[bigint] Potential Leak in Big Integer Library

Matt McCutchen <matt at mattmccutchen.net>
Sun Mar 27 21:14:04 PDT 2011


On Wed, 2011-02-23 at 15:20 -0600, Rothwell, Chris wrote: 
> We are evaluating CodeSonar from Grammatech, a static code analysis
> tool. It found a potential leak in your library. This may not be a
> real issue, but I’m passing this on for you to evaluate. The attached
> file shows CodeSonar’s analysis. Note that this issue occurs in
> multiple places, all as a result of calling NumberLikeArray(). If you
> want to see the other cases, let me know.

[The analysis shows the "blk" array of the return-by-value temporary
from the call to BigInteger::operator % at BigIntegerAlgorithms.cc:48
being leaked.]

This is a false positive.  When "modinv" is finished with the temporary,
it will call the destructor, which will free the "blk" array.  It looks
like CodeSonar didn't model this aspect of the C++ language correctly.

I'm guessing the other occurrences have the same cause.  Since the
sample program achieves reasonably good coverage and executes under
valgrind without leaks, I'm not too worried about them.

-- 
Matt




More information about the bigint mailing list