[165] in Zephyr_Bugs
[marc@ATHENA.MIT.EDU: rt 7.1H: zephyr library ZNewLocateUser]
daemon@ATHENA.MIT.EDU (Jonathan I. Kamens)
Mon Nov 26 03:47:42 1990
Date: Mon, 26 Nov 90 03:47:25 -0500
From: "Jonathan I. Kamens" <jik@pit-manager.MIT.EDU>
To: bug-zephyr@ATHENA.MIT.EDU
----- Forwarded message
To: bugs@ATHENA.MIT.EDU
Subject: rt 7.1H: zephyr library ZNewLocateUser
Date: Sun, 25 Nov 90 01:16:40 EST
From: Marc Horowitz <marc@ATHENA.MIT.EDU>
System name: bill-the-cat
Type and version: RTPC-ROMPC 7.1H
Display type: apa16
What were you trying to do?
Write a program which doesn't spill memory all over the place
What's wrong:
ZNewLocateUser (called by ZLocateUser) has a memory leak.
When you locate a user, a packet containing the request is sent to the
server, and two packets come back: and ack and the answer containing
the locations. However, the memory holding the ack packet is not
free'd by calling ZFreeNotice on the ack packet. This results in
about 1/2 K being lost for each zlocate. Also, if the library runs
out of memory parsing the packet, it is not free'd properly.
Note: A similar memory leak was fixed in ZRetrieveSubscriptions in
6/88. It's been a while since then.
What should have happened:
*** /mit/zephyr/src/lib/ZNewLocateUser.c Tue May 15 08:25:42 1990
--- /tmp/ZNewLocateUser.c Sun Nov 25 01:03:37 1990
***************
*** 104,109 ****
--- 104,110 ----
if (retnotice.z_kind == SERVACK &&
!strcmp(retnotice.z_opcode,LOCATE_LOCATE)) {
ack = 1;
+ ZFreeNotice(&retnotice);
continue;
}
***************
*** 125,147 ****
__locate_list = (ZLocations_t *)malloc((unsigned)__locate_num*
sizeof(ZLocations_t));
! if (!__locate_list)
return (ENOMEM);
for (ptr=retnotice.z_message, i=0;i<__locate_num;i++) {
__locate_list[i].host = malloc((unsigned)strlen(ptr)+1);
! if (!__locate_list[i].host)
return (ENOMEM);
(void) strcpy(__locate_list[i].host, ptr);
ptr += strlen(ptr)+1;
__locate_list[i].time = malloc((unsigned)strlen(ptr)+1);
! if (!__locate_list[i].time)
return (ENOMEM);
(void) strcpy(__locate_list[i].time, ptr);
ptr += strlen(ptr)+1;
__locate_list[i].tty = malloc((unsigned)strlen(ptr)+1);
! if (!__locate_list[i].tty)
return (ENOMEM);
(void) strcpy(__locate_list[i].tty, ptr);
ptr += strlen(ptr)+1;
}
--- 126,156 ----
__locate_list = (ZLocations_t *)malloc((unsigned)__locate_num*
sizeof(ZLocations_t));
! if (!__locate_list) {
! ZFreeNotice(&retnotice);
return (ENOMEM);
+ }
for (ptr=retnotice.z_message, i=0;i<__locate_num;i++) {
__locate_list[i].host = malloc((unsigned)strlen(ptr)+1);
! if (!__locate_list[i].host) {
! ZFreeNotice(&retnotice);
return (ENOMEM);
+ }
(void) strcpy(__locate_list[i].host, ptr);
ptr += strlen(ptr)+1;
__locate_list[i].time = malloc((unsigned)strlen(ptr)+1);
! if (!__locate_list[i].time) {
! ZFreeNotice(&retnotice);
return (ENOMEM);
+ }
(void) strcpy(__locate_list[i].time, ptr);
ptr += strlen(ptr)+1;
__locate_list[i].tty = malloc((unsigned)strlen(ptr)+1);
! if (!__locate_list[i].tty) {
! ZFreeNotice(&retnotice);
return (ENOMEM);
+ }
(void) strcpy(__locate_list[i].tty, ptr);
ptr += strlen(ptr)+1;
}
Please describe any relevant documentation references:
Zephyr Programmer's Manual
----- End of forwarded message
