#9367 Covscan issues: Resource Leak
Closed: fixed 5 months ago by frenaud. Opened 2 years ago by rjeffman.

After running Covscan the following issues were found:

 2. freeipa-4.9.11/util/ipa_krb5.c:890: alloc_arg: "krb5_get_permitted_enctypes" allocates memory that is stored into "ktypes".
10. freeipa-4.9.11/util/ipa_krb5.c:901: leaked_storage: Variable "ktypes" going out of scope leaks the storage it points to.
#   899|           if (NULL == ksdata) {
#   900|               *err_msg = _("Out of memory!?\n");
#   901|->             return 0;
#   902|           }
#   903|   
 9. freeipa-4.9.11/daemons/ipa-otpd/forward.c:121: alloc_fn: Storage is returned from allocation function "krb5_get_error_message".
10. freeipa-4.9.11/daemons/ipa-otpd/forward.c:121: noescape: Resource "krb5_get_error_message(ctx.kctx, retval)" is not freed or pointed-to in "otpd_log_req_".
11. freeipa-4.9.11/daemons/ipa-otpd/forward.c:121: leaked_storage: Failing to save or free storage allocated by "krb5_get_error_message(ctx.kctx, retval)" leaks it.
#   119|   error:
#   120|       if (retval != 0)
#   121|->         otpd_log_req((*item)->req, "forward end: %s",
#   122|                   krb5_get_error_message(ctx.kctx, retval));
#   123|       return retval;
 4. freeipa-4.9.11/daemons/ipa-otpd/forward.c:46: alloc_fn: Storage is returned from allocation function "krb5_get_error_message".
5. freeipa-4.9.11/daemons/ipa-otpd/forward.c:46: noescape: Resource "(retval == 0) ? krad_code_num2name(code) : krb5_get_error_message(ctx.kctx, retval)" is not freed or pointed-to in "otpd_log_req_".
6. freeipa-4.9.11/daemons/ipa-otpd/forward.c:46: leaked_storage: Failing to save or free storage allocated by "krb5_get_error_message(ctx.kctx, retval)" leaks it.
#    44|       }
#    45|   
#    46|->     otpd_log_req(item->req, "forward end: %s",
#    47|               retval == 0
#    48|                   ? krad_code_num2name(code)
 6. freeipa-4.9.11/daemons/ipa-otpd/bind.c:121: alloc_fn: Storage is returned from allocation function "krb5_get_error_message".
7. freeipa-4.9.11/daemons/ipa-otpd/bind.c:121: var_assign: Assigning: "errstr" = storage returned from "krb5_get_error_message(ctx.kctx, i)".
11. freeipa-4.9.11/daemons/ipa-otpd/bind.c:136: leaked_storage: Variable "errstr" going out of scope leaks the storage it points to.
#   134|                                         VERTO_EV_FLAG_IO_READ |
#   135|                                         VERTO_EV_FLAG_IO_WRITE);
#   136|-> }
#   137|   
#   138|   void otpd_on_bind_io(verto_ctx *vctx, verto_ev *ev)
 7. freeipa-4.9.11/client/ipa-rmkeytab.c:158: alloc_arg: "krb5_kt_start_seq_get" allocates memory that is stored into "kt_cursor".
14. freeipa-4.9.11/client/ipa-rmkeytab.c:175: leaked_storage: Variable "kt_cursor" going out of scope leaks the storage it points to.
#   173|   done:
#   174|   
#   175|->     return rval;
#   176|   }
#   177|   
3. freeipa-4.9.11/client/ipa-rmkeytab.c:131: alloc_arg: "krb5_unparse_name" allocates memory that is stored into "entry_princ_s".
6. freeipa-4.9.11/client/ipa-rmkeytab.c:152: identity_transfer: Passing "entry_princ_s" as argument 1 to function "strstr", which returns an offset off that argument.
7. freeipa-4.9.11/client/ipa-rmkeytab.c:152: noescape: Resource "entry_princ_s" is not freed or pointed-to in "strstr".
9. freeipa-4.9.11/client/ipa-rmkeytab.c:154: noescape: Resource "entry_princ_s" is not freed or pointed-to in "remove_principal".
12. freeipa-4.9.11/client/ipa-rmkeytab.c:175: leaked_storage: Variable "entry_princ_s" going out of scope leaks the storage it points to.
#   173|   done:
#   174|   
#   175|->     return rval;
#   176|   }
#   177|   
 12. freeipa-4.9.11/client/ipa-getkeytab.c:251: alloc_arg: "krb5_init_context" allocates memory that is stored into "krbctx".
14. freeipa-4.9.11/client/ipa-getkeytab.c:262: noescape: Resource "krbctx" is not freed or pointed-to in "krb5_unparse_name".
29. freeipa-4.9.11/client/ipa-getkeytab.c:291: leaked_storage: Variable "krbctx" going out of scope leaks the storage it points to.
#   289|        }
#   290|    }
#   291|->  return ret;
#   292|   }
#   293|   

Additional error reported on ipa-4-10:

 9. freeipa-4.10.2/daemons/ipa-kdb/ipa_kdb_principals.c:1096: alloc_arg: "ipadb_ldap_attr_to_strlist" allocates memory that is stored into "acl_list".
14. freeipa-4.10.2/daemons/ipa-kdb/ipa_kdb_principals.c:1120: leaked_storage: Variable "acl_list" going out of scope leaks the storage it points to.
#  1118|       }
#  1119|       *kentry = entry;
#  1120|->     return kerr;
#  1121|   }
#  1122|   

Any thoughts on one commit to address these vs several commits?

Metadata Update from @rcritten:
- Issue assigned to rcritten

7 months ago

master:

  • 15de71a Fix some resource leaks identified by a static analyzer

ipa-4-12:

  • 21c6ccc Fix some resource leaks identified by a static analyzer

Metadata Update from @frenaud:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

5 months ago
5 months ago

Log in to comment on this ticket.

Metadata