Integrated: JDK-8261791: (sctp) handleSendFailed in SctpChannelImpl.c potential leaks
Matthias Baesken
mbaesken at openjdk.java.net
Wed Feb 17 13:52:40 UTC 2021
On Tue, 16 Feb 2021 12:26:54 GMT, Matthias Baesken <mbaesken at openjdk.org> wrote:
> In another bug this question from me was answered by Alan Bateman :
>
> Btw. while adjusting Java_sun_nio_ch_sctp_SctpChannelImpl_receive0 , I started to wonder what happens to the allocated memory in the same file in handleSendFailed ( if ((addressP = malloc(dataLength)) == NULL) ) in early return cases incl. the CHECK_NULL , is there some deallocation missing there too ?
>
>
> Yes, the error paths in handleSendFailed should be looked at. If NewDirectByteBuffer or recvmsg fails then addressP needs to be freed. Furthermore, if the NewObject fails and bufferObj != NULL then the memory for the direct buffer will need to be freed too (as JNI NewDirectByteBuffer does not setup a cleaner).
>
>
> So I added freeing of the malloced memory to handleSendFailed .
> Please review !
>
> Thanks, Matthias
This pull request has now been integrated.
Changeset: a0658795
Author: Matthias Baesken <mbaesken at openjdk.org>
URL: https://git.openjdk.java.net/jdk/commit/a0658795
Stats: 10 lines in 1 file changed: 8 ins; 0 del; 2 mod
8261791: (sctp) handleSendFailed in SctpChannelImpl.c potential leaks
Reviewed-by: chegar, alanb
-------------
PR: https://git.openjdk.java.net/jdk/pull/2586
More information about the security-dev
mailing list