Hi all,
Sentry (our static analyzer) picked up a minor memory leak in curl
recently, in md5.c's Curl_MD5_init():
MD5_context* ctxt;
/* Create MD5 context */
ctxt = malloc(sizeof *ctxt);
if(!ctxt)
return ctxt;
ctxt->md5_hashctx = malloc(md5params->md5_ctxtsize);
if(!ctxt->md5_hashctx)
return ctxt->md5_hashctx; // Error: ctxt leaked
Admittedly it's a rare condition that malloc would fail here, but you
may want to free(ctxt) before returning. (Also, it's a little strange
to return ctxt->md5_hashctx instead of simply NULL.)
Introduced here:
https://github.com/bagder/curl/commit/004d725
Best,
Mike
--
Mike Mueller
Phone: (401) 405-1525
Email: [email protected]
http://www.vigilantsw.com/
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
