fromcode memory leak
About the fromcode memory leak (see bug 3215), function
convert_file_from_to of sendlib.c is declared as static and
is called only once in sendlib.c:
if (Charset && (chs || SendCharset) &&
convert_file_from_to (fp, fchs, chs ? chs : SendCharset,
&fromcode, &tocode, info) != (size_t)(-1))
so that the parameter fromcode of convert_file_from_to cannot be null
(it is an address). The body of the function contains:
if (fromcode)
{
[...]
}
else
{
/* There is only one fromcode */
ret = convert_file_to (file, fromcodes, ncodes, (const char **)tcode,
&cn, info);
if (ret != (size_t)(-1))
{
*tocode = tcode[cn];
tcode[cn] = 0;
}
}
So, I suppose that the "if (fromcode)" is not necessary and that the
"else" code is never executed and should be removed. Can you confirm?
Also, due to the
*fromcode = fcode;
fcode must not be freed here if ret != (size_t)(-1). Concerning the
caller:
if (Charset && (chs || SendCharset) &&
convert_file_from_to (fp, fchs, chs ? chs : SendCharset,
&fromcode, &tocode, info) != (size_t)(-1))
{
if (!chs)
{
mutt_canonical_charset (chsbuf, sizeof (chsbuf), tocode);
mutt_set_parameter ("charset", chsbuf, &b->parameter);
}
b->charset = fromcode;
FREE (&tocode);
safe_fclose (&fp);
return info;
}
If the "if" condition is not satisfied, everything is OK (fcode was
freed if convert_file_from_to returned -1). But due to the
b->charset = fromcode;
the string still must not be freed here. But what if b->charset
contained an old charset string before the assignment? Should this
old string be freed? Or could it be referenced several times?
One should probably check all the (BODY *)->charset occurrences...
--
Vincent Lefèvre <vincent@xxxxxxxxxx> - Web: <http://www.vinc17.org/>
100% accessible validated (X)HTML - Blog: <http://www.vinc17.org/blog/>
Work: CR INRIA - computer arithmetic / Arenaire project (LIP, ENS-Lyon)