memory leaks in bufr_seek_msg_start()

Any attempt to read an invalid BUFR message will cause the function to return without freeing the allocated memory first.

Here is the Bug report from Dan Shea:

Vanh or Chris, I was performing some tests on my libncawos. If I pass a char

BUFR to be read by bufr_memread_message that does not have "BUFR" in it, I get a memory leak of 65 bytes. The str below is allocated 65 bytes, but may not be freed if a return -1 is issued under it.

static int bufr_seek_msg_start( bufr_read_callback readcb, void *cd, char *tagstr ) { unsigned char c; int notfound=1; char str; int i, tagsize;

tagsize = 64; str = (char )malloc( (tagsize+1) sizeof(char) ); i = 0;

    if( bufr_read_octet( readcb, cd, &c ) != 1 ) return -1;

if ( c != '\004' ) append_char_to_string( &str, &tagsize, &i, c ); while ( notfound ) { while ( (c != 'B') ) { if( bufr_read_octet( readcb, cd, &c ) != 1 ) return - 1;

What valgrind is reporting.

==21330== 65 bytes in 1 blocks are definitely lost in loss record 1 of 1 ==21330== at 0x401C38B: malloc (vg_replace_malloc.c:149) ==21330== by 0x4033375: bufr_seek_msg_start (in /home/shead/ncawosBufrDecoder/lib/libecbufr.so.0.7.3) ==21330== by 0x403377A: bufr_callback_read_message (in /home/shead/ncawosBufrDecoder/lib/libecbufr.so.0.7.3) ==21330== by 0x4034B18: bufr_memread_message (in /home/shead/ncawosBufrDecoder/lib/libecbufr.so.0.7.3) ==21330== by 0x804AC9B: getMessage (ParseBufr.c:172) ==21330== by 0x804D90C: bufrDecode (BufrDecoder.c:59) ==21330== by 0x804A60F: main (testDecoder.c:73)

Imported from Launchpad using lp2gh.

date created: 2009-05-01T20:38:51Z
owner: vanh-souvanlasy
assignee: vanh-souvanlasy
the launchpad url was https://bugs.launchpad.net/bugs/370543

ECCC-MSC / libecbufr

memory leaks in bufr_seek_msg_start() #26