Package: libtar0
Version: 1.2.20-8+b1
Severity: normal
Dear Maintainer,
calling tar_open() for a non-existent file produces a memory leak.
E.g. the following trivial code
--8<-------------------------------------------------------------------------
#include <stddef.h>
#include <fcntl.h>
#include <libtar.h>
int main()
{
TAR *tar;
int open_res;
open_res = tar_open(&tar, "/this/file/does/not/exist", NULL, O_RDONLY,
0, TAR_GNU);
if (open_res == 0) {
tar_close(tar);
}
return 0;
}
--8<-------------------------------------------------------------------------
produces the Valgind output:
--8<-------------------------------------------------------------------------
test@buster:~/libtar_memleak$ valgrind --leak-check=full ./libtar-memleak
==2643== Memcheck, a memory error detector
==2643== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==2643== Using Valgrind-3.14.0 and LibVEX; rerun with -h for copyright info
==2643== Command: ./libtar-memleak
==2643==
==2643==
==2643== HEAP SUMMARY:
==2643== in use at exit: 2,080 bytes in 2 blocks
==2643== total heap usage: 3 allocs, 1 frees, 2,656 bytes allocated
==2643==
==2643== 2,080 (32 direct, 2,048 indirect) bytes in 1 blocks are definitely
lost in loss record 2 of 2
==2643== at 0x4837B65: calloc (vg_replace_malloc.c:752)
==2643== by 0x4861B97: libtar_hash_new (in
/usr/lib/x86_64-linux-gnu/libtar.so.0.0.0)
==2643== by 0x48619A0: ??? (in /usr/lib/x86_64-linux-gnu/libtar.so.0.0.0)
==2643== by 0x48619FD: tar_open (in
/usr/lib/x86_64-linux-gnu/libtar.so.0.0.0)
==2643== by 0x10916F: main (libtar-memleak.c:10)
==2643==
==2643== LEAK SUMMARY:
==2643== definitely lost: 32 bytes in 1 blocks
==2643== indirectly lost: 2,048 bytes in 1 blocks
==2643== possibly lost: 0 bytes in 0 blocks
==2643== still reachable: 0 bytes in 0 blocks
==2643== suppressed: 0 bytes in 0 blocks
==2643==
==2643== For counts of detected and suppressed errors, rerun with: -v
==2643== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
--8<-------------------------------------------------------------------------
It appears that the patch
<https://repo.or.cz/libtar.git/commit/36629a41208375f5105427e98078127551692028>
which does fix /exactly/ this issue is missing.
-- System Information:
Debian Release: 10.3
APT prefers stable-debug
APT policy: (500, 'stable-debug'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-8-amd64 (SMP w/2 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8),
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages libtar0 depends on:
ii libc6 2.28-10
libtar0 recommends no packages.
libtar0 suggests no packages.
-- no debconf information