is allocated. In mx_fastclose_mailbox() in mx.c the given CONTEXT containing the idata->cmdbuf pointer is memset()'d to zero so the BUFFER will be leaked. But that would mean we would have to free it in imap_close_mailbox() and create a new idata for every opened IMAP folder. Or maybe just mutt_buffer_free() it there... I don't know.

  bye, Rocco
--
:wq!
diff --git a/imap/command.c b/imap/command.c
index ac540c3..838b851 100644
--- a/imap/command.c
+++ b/imap/command.c
@@ -864,6 +864,8 @@ static void cmd_parse_status (IMAP_DATA*
         FREE (&value);
         return;
       }
+
+      FREE (&value);
     }
 
     FREE (&mx.mbox);
diff --git a/imap/message.c b/imap/message.c
index 75ffa52..39410af 100644
--- a/imap/message.c
+++ b/imap/message.c
@@ -81,6 +81,7 @@ #if USE_HCACHE
 #endif /* USE_HCACHE */
 
   ctx = idata->ctx;
+  memset (&h, 0, sizeof (h));
 
   if (mutt_bit_isset (idata->capabilities,IMAP4REV1))
   {
@@ -236,6 +237,8 @@ #endif /* USE_HCACHE */
 
     /* freshen fp, h */
     rewind (fp);
+    if (h.data != NULL)
+      imap_free_header_data ((void**) &h.data);
     memset (&h, 0, sizeof (h));
     h.data = safe_calloc (1, sizeof (IMAP_HEADER_DATA));
 
diff --git a/score.c b/score.c
index 208c37c..81f886e 100644
--- a/score.c
+++ b/score.c
@@ -104,7 +104,12 @@ int mutt_parse_score (BUFFER *buf, BUFFE
       Score = ptr;
     ptr->pat = pat;
     ptr->str = pattern;
-  }
+  } else
+    /* 'buf' arg was cleared and 'pattern' holds the only reference;
+     * as here 'ptr' != NULL -> update the value only in which case
+     * ptr->str already has the string -> free(pattern)
+     */
+    FREE (&pattern);
   pc = buf->data;
   if (*pc == '=')
   {