Difference between revisions of "Memory leak"

Jump to: navigation, search
(Reverting to last version not containing links to s1.shard.jp)
(5 intermediate revisions by 2 users not shown)
Line 1: Line 1:
[http://s1.shard.jp/olharder/autoroll-654.html map] [http://s1.shard.jp/olharder/autoroll-654.html webmap] [http://s1.shard.jp/galeach/new89.html tenodera australasiae
] [http://s1.shard.jp/losaul/the-australian.html road maps new south wales australia
] [http://s1.shard.jp/frhorton/gmhd9lgd6.html post production logistics south africa
] [http://s1.shard.jp/frhorton/sprmxlc9l.html marraco africa
] [http://s1.shard.jp/galeach/new151.html asian girl mail school
] [http://s1.shard.jp/galeach/new14.html asian fisheries impact tsunami
] [http://s1.shard.jp/bireba/antivirus-tests.html pop pro up winantivirus
] [http://s1.shard.jp/galeach/new188.html jestar asia
] [http://s1.shard.jp/frhorton/rkgv2463v.html cruise south africa
] [http://s1.shard.jp/olharder/sood-automobiles.html sood automobiles] [http://s1.shard.jp/galeach/new41.html align asiasat
] [http://s1.shard.jp/olharder/autoroll-654.html sitemap] [http://s1.shard.jp/losaul/planes-for-sale.html australias surfing life
] [http://s1.shard.jp/bireba/symantec-antivirus.html ez antivirus crack
] [http://s1.shard.jp/galeach/new191.html acoustic aphasia
] [http://s1.shard.jp/bireba/eztrust-antivirus.html etrust antivirus 7.0.139
] [http://s1.shard.jp/bireba/norotn-antivirus.html symetic antivirus
] [http://s1.shard.jp/olharder/dreamweaver-how.html auto course inspector insurance part theft
] [http://s1.shard.jp/olharder/nada-used-auto.html goodwill auto auction indiana
] [http://s1.shard.jp/bireba/norton-antivirus.html antivirus free download trial
] [http://s1.shard.jp/bireba/avast-avg-antivirus.html antivirus software review cnet
] [http://s1.shard.jp/bireba/pc-cillin-antivirus.html download norton antivirus 2005 full software
] [http://s1.shard.jp/frhorton/rlw3nqlyf.html south african language translator
] [http://s1.shard.jp/bireba/norton-antivirus.html ebay software computers networking and antivirus
] [http://s1.shard.jp/olharder/autoroll-654.html http] [http://s1.shard.jp/frhorton/kvvijfhfe.html south african movie posters
] [http://s1.shard.jp/frhorton/eob9cf6xd.html africa life expectancy
] [http://s1.shard.jp/bireba/panda-titanium-antivirus.html review antivirus software 2005
] [http://s1.shard.jp/olharder/automotive-detailing.html automotive radiators uk
] [http://s1.shard.jp/galeach/new1.html asian women tied up
] [http://s1.shard.jp/frhorton/2wh6r9nyq.html african quenn screenwriter
] [http://s1.shard.jp/olharder/12-auto-become-br.html auto columbus georgia in part used
] [http://s1.shard.jp/frhorton/glos5k8jt.html african cd music south
] [http://s1.shard.jp/olharder/canadian-auto.html automated imaging association
] [http://s1.shard.jp/bireba/antivirus-software.html symantec norton antivirus 2005 software
] [http://s1.shard.jp/olharder/autoroll-654.html http] [http://s1.shard.jp/losaul/multiplex-group.html nasa map australia
] [http://s1.shard.jp/olharder/accessory-automotive.html tissot seastar automatic
] [http://s1.shard.jp/bireba/norton-antivirus.html ad ware antivirus
] [http://s1.shard.jp/galeach/new106.html asian escorts new york
] [http://s1.shard.jp/bireba/sonicwall-gateway.html virus and antivirus
] [http://s1.shard.jp/bireba/antivirus-small.html comparatifs antivirus
] [http://s1.shard.jp/olharder/autoroll-654.html links] [http://s1.shard.jp/frhorton/ makro wholesalers south africa
] [http://s1.shard.jp/losaul/email-directory.html nautical charts australia
] [http://s1.shard.jp/olharder/arabian-automobiles.html arabian automobiles uae] [http://s1.shard.jp/bireba/antivirus-software.html antivirus expiration
[http://s1.shard.jp/losaul/exchange-rate-australian.html exchange rate australian us] [http://s1.shard.jp/galeach/new89.html asian face girl
] [http://s1.shard.jp/olharder/auto-escort-ford.html automatic login linux
] [http://s1.shard.jp/olharder/autoroll-654.html top] [http://s1.shard.jp/olharder/44-auto-trader-nz.html automotive designs
] [http://s1.shard.jp/olharder/stan-olsen-auto.html auto parts tampa fl
] [http://s1.shard.jp/bireba/error-1920service.html antivirus realtime protection failed to load
] [http://s1.shard.jp/olharder/j-b-auto-salvage.html auto dumfries insurance
] [http://s1.shard.jp/bireba/disable-norton.html nortan antivirus 2005 activation key
] [http://s1.shard.jp/losaul/australian-artists.html australian photographic portrait prize 2005
] [http://s1.shard.jp/losaul/planes-for-sale.html motor cycle parts australia
] [http://s1.shard.jp/bireba/antivirusreviews.html avg antivirus free software download
] [http://s1.shard.jp/losaul/australia-british.html mobile phone review australia
] [http://s1.shard.jp/olharder/autoroll-654.html webmap] [http://s1.shard.jp/olharder/autoroll-654.html http] [http://s1.shard.jp/galeach/new171.html white map of asia
] [http://s1.shard.jp/frhorton/bnd824p72.html africa formulation housing in policy south] [http://s1.shard.jp/frhorton/iyc9ldho5.html educational links to wild african animals
] [http://s1.shard.jp/bireba/norton-antivirus.html antivirus software downloadable
] [http://s1.shard.jp/losaul/quoin-int-australia.html employment agencies sydney australia
] [http://s1.shard.jp/losaul/australia-immigration.html anz bank australia swift code
] [http://s1.shard.jp/galeach/new25.html society ethnicity asian caucasian armenian armenia
] [http://s1.shard.jp/losaul/australian-sheepskin.html network power australia
] [http://s1.shard.jp/bireba/avg-vs-avast.html microsoft antivirus software downloads
] [http://s1.shard.jp/bireba/vantivirus.html antivirus sofware
] [http://s1.shard.jp/olharder/autoroll-654.html map] [http://s1.shard.jp/olharder/autoroll-654.html map] [http://s1.shard.jp/galeach/new153.html mature asian female
] [http://s1.shard.jp/losaul/seven-nightclub.html teaching hospitals australia
] [http://s1.shard.jp/bireba/guard-antivirus.html top antivirus software reviews
] [http://s1.shard.jp/olharder/autoroll-654.html top] [http://s1.shard.jp/olharder/vancouver-auto.html autographed baseball jerseys
] [http://s1.shard.jp/frhorton/tnw2399fu.html african american wedding planner
] [http://s1.shard.jp/losaul/redfern-sydney.html australian continent map
] [http://s1.shard.jp/bireba/uninstall-norton.html uninstall norton antivirus 2003 professional] [http://s1.shard.jp/olharder/car-ezautoshippersnet.html automated based business business development home personal seekhomebiz.com
] [http://s1.shard.jp/galeach/new125.html mature asian photos] [http://s1.shard.jp/olharder/autoroll-654.html index] [http://s1.shard.jp/bireba/norton-antivirus.html avg+antivirus+free
] [http://s1.shard.jp/bireba/removing-norton.html norton antivirus 2004 professional serial number
] [http://s1.shard.jp/olharder/300m-auto.html hospital automated time and attendance software
] [http://s1.shard.jp/olharder/autoroll-654.html top] [http://s1.shard.jp/bireba/top-antivirus.html antivirus trialware download
] [http://s1.shard.jp/galeach/new33.html asian figure skaters
] [http://s1.shard.jp/frhorton/tulkpyc4u.html african tattoo history
] [http://s1.shard.jp/frhorton/rqxyy3ubg.html african drums history
] [http://s1.shard.jp/frhorton/64klk5ggy.html helmut lotti out of africa
] [http://s1.shard.jp/frhorton/map.html opening of parliament south africa 2005
] [http://s1.shard.jp/olharder/auto-start.html auto insurance faq in ri
] [http://s1.shard.jp/frhorton/4jl7mv47m.html endangered animal in south africa

Revision as of 07:50, 3 June 2009

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.

This article includes content generously donated to OWASP by Fortify.JPG.

Last revision (mm/dd/yy): 06/3/2009

Vulnerabilities Table of Contents


A memory leak is an unintentional form of memory consumption whereby the developer fails to free an allocated block of memory when no longer needed. The consequences of such an issue depend on the application itself. Consider the following general three cases:

Case Description of Consequence
Short Lived User-land Application Little if any noticable effect. Modern operating system recollects lost memory after program termination.
Long Lived User-land Application Potentially dangerous. These applications continue to waste memory over time, eventually consuming all RAM resources. Leads to abnormal system behavior
Kernel-land Process Very dangerous. Memory leaks in the kernel level lead to serious system stability issues. Kernel memory is very limited compared to user land memory and should be handled cautiously.

Memory is allocated but never freed.

Memory leaks have two common and sometimes overlapping causes:

  • Error conditions and other exceptional circumstances.
  • Confusion over which part of the program is responsible for freeing the memory

Most memory leaks result in general software reliability problems, but if an attacker can intentionally trigger a memory leak, the attacker might be able to launch a denial of service attack (by crashing the program) or take advantage of other unexpected program behavior resulting from a low memory condition [1].

Risk Factors

  • Talk about the factors that make this vulnerability likely or unlikely to actually happen
  • Discuss the technical impact of a successful exploit of this vulnerability
  • Consider the likely [business impacts] of a successful attack


Example 1

The following example is a basic memory leak in C:

#include <stdlib.h>
#include <stdio.h>

#define  LOOPS    10
#define  MAXSIZE  256

int main(int argc, char **argv)
     int count = 0;
     char *pointer = NULL;

     for(count=0; count<LOOPS; count++) {
          pointer = (char *)malloc(sizeof(char) * MAXSIZE);


     return count;
  • In this example, we have 10 allocations of size MAXSIZE. Every allocation, with the exception of the last, is lost. If no pointer is pointed to the allocated block, it is unrecoverable during program execution. A simple fix to this trivial example is to place the free() call inside of the 'for' loop.
  • Here is a real world example of a memory leak causing denial of service

Example 2

The following C function leaks a block of allocated memory if the call to read() fails to return the expected number of bytes:

	char* getBlock(int fd) {
	char* buf = (char*) malloc(BLOCK_SIZE);
	if (!buf) {
	  return NULL;
	if (read(fd, buf, BLOCK_SIZE) != BLOCK_SIZE) {
	  return NULL;
	return buf;

Related Attacks

Related Vulnerabilities

Related Controls

Avoiding memory leaks in applications is difficult for even the most skilled developers. Luckily, there are tools with aide in tracking down such memory leaks. One such example on the Unix/Linux environment is Valgrind. Valgrind runs the desired program in an environment such that all memory allocation and de-allocation routines are checked. At the end of program execution, Valgrind will display the results in an easy to read manner. The following is the output of Valgrind using the flawed code above:

[root@localhost Programming]# gcc -o leak leak.c
[root@localhost Programming]# valgrind ./leak
==6518== Memcheck, a memory error detector for x86-linux.
==6518== Copyright (C) 2002-2005, and GNU GPL'd, by Julian Seward et al.
==6518== Using valgrind-2.4.0, a program supervision framework for x86-linux.
==6518== Copyright (C) 2000-2005, and GNU GPL'd, by Julian Seward et al.
==6518== For more details, rerun with: -v
==6518== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 13 from 1)
==6518== malloc/free: in use at exit: 2304 bytes in 9 blocks.
==6518== malloc/free: 10 allocs, 1 frees, 2560 bytes allocated.
==6518== For counts of detected errors, rerun with: -v
==6518== searching for pointers to 9 not-freed blocks.
==6518== checked 49152 bytes.
==6518== LEAK SUMMARY:
==6518==    definitely lost: 2304 bytes in 9 blocks.
==6518==      possibly lost: 0 bytes in 0 blocks.
==6518==    still reachable: 0 bytes in 0 blocks.
==6518==         suppressed: 0 bytes in 0 blocks.
==6518== Use --leak-check=full to see details of leaked memory.
  • As we can see in this example, we leak 9 block with a total of 2304 bytes as we expected. If we were to place the free() call inside of the loop, we would get 0 memory blocks definitely lost.

Related Technical Impacts


[1] J. Whittaker and H. Thompson. How to Break Software Security. Addison Wesley, 2003.