Memory leak from strdup when proxy is enabled

[vikivivi]

It seem there is a memory leak when using strdup(), the memory is not free.

https://github.com/twekkel/htpdate/blob/master/htpdate.c#L831

• You might want to perform some checking using clang in Ubuntu 22.04.

$ wget https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.2/clang+llvm-17.0.2-x86_64-linux-gnu-ubuntu-22.04.tar.xz
$ sudo mkdir -p /opt/llvm
$ sudo tar -C /opt/llvm --no-same-owner --owner=root --group=root -xvf clang+llvm-17.0.2-x86_64-linux-gnu-ubuntu-22.04.tar.xz
$ sudo ln -sfn "clang+llvm-17.0.2-x86_64-linux-gnu-ubuntu-22.04" /opt/llvm/clang
$ rm -f clang+llvm-17.0.2-x86_64-linux-gnu-ubuntu-22.04.tar.xz

• Perform scan-build check

$ /opt/llvm/clang/bin/scan-build -o ${PWD}/static-analysis/htpdate -k -stats -internal-stats -analyze-headers -maxloop 25 -enable-checker security.FloatLoopCounter -enable-checker security.insecureAPI.DeprecatedOrUnsafeBufferHandling make CC=clang clean https

• View the html report using /opt/llvm/clang/bin/scan-view or web browser in directory static-analysis/htpdate

[twekkel]

Thanks for taking the time to investigate. I'm aware of it, but there is no real leak... let me explain. The proxy setting (=strdup) is a one-time thing and is needed as long as the program is running. Freeing before the program terminates is not possible. So the tooling is right, the strdup() doesn't have a corresponding free(), but then again it is not possible either.

To satisfy tooling (I used Valgrind in the past), you can scan the NoLeak branch. If you look at the changes I made, you will also see that the "fix" is pointless.