Fix tiny memory leak upon edge case connecting to proxy #1255
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
[cURL][CID 11121] Possible tiny memory leak upon edge case connecting to proxy.
Bug found directly in source code by Coverity Connect bug-finding tool.
This is out-of-context, unusual approach. I cannot tell how serious the bug is when running the program. In any case, it purports to only leak a 1-byte '\0' NUL string terminator.
Low priority. In my opinion, this is not worth any release activity. If your org does fix it, perhaps it could go out with some more important change?
In curl-7.52.1/lib/http_proxy.c Coverity says:
221 if(!Curl_checkProxyheaders(conn, "Host:")) {
13. alloc_fn: Storage is returned from allocation function curl_maprintf. [show details]
14. var_assign: Assigning: host = storage returned from curl_maprintf("Host: %s\r\n", hostheader).
222 host = aprintf("Host: %s\r\n", hostheader);
...
21. Condition host, taking true branch
22. Condition *host, taking false branch
251 if(host && *host)
252 free(host);
...
CID 11121 (#1 of 2): Resource leak (RESOURCE_LEAK)27. leaked_storage: Variable host going out of scope leaks the storage it points to.
272 }
An empty string containing only the 1-byte
'\0' NUL string terminator can be returned at
13. alloc_fn: Storage is returned from allocation function curl_maprintf. [show details]
14. var_assign: Assigning: host = storage returned from curl_maprintf("Host: %s\r\n", hostheader).
222 host = aprintf("Host: %s\r\n", hostheader);
via curl_maprintf at
curl-7.52.1/lib/mprintf.c:#L1100 return strdup("");
Remove ' && *host' from #L251 above? That would let it free an empty string.
Let me know if I should find an example run of the program which reproduces the problem.