From d09eefb827d2209a0669345e34b2fcc8558247e5 Mon Sep 17 00:00:00 2001
From: Oliver Jowett <oliver@mutability.co.uk>
Date: Sun, 7 Dec 2014 14:05:24 +0000
Subject: [PATCH] Fix a memory leak from use of realpath() in HTTP request
 processing.

realpath() returns a heap-allocated buffer if given NULL for the destination buffer.
This must be freed by the caller; dump1090 does not do this.

Instead of worrying about freeing it, take the simpler approach of just providing a
stack-allocated destination buffer.
---
 dump1090.h |  1 +
 net_io.c   | 12 +++++++-----
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/dump1090.h b/dump1090.h
index 9ad4de0..eea553b 100644
--- a/dump1090.h
+++ b/dump1090.h
@@ -57,6 +57,7 @@
     #include <ctype.h>
     #include <sys/stat.h>
     #include <sys/ioctl.h>
+    #include <limits.h>
     #include "rtl-sdr.h"
     #include "anet.h"
 #else
diff --git a/net_io.c b/net_io.c
index a979883..c73232d 100644
--- a/net_io.c
+++ b/net_io.c
@@ -762,14 +762,16 @@ int handleHTTPRequest(struct client *c, char *p) {
     } else {
         struct stat sbuf;
         int fd = -1;
-        char *rp, *hrp;
+        char rp[PATH_MAX], hrp[PATH_MAX];
+
+        if (!realpath(getFile, rp))
+            rp[0] = 0;
+        if (!realpath(HTMLPATH, hrp))
+            strcpy(hrp, HTMLPATH);
 
-        rp = realpath(getFile, NULL);
-        hrp = realpath(HTMLPATH, NULL);
-        hrp = (hrp ? hrp : HTMLPATH);
         clen = -1;
         content = strdup("Server error occured");
-        if (rp && (!strncmp(hrp, rp, strlen(hrp)))) {
+        if (!strncmp(hrp, rp, strlen(hrp))) {
             if (stat(getFile, &sbuf) != -1 && (fd = open(getFile, O_RDONLY)) != -1) {
                 content = (char *) realloc(content, sbuf.st_size);
                 if (read(fd, content, sbuf.st_size) != -1) {