Wireshark-dev: [Wireshark-dev] [PATCH] mem leak in dissect_ip_tcp_options
From: Sebastien Tandel <sebastien@xxxxxxxxx>
Date: Sun, 14 Jan 2007 21:00:56 +0100
Hi all,


   I provide a patch for a memory leak in dissect_ip_tcp_options.
Each time a packet was dissected with dissect_ip_tcp_options, it
unconditionally allocated a chunk of memory of NAME_STR_LEN length which
should only occur when the option is unknown. (If there is a reason to
do that, would be useful to write a comment in the file.)



Regards,

Sebastien Tandel
Index: epan/dissectors/packet-ip.c
===================================================================
--- epan/dissectors/packet-ip.c	(révision 20426)
+++ epan/dissectors/packet-ip.c	(copie de travail)
@@ -691,12 +691,11 @@
   unsigned int      optlen;
   const char       *name;
 #define NAME_STR_LEN 7+1+1+2+2+1+1	/* "Unknown (0x%02x)" */
-  char             *name_str;
+  char             *name_str= NULL;
   void            (*dissect)(const struct ip_tcp_opt *, tvbuff_t *,
 				int, guint, packet_info *, proto_tree *);
   guint             len;
 
-  name_str=ep_alloc(NAME_STR_LEN);
   while (length > 0) {
     opt = tvb_get_guint8(tvb, offset);
     for (optp = &opttab[0]; optp < &opttab[nopts]; optp++) {
@@ -711,6 +710,7 @@
       optp = NULL;	/* indicate that we don't know this option */
       len_type = VARIABLE_LENGTH;
       optlen = 2;
+      name_str=ep_alloc(NAME_STR_LEN);
       g_snprintf(name_str, NAME_STR_LEN, "Unknown (0x%02x)", opt);
       name = name_str;
       dissect = NULL;