This is an automated email from the git hooks/post-receive script. guillem pushed a commit to branch main in repository dpkg.
View the commit online: https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=740b5c881accb6c0dcc5c442a8d1ad06324735a3 commit 740b5c881accb6c0dcc5c442a8d1ad06324735a3 Author: Guillem Jover <[email protected]> AuthorDate: Sat Jul 8 19:10:20 2023 +0200 libdpkg: Fix varbuf memory leak in pkg_source_version() The function uses an intermediary varbuf to construct the string to then pass to parseversion() to parse which then uses the non-freeing allocator for any string it needs to preserve. We need to free that intermediate varbuf otherwise we leak it. Warned-by: gcc ASAN Stable-Candidate: 1.20.x 1.21.x --- lib/dpkg/pkg-show.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/dpkg/pkg-show.c b/lib/dpkg/pkg-show.c index c32a128d7..038343ce5 100644 --- a/lib/dpkg/pkg-show.c +++ b/lib/dpkg/pkg-show.c @@ -439,5 +439,7 @@ pkg_source_version(struct dpkg_version *version, if (parseversion(version, vb.buf, &err) < 0) ohshit(_("version '%s' has bad syntax: %s"), vb.buf, err.str); + + varbuf_destroy(&vb); } } -- Dpkg.Org's dpkg
