Calling init multiple times cause leak of PTHREAD_SELF.packet_data_ptr leaks if returning errors
/// Called only by the main thread, as part of relibc_start.
pub unsafe fn init() {
let obj = Box::into_raw(Box::new(Pthread {
waitval: Waitval::new(),
has_enabled_cancelation: AtomicBool::new(false),
has_queued_cancelation: AtomicBool::new(false),
flags: PthreadFlags::empty().bits().into(),
//index: FIRST_THREAD_IDX,
// TODO
stack_base: core::ptr::null_mut(),
stack_size: 0,
os_tid: UnsafeCell::new(Sys::current_os_tid()),
}));
PTHREAD_SELF.set(obj);
}
PTHREAD_SELF
is a static mutable variable and can be overwritten when mistakenly calling init
multiple times, causing memory leak.
It may be better to add guard inside the init
function.
https://gitlab.redox-os.org/redox-os/relibc/-/blob/master/src/header/netdb/lookup.rs#L71
https://gitlab.redox-os.org/redox-os/relibc/-/blob/master/src/header/netdb/lookup.rs#L182
packet_data_ptr
points to object on the heap through Box::into_raw(packet_data_box)
. The heap memory is leaked when the unsafe block in line 81 and line 195 returns an error.