gpgme: potential minor memory leaks in tests under gpgme/test/gpg

Seiya Kawashima skawashima at uchicago.edu
Fri Jun 10 17:17:51 CEST 2016 

Hi,

I've been checking the test files under gpgme/tests/gpg. I cloned GPGME via git. The commit is 77d149e8614c381458e07808a7930ce3fb92cdc3 and the date is Wed Jun 8 18:06:24 2016 +0200. I might have found potential minor memory leaks in gpgme/tests/gpg/t-decrypt.c, gpgme/tests/gpg/t-import.c, gpgme/tests/gpg/t-thread1.c and gpgme/tests/gpg/t-decrypt-verify.c.

If they are not memory leaks or they are already fixed, please disregard the email.

It seems to me that all the leaks are caused by make_filename() in t-support.h:104. make_filename() allocates memory via malloc() in t-support.h:111 like

buf = malloc (strlen(srcdir) + strlen(fname) + 2);

but the memory is never freed in those tests.The file names are created in the tests as below.
./t-decrypt.c:46:  const char *cipher_1_asc = make_filename ("cipher-1.asc");
./t-import.c:217:  const char *pubkey_1_asc = make_filename ("pubkey-1.asc");
./t-import.c:218:  const char *seckey_1_asc = make_filename ("seckey-1.asc");
./t-thread1.c:97:  const char *cipher_1_asc = make_filename ("cipher-1.asc");
./t-decrypt-verify.c:104:  const char *cipher_2_asc = make_filename ("cipher-2.asc");

The corresponding free() seems to be needed. I've checked the source code of gpgme_data_new_from_filepart() and gpgme_data_new_from_file(). When the file name is dynamically allocated, the caller of gpgme_data_new_from_file() seems to be responsible for freeing the memory.

The small C code below simulates the memory leak.
#include <stdio.h>
#include <string.h>

#include <gpgme.h>
#include "t-support.h"

int
main (int argc, char *argv[])
{
  gpgme_error_t err;
  gpgme_data_t in;
  const char *cipher_1_asc = make_filename ("cipher-1.asc");

  err = gpgme_data_new_from_file (&in, cipher_1_asc, 1);
  fail_if_err (err);

  /* Need to free cipher_1_asc.
     Comment the below free() to cause a memory leak.
     Copy and paste the code into gpgme/tests/gpg.
     Compile the code like gcc -g t-make-filename.c -lgpgme.
     Run it with Valgrind like valgrind --leak-check=full ./a.out. */
  free((char *)cipher_1_asc);
  gpgme_data_release (in);
  return 0;
}

Keep up the great work.
Seiya

More information about the Gnupg-devel mailing list