From 0bfddfc9444ed6154da7e70bae6a1b4809b88c93 Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Wed, 31 Jul 2019 11:43:59 +0200 Subject: iconv: Revert steps array reference counting changes The changes introduce a memory leak for gconv steps arrays whose first element is an internal conversion, which has a fixed reference count which is not decremented. As a result, after the change in commit 50ce3eae5ba304650459d4441d7d246a7cefc26f, the steps array is never freed, resulting in an unbounded memory leak. This reverts commit 50ce3eae5ba304650459d4441d7d246a7cefc26f ("gconv: Check reference count in __gconv_release_cache [BZ #24677]") and commit 7e740ab2e7be7d83b75513aa406e0b10875f7f9c ("libio: Fix gconv-related memory leak [BZ #24583]"). It reintroduces bug 24583. (Bug 24677 was just a regression caused by the second commit.) --- iconv/gconv_cache.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) (limited to 'iconv') diff --git a/iconv/gconv_cache.c b/iconv/gconv_cache.c index 4db7287cee..9a456bf825 100644 --- a/iconv/gconv_cache.c +++ b/iconv/gconv_cache.c @@ -446,12 +446,9 @@ __gconv_lookup_cache (const char *toset, const char *fromset, void __gconv_release_cache (struct __gconv_step *steps, size_t nsteps) { - /* The only thing we have to deallocate is the record with the - steps. But do not do this if the reference counter is still - positive. This can happen if the steps array was cloned by - __wcsmbs_clone_conv. (The array elements have separate __counter - fields, but they are only out of sync temporarily.) */ - if (gconv_cache != NULL && steps->__counter == 0) + if (gconv_cache != NULL) + /* The only thing we have to deallocate is the record with the + steps. */ free (steps); } -- cgit v1.2.3-70-g09d2