Tar component in busybox version 1.34.1 has a memory leak bug when trying to unpack a tar file.
David Laight
David.Laight at ACULAB.COM
Wed Dec 1 09:22:55 UTC 2021
From: busybox <busybox-bounces at busybox.net> On Behalf Of Ping Lee
> Sent: 01 December 2021 01:42
> It seems that I found a bug on busybox version 1.34.1:
> In libbb/xfuncs_printf.c:50, malloc twice for archive_handle and archive_hadle->fileheader with 184 and 72 bytes heap space.
> Back to tar_main function, the two pointers(tar_handle,tar_handle->file_header) hasn't been freed when return.
It can't matter it is a short-lived program that is going to exit.
It would only be a problem if the code were in a loop.
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
More information about the busybox
mailing list