AVRO-4246: [c] Fix memory leak on failed decoding#3732
AVRO-4246: [c] Fix memory leak on failed decoding#3732fabiocfabini wants to merge 3 commits intoapache:mainfrom
Conversation
| } | ||
| AVRO_READ(reader, *bytes, *len); | ||
| (*bytes)[*len] = '\0'; | ||
| AVRO_READ_OR_FREE(reader, *bytes, *len); |
There was a problem hiding this comment.
Thanks for this fix! I'm not a C expert, so I wanted to clarify the intended behaviour here. When read_bytes() (or read_string()) returns an error, what should callers expect to find in the *bytes or *s pointer? Will it be NULL because of macro expansion or not?
There was a problem hiding this comment.
Thank you for the feedback!
read_bytes() and read_string() are not part of the user API. They are called by the avro_value_read() which is part of the user API.
The stack frame goes like this: user frame -> avro_value_read() frame -> avro_read() frame.
avro_read dispatches to the proper read procedure depending on the inner type of the value being constructed. In the dispatch branches that relate to avro_bytes() and avro_read() these calls are wrapped inside a check_prefix (see read_bytes and read_string relevant source code lines) macro which short circuits in case of bad return code. On error, the pointers are not used.
So to answer your questions:
what should callers expect to find in the *bytes or *s pointer?: Given that the pointers are not used, they don't need to be in any specific state. However, assigning the pointers to NULL is standard.
Will it be NULL because of macro expansion or not?: Yes, in case of error the pointers are freed and set to NULL.
2 participants
What is the purpose of the change
This pull request fixes a memory leak issue with the C SDK. Internal allocated buffer is never released if decoding fails.
Verifying this change
This change added test
test_avro_4246.cthat:Documentation
No new features are added.