CRITICAL: Memory leak in secure_exec strdup calls allows DoS attacks

[krystophny]

CRITICAL SECURITY DEFECT: Memory Leak Denial of Service

The supposedly secure replacement for execute_command_line contains CRITICAL memory leaks that enable denial of service attacks.

Vulnerable Code (fortplot_secure_exec.c:141-146, 347-350):

exec_argv[argc++] = strdup(program);
if (argv) {
    for (int i = 0; argv[i] && argc < MAX_ARGS - 1; i++) {
        exec_argv[argc++] = strdup(argv[i]);  // NEVER FREED
    }
}

Security Impact:

• Memory exhaustion attacks under high load
• System DoS through memory leaks
• Resource starvation in production environments
• Complete system freeze possible with repeated calls

Root Cause:
In child processes, strdup() allocates memory that is NEVER freed before execvp() replaces the process. While normally acceptable, this creates attack vector for memory exhaustion.

Attack Vector:
Attacker can trigger repeated FFmpeg operations to exhaust system memory through accumulated leaks.

Fix Required:
Use static buffers or implement proper cleanup before execvp() call.

Component: Security, Memory Management, C Code
Severity: CRITICAL - DoS attacks possible

[krystophny]

Consolidated into comprehensive security response Issue #946 - Memory leak vulnerability is part of unified security hardening approach addressing all memory safety vulnerabilities systematically