#1069 Possible resource leak in get_uid_from_pid()
Closed: Fixed None Opened 9 years ago by sgallagh.

 57static errno_t get_uid_from_pid(const pid_t pid, uid_t *uid)
 58{
 59    int ret;
 60    char path[PATHLEN];
 61    struct stat stat_buf;
 62    int fd;
 63    char buf[BUFSIZE];
 64    char *p;
 65    char *e;
 66    char *endptr;
 67    uint32_t num=0;
 68    errno_t error;
 69
 70    ret = snprintf(path, PATHLEN, "/proc/%d/status", pid);
 71    if (ret < 0) {
 72        DEBUG(1, ("snprintf failed"));
 73        return EINVAL;
 74    } else if (ret >= PATHLEN) {
 75        DEBUG(1, ("path too long?!?!\n"));
 76        return EINVAL;
 77    }
 78
CID 11084: Resource leak (RESOURCE_LEAK)Calling opening function "open".
Assigning: "fd" = handle returned from "open(path, 0)".
 79    fd = open(path, O_RDONLY);
At conditional (1): "fd == -1" taking the false branch.
 80    if (fd == -1) {
 81        error = errno;
 82        if (error == ENOENT) {
 83            DEBUG(7, ("Proc file [%s] is not available anymore, continuing.\n",
 84                      path));
 85            return EOK;
 86        }
 87        DEBUG(1, ("open failed [%d][%s].\n", error, strerror(error)));
 88        return error;
 89    }
 90
Variable "fd" is not closed or saved in function "fstat".
 91    ret = fstat(fd, &stat_buf);
At conditional (2): "ret == -1" taking the true branch.
 92    if (ret == -1) {
 93        error = errno;
At conditional (3): "error == 2" taking the true branch.
 94        if (error == ENOENT) {
At conditional (4): "7 <= debug_level" taking the true branch.
At conditional (5): "debug_timestamps" taking the true branch.
 95            DEBUG(7, ("Proc file [%s] is not available anymore, continuing.\n",
 96                      path));
Handle variable "fd" going out of scope leaks the handle.
 97            return EOK;
 98        }
 99        DEBUG(1, ("fstat failed [%d][%s].\n", error, strerror(error)));
Handle variable "fd" going out of scope leaks the handle.
100        return error;
101    }
102
103    if (!S_ISREG(stat_buf.st_mode)) {
104        DEBUG(1, ("not a regular file\n"));
Handle variable "fd" going out of scope leaks the handle.
105        return EINVAL;
106    }
107
Variable "fd" is not closed or saved in function "read".
108    while ((ret = read(fd, buf, BUFSIZE)) != 0) {
109        if (ret == -1) {
110            error = errno;
111            if (error == EINTR || error == EAGAIN) {
112                continue;
113            }
114            DEBUG(1, ("read failed [%d][%s].\n", error, strerror(error)));
Handle variable "fd" going out of scope leaks the handle.
115            return error;
116        }
117    }
118
119    ret = close(fd);

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.7.0

Fields changed

patch: 0 => 1
status: new => assigned

Fixed in: 21386a3

resolution: => fixed
status: assigned => closed

Fields changed

rhbz: => 0

Metadata Update from @sgallagh:
- Issue assigned to jzeleny
- Issue set to the milestone: SSSD 1.7.0

3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/2111

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata