Hi,
On Wed, 1 Dec 2021, David Laight wrote:
From: busybox <[email protected]> On Behalf Of Ping Lee
Sent: 01 December 2021 01:42
It seems that I found a bug on busybox version 1.34.1:
In libbb/xfuncs_printf.c:50, malloc twice for archive_handle and
archive_hadle->fileheader with 184 and 72 bytes heap space.
Back to tar_main function, the two pointers(tar_handle,tar_handle->file_header)
hasn't been freed when return.
It can't matter it is a short-lived program that is going to exit.
It would only be a problem if the code were in a loop.
It can matter: consider large tar files on memory constrained devices.
tar may fail to complete correctly, due to running out of memory, and in
the process of running out of memory, may invoke the OOM killer in the
process, which might kill some other process.
Ariadne
_______________________________________________
busybox mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/busybox
