There are some cases where we should free tmp in user.c in case of a failure:
Error: RESOURCE_LEAK (CWE-772): [#def19] libuser-0.62/lib/user.c:925: alloc_fn: Storage is returned from allocation function "lu_ent_new". libuser-0.62/lib/entity.c:52:2: alloc_fn: Storage is returned from allocation function "g_malloc0". libuser-0.62/lib/entity.c:52:2: var_assign: Assigning: "ent" = "g_malloc0(40UL)". libuser-0.62/lib/entity.c:58:2: return_alloc: Returning allocated memory "ent". libuser-0.62/lib/user.c:925: var_assign: Assigning: "tmp" = storage returned from "lu_ent_new()". libuser-0.62/lib/user.c:927: noescape: Resource "tmp" is not freed or pointed-to in "lu_ent_copy". libuser-0.62/lib/entity.c:311:51: noescape: "lu_ent_copy(struct lu_ent *, struct lu_ent *)" does not free or save its parameter "dest". libuser-0.62/lib/user.c:983: leaked_storage: Variable "tmp" going out of scope leaks the storage it points to. # 981| case group_default: # 982| /* Make sure we have both name and boolean here. */ # 983|-> g_return_val_if_fail(sdata != NULL, FALSE); # 984| /* Run the checks and preps. */ # 985| if (run_list(context, context->create_module_names, Error: RESOURCE_LEAK (CWE-772): [#def20] libuser-0.62/lib/user.c:925: alloc_fn: Storage is returned from allocation function "lu_ent_new". libuser-0.62/lib/entity.c:52:2: alloc_fn: Storage is returned from allocation function "g_malloc0". libuser-0.62/lib/entity.c:52:2: var_assign: Assigning: "ent" = "g_malloc0(40UL)". libuser-0.62/lib/entity.c:58:2: return_alloc: Returning allocated memory "ent". libuser-0.62/lib/user.c:925: var_assign: Assigning: "tmp" = storage returned from "lu_ent_new()". libuser-0.62/lib/user.c:927: noescape: Resource "tmp" is not freed or pointed-to in "lu_ent_copy". libuser-0.62/lib/entity.c:311:51: noescape: "lu_ent_copy(struct lu_ent *, struct lu_ent *)" does not free or save its parameter "dest". libuser-0.62/lib/user.c:1062: leaked_storage: Variable "tmp" going out of scope leaks the storage it points to. # 1060| case group_setpass: # 1061| /* Make sure we have a valid password. */ # 1062|-> g_return_val_if_fail(sdata != NULL, FALSE); # 1063| /* no break: fall through */ # 1064| case user_removepass: Error: RESOURCE_LEAK (CWE-772): [#def22] libuser-0.62/lib/user.c:925: alloc_fn: Storage is returned from allocation function "lu_ent_new". libuser-0.62/lib/entity.c:52:2: alloc_fn: Storage is returned from allocation function "g_malloc0". libuser-0.62/lib/entity.c:52:2: var_assign: Assigning: "ent" = "g_malloc0(40UL)". libuser-0.62/lib/entity.c:58:2: return_alloc: Returning allocated memory "ent". libuser-0.62/lib/user.c:925: var_assign: Assigning: "tmp" = storage returned from "lu_ent_new()". libuser-0.62/lib/user.c:927: noescape: Resource "tmp" is not freed or pointed-to in "lu_ent_copy". libuser-0.62/lib/entity.c:311:51: noescape: "lu_ent_copy(struct lu_ent *, struct lu_ent *)" does not free or save its parameter "dest". libuser-0.62/lib/user.c:1091: leaked_storage: Variable "tmp" going out of scope leaks the storage it points to. # 1089| case groups_enumerate_by_user: # 1090| /* Make sure we have both name and ID here. */ # 1091|-> g_return_val_if_fail(sdata != NULL, FALSE); # 1092| if (id == users_enumerate_by_group) # 1093| ldata = convert_group_name_to_id(context, sdata,
Metadata Update from @jhrozek: - Issue assigned to jhrozek
This part of the code has been reworked
Metadata Update from @thalman: - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.