2d9e802 pam_console: fix covscan issues

Authored and Committed by ipedrosa 2 years ago
    pam_console: fix covscan issues
    
    Error: RESOURCE_LEAK (CWE-772): [#def14]
    Linux-PAM-1.5.1/modules/pam_console/chmod.c:210: alloc_fn: Storage is returned from allocation function "mode_compile".
    Linux-PAM-1.5.1/modules/pam_console/chmod.c:210: var_assign: Assigning: "changes" = storage returned from "mode_compile(mode, 7U)".
    Linux-PAM-1.5.1/modules/pam_console/chmod.c:239: leaked_storage: Variable "changes" going out of scope leaks the storage it points to.
      237|     globfree(&result);
      238|
      239|->   return (errors);
      240|   }
    
    Error: RESOURCE_LEAK (CWE-772): [#def17]
    Linux-PAM-1.5.1/modules/pam_console/handlers.c:66: alloc_fn: Storage is returned from allocation function "fopen".
    Linux-PAM-1.5.1/modules/pam_console/handlers.c:66: var_assign: Assigning: "fh" = storage returned from "fopen(handlers_name, "r")".
    Linux-PAM-1.5.1/modules/pam_console/handlers.c:74: noescape: Resource "fh" is not freed or pointed-to in "fgets". [Note: The source code implementation of the function has been overridden by a builtin model.]
    Linux-PAM-1.5.1/modules/pam_console/handlers.c:74: noescape: Resource "fh" is not freed or pointed-to in "fgets". [Note: The source code implementation of the function has been overridden by a builtin model.]
    Linux-PAM-1.5.1/modules/pam_console/handlers.c:74: noescape: Resource "fh" is not freed or pointed-to in "fgets". [Note: The source code implementation of the function has been overridden by a builtin model.]
    Linux-PAM-1.5.1/modules/pam_console/handlers.c:148: leaked_storage: Variable "fh" going out of scope leaks the storage it points to.
      146|   fail_exit:
      147|           console_free_handlers(first_handler);
      148|->         return rv;
      149|   }
      150|
    
    Error: COMPILER_WARNING (CWE-686): [#def19]
    Linux-PAM-1.5.1/modules/pam_console/handlers.c: scope_hint: In function 'execute_handler'
    Linux-PAM-1.5.1/modules/pam_console/handlers.c:265:29: warning[-Wimplicit-function-declaration]: implicit declaration of function 'setgroups'; did you mean 'getgroups'?
      263|                                   _exit(255);
      264|                           if (setgid(pw->pw_gid) == -1 ||
      265|->                             setgroups(0, NULL) == -1 ||
      266|                               setuid(pw->pw_uid) == -1)
      267|                                   _exit(255);
    
    Error: VARARGS (CWE-237): [#def20]
    Linux-PAM-1.5.1/modules/pam_console/pam_console.c:73: va_init: Initializing va_list "args".
    Linux-PAM-1.5.1/modules/pam_console/pam_console.c:76: missing_va_end: "va_end" was not called for "args".
       74|       pam_vsyslog(pamh, err, format, args);
       75|       closelog();
       76|-> }
       77|
       78|   static void *
    
    Error: RESOURCE_LEAK (CWE-772): [#def22]
    Linux-PAM-1.5.1/modules/pam_console/pam_console.c:148: open_fn: Returning handle opened by "socket".
    Linux-PAM-1.5.1/modules/pam_console/pam_console.c:148: var_assign: Assigning: "fd" = handle returned from "socket(1, SOCK_STREAM, 0)".
    Linux-PAM-1.5.1/modules/pam_console/pam_console.c:156: leaked_handle: Handle variable "fd" going out of scope leaks the handle.
      154|
      155|       if (len > sizeof(addr.su.sun_path))
      156|->         return 0;
      157|       memcpy(addr.su.sun_path, path, len);
      158|       if (connect(fd, &addr.sa, sizeof(addr.su) - (sizeof(addr.su.sun_path) - len)) == 0) {
    
    Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
    
        
file modified
+1 -0
file modified
+2 -0
file modified
+4 -1