freeipa

Clone
Source Code
GIT

#3287 memory leaks in ipa-join --unenroll
Closed: fixed 5 years ago Opened 11 years ago by rcritten.

Closed: fixed
Reopen Issue

Martin discovered memory leaks in the unenroll function in ipa-client while reviewing ticket #3275. For starters the host, paramArrayP or argArrayP.

Additional leaks found by Coverity:

12454:

        3. Condition NULL == hostname, taking false branch
 962    if (NULL == hostname) {
 963        uname(&uinfo);
 964        host = strdup(uinfo.nodename);
 965    } else {
        4. returned_null: strdup returns null.
        5. var_assigned: Assigning: host = null return value from strdup.
 966        host = strdup(hostname);
 967    }
 968
        6. identity_transfer: Passing host as argument 1 to function strstr, which returns an offset off that argument.

CID 12454 (#2-3 of 4): Dereference null return value (NULL_RETURNS)
7. dereference: Dereferencing a pointer that might be null host when calling strstr.
 969    if (NULL == strstr(host, ".")) {
 970        fprintf(stderr, _("The hostname must be fully-qualified: %s\n"), host);
 971        rval = 16;
 972        goto cleanup;
 973    }

12456:

544ldap_done:
545
546    free(filter);
547    free(search_base);
548    free(ldap_base);
549
550    if (ld != NULL) {
551        ldap_unbind_ext(ld, NULL, NULL);
552    }
553
554done:
    8. Condition valresult, taking false branch
555    if (valresult) ber_bvfree(valresult);
    9. Condition oidresult, taking false branch
556    if (oidresult) free(oidresult);

CID 12456 (#1-2 of 2): Resource leak (RESOURCE_LEAK)
10. leaked_storage: Variable ldap_base going out of scope leaks the storage it points to.
557    return rval;
558}

12457:

849    krberr = krb5_cc_store_cred(krbctx, ccache, &creds);
    17. Condition krberr != 0, taking true branch
850    if (krberr != 0) {
    18. Condition !quiet, taking true branch
851        if (!quiet)
852            fprintf(stderr,
853                    _("Error storing creds in credential cache: %s.\n"),
854                    error_message(krberr));
    CID 12458 (2): Resource leak (RESOURCE_LEAK) [select issue]

CID 12457 (#3 of 3): Resource leak (RESOURCE_LEAK)
19. leaked_storage: Variable ipaserver going out of scope leaks the storage it points to.
855        return krberr;
856    }
857    krb5_cc_close(krbctx, ccache);
858    ccache = NULL;
859    putenv("KRB5CCNAME=MEMORY:ipa-join");
860

12458:

 913cleanup:
 914
 915    free(user_agent);
        13. Condition keytab, taking false branch
 916    if (keytab) krb5_kt_close(krbctx, keytab);
 917    free((char *)principal);
 918    free((char *)ipaserver);
        14. Condition princ, taking false branch
 919    if (princ) krb5_free_principal(krbctx, princ);
        15. Condition ccache, taking false branch
 920    if (ccache) krb5_cc_close(krbctx, ccache);
        16. Condition krbctx, taking true branch
 921    if (krbctx) krb5_free_context(krbctx);
 922
 923    free(url);
 924    xmlrpc_env_clean(&env);
 925    xmlrpc_client_cleanup();
 926

CID 12458 (#9-1 of 10): Resource leak (RESOURCE_LEAK)
17. leaked_storage: Variable host going out of scope leaks the storage it points to.
 927    return rval;
 928}
 929

Metadata Update from @rcritten:
- Issue assigned to someone
- Issue set to the milestone: Ticket Backlog
7 years ago

I checked the code. The ldap_base, host and ipaserver are now properly freed.

Metadata Update from @cheimes:
- Issue close_status updated to: fixed
5 years ago

Login to comment on this ticket.

Metadata
None
None
None
normal
None
None
None
None
defect
None
None
IPA
None
0
easyfix
None
None
None
0
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.