search

confluentinc / libserdes

Avro Serialization/Deserialization C/C++ library with Confluent schema-registry support
Apache License 2.0
5 stars 64 forks source link

MemoryLeak in Schema::add #64

Open paul-bormans-pcgw opened 1 month ago

paul-bormans-pcgw commented 1 month ago

When using Schema::add to register a new schema, the library returns a pointer to the cached schema but it's wrapped in a SchemaImpl object. By returning the wrapper as a pointer the ownership lies with the caller, but when the caller tries to remove the wrapper object the inner schema is always removed as well leading to a crash:

*** glibc detected *** : double free or corruption (out): 0x00007f8c14008730 ***
*** glibc detected *** : corrupted double-linked list: 0x00007f8c14008700 ***
======= Backtrace: =========
/lib64/libc.so.6[0x381e275f3e]
/lib64/libc.so.6[0x381e278dd0]
/usr/lib64/libserdes.so.1(serdes_schema_destroy+0x25)[0x7f8c5b628c15]
/usr/lib64/libserdes++.so.1(_ZN6Serdes10SchemaImplD0Ev+0x2b)[0x7f8c5b422d9b]
???.so(_ZN5boost14checked_deleteIN6Serdes6SchemaEEEvPT_+0x2a)[0x7f8c5ed2472e]

The interface doesn't allow to detach the inner object either.

Allocation done here: https://github.com/confluentinc/libserdes/blob/master/src-cpp/Serdes.cpp#L176