From e5304598f1481886f9871cc024cb65ba34aa4be3 Mon Sep 17 00:00:00 2001 From: Jakub Jelinek Date: Tue, 9 Feb 2021 12:29:32 +0100 Subject: [PATCH] calls: Fix a memory leak in maybe_warn_rdwr_sizes [PR99004] The print_generic_expr_to_str function ends with return xstrdup (...); and therefore expects the caller to free the argument. The following patch does that after it has been copied. Instead of doing const_cast to cast away const char * to char *, because the code uses s0 and s1 in so few places, I chose just to change the types of the two variables so that const_cast is not needed. After all, it is a heap allocated string that this function owns and so if it wanted, it could change it too. 2021-02-09 Jakub Jelinek PR middle-end/99004 * calls.c (maybe_warn_rdwr_sizes): Change s0 and s1 type from const char * to char * and free those pointers after use. --- gcc/calls.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/gcc/calls.c b/gcc/calls.c index 354adc606c2..1fea022ad8a 100644 --- a/gcc/calls.c +++ b/gcc/calls.c @@ -2032,7 +2032,7 @@ maybe_warn_rdwr_sizes (rdwr_map *rwm, tree fndecl, tree fntype, tree exp) tree sizrng[2] = { size_zero_node, build_all_ones_cst (sizetype) }; if (get_size_range (access_size, sizrng, true)) { - const char *s0 = print_generic_expr_to_str (sizrng[0]); + char *s0 = print_generic_expr_to_str (sizrng[0]); if (tree_int_cst_equal (sizrng[0], sizrng[1])) { gcc_checking_assert (strlen (s0) < sizeof sizstr); @@ -2040,11 +2040,13 @@ maybe_warn_rdwr_sizes (rdwr_map *rwm, tree fndecl, tree fntype, tree exp) } else { - const char *s1 = print_generic_expr_to_str (sizrng[1]); + char *s1 = print_generic_expr_to_str (sizrng[1]); gcc_checking_assert (strlen (s0) + strlen (s1) < sizeof sizstr - 4); sprintf (sizstr, "[%s, %s]", s0, s1); + free (s1); } + free (s0); } else *sizstr = '\0'; -- 2.30.2