#1111 closed defect (fixed)
BUG: C API: ownership of passed-in geometry not always transferred prior to exception
Reported by: | Brendan Ward | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | 3.10.0 |
Component: | Default | Version: | 3.9.0 |
Severity: | Unassigned | Keywords: | |
Cc: |
Description
In general, the create* functions that take other geometries as inputs (e.g., GEOSGeom_createPolygon_r) and take ownership of the passed-in geometries on success are supposed to clean them up on failure.
However, in exception cases (which return NULL for the geometry to be created), this isn't handled consistently, which can lead to memory leaks because the caller assumes that those geometries are automatically cleaned up on failure. For the cases where the ownership is transferred immediately, the caller will segfault if it tries to clean them up.
If the geometry inputs need to be validated before ultimately using them to construct the returned geometry, those should be destroyed before returning NULL.
I haven't done a full review of these create* functions, but GEOSGeom_createPolygon_r looks problematic.
It looks like ownership is transferred early for GEOSGeom_createLinearRing_r and GEOSGeom_createLineString_r, so those are probably OK.
(this was discussed a bit on IRC)
In 6839f11/git: