[vulnerability] Mismatched free in CProducer
ChrisZhangJin opened this issue · comments
I found there is a mismatched free in CProducer, scanned by Valgrind.
valgrind report
here is the report sample,
==1570== Mismatched free() / delete / delete []
==1570== at 0x4C2B51D: operator delete(void*) (vg_replace_malloc.c:586)
==1570== by 0x1736BC86: DestroyProducer (in /usr/lib64/librocketmq.so)
... ....
==1570== Address 0xd1cfb10 is 0 bytes inside a block of size 256 alloc'd
==1570== at 0x4C2AC38: operator new[](unsigned long) (vg_replace_malloc.c:433)
==1570== by 0x1736B7F9: CreateProducer (in /usr/lib64/librocketmq.so)
... ....
the corresponding code
I checked the code, and found it was exactly mismatched for deleting a char array.
here is the new
while here is the delete
found version:
I just used 2.0.1 and 2.2.0, but both same with it.
It is a vulnerability, not a literally bug actually.
yes, it seems a memory leak. could you pls create a pr to fix it?
i'd love to, but i found it was fixed in master, here is the commit [6523dcc]