From 3310a25181e94f5e05e671acc12d008cbac339ab Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Thu, 13 Sep 2018 15:50:53 -0400 Subject: [PATCH 12/17] clang: Memory leak --- src/certmaster.c | 3 +++ src/certsave-o.c | 1 + src/dogtag.c | 3 +++ src/ipa.c | 9 ++++++++- src/local.c | 5 +++++ src/scep.c | 5 +++++ src/srvloc.c | 1 + src/store-files.c | 2 +- src/submit-x.c | 22 ++++++++++++++++++++++ src/util.c | 8 +++++++- tests/tools/addcinfo.c | 3 +++ tests/tools/base2pem.c | 1 + tests/tools/pem2base.c | 1 + 13 files changed, 61 insertions(+), 3 deletions(-) diff --git a/src/certmaster.c b/src/certmaster.c index 7e0bed90..4a5cf6af 100644 --- a/src/certmaster.c +++ b/src/certmaster.c @@ -160,6 +160,7 @@ main(int argc, const char **argv) CM_SUBMIT_CSR_ENV); } poptPrintUsage(pctx, stdout, 0); + free(csr); return CM_SUBMIT_STATUS_UNCONFIGURED; } @@ -185,11 +186,13 @@ main(int argc, const char **argv) if (ctx == NULL) { fprintf(stderr, "Error setting up for XMLRPC.\n"); printf(_("Error setting up for XMLRPC.\n")); + free(csr); return CM_SUBMIT_STATUS_UNCONFIGURED; } /* Add the CSR as the sole argument. */ cm_submit_x_add_arg_s(ctx, csr); + free(csr); /* Submit the request. */ fprintf(stderr, "Submitting request to \"%s\".\n", uri); diff --git a/src/certsave-o.c b/src/certsave-o.c index 77f54d7e..3d4018d8 100644 --- a/src/certsave-o.c +++ b/src/certsave-o.c @@ -258,6 +258,7 @@ cm_certsave_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry, if (bin != NULL) { BN_bn2bin(bn, bin); serial = cm_store_hex_from_bin(NULL, bin, BN_num_bytes(bn)); + free(bin); } } if (serial != NULL) { diff --git a/src/dogtag.c b/src/dogtag.c index cd0b38b7..55607f3d 100644 --- a/src/dogtag.c +++ b/src/dogtag.c @@ -536,6 +536,7 @@ main(int argc, const char **argv) CM_SUBMIT_CSR_ENV); } poptPrintUsage(pctx, stdout, 0); + free(csr); return CM_SUBMIT_STATUS_UNCONFIGURED; } csr = cm_submit_u_url_encode(csr); @@ -588,6 +589,8 @@ main(int argc, const char **argv) params = talloc_asprintf(ctx, "%s&%s=%s", params, p, q); + free(p); + free(q); } use_agent_approval = FALSE; break; diff --git a/src/ipa.c b/src/ipa.c index 67a0c651..acd1a4e2 100644 --- a/src/ipa.c +++ b/src/ipa.c @@ -226,6 +226,7 @@ cm_locate_xmlrpc_service(const char *server, if (basedn == NULL) { i = cm_find_default_naming_context(ld, &basedn); if (i != 0) { + free(basedn); return i; } } @@ -526,6 +527,7 @@ fetch_roots(const char *server, int ldap_uri_cmd, const char *ldap_uri, if (basedn == NULL) { i = cm_find_default_naming_context(ld, &basedn); if (i != 0) { + free(basedn); return i; } } @@ -802,6 +804,7 @@ main(int argc, const char **argv) printf(_("Unable to read signing request from environment variable \"%s\".\n"), CM_SUBMIT_CSR_ENV); } + free(csr); poptPrintUsage(pctx, stdout, 0); return CM_SUBMIT_STATUS_UNCONFIGURED; } @@ -903,12 +906,16 @@ main(int argc, const char **argv) if ((strcasecmp(mode, CM_OP_SUBMIT) == 0) || (strcasecmp(mode, CM_OP_POLL) == 0)) { - return submit_or_poll(uri, cainfo, capath, server, + int ret; + ret = submit_or_poll(uri, cainfo, capath, server, ldap_uri_cmd, ldap_uri, host, domain, basedn, uid, pwd, csr, reqprinc, profile, issuer); + free(csr); + return ret; } else if (strcasecmp(mode, CM_OP_FETCH_ROOTS) == 0) { + free(csr); return fetch_roots(server, ldap_uri_cmd, ldap_uri, host, uid, pwd, domain, basedn); } diff --git a/src/local.c b/src/local.c index f437d62e..92bea144 100644 --- a/src/local.c +++ b/src/local.c @@ -559,6 +559,7 @@ main(int argc, const char **argv) printf(_("Unable to read signing request.\n")); cm_log(1, "Unable to read signing request.\n"); poptPrintUsage(pctx, stdout, 0); + free(csr); return CM_SUBMIT_STATUS_UNCONFIGURED; } /* Take the lock. */ @@ -568,6 +569,7 @@ main(int argc, const char **argv) &signer, &key); if ((i != 0) || (signer == NULL)) { cm_log(1, "Error reading signer info.\n"); + free(csr); /* Try again sometime later. */ return CM_SUBMIT_STATUS_UNREACHABLE; } @@ -577,11 +579,13 @@ main(int argc, const char **argv) if ((fp == NULL) && (errno != ENOENT)) { cm_log(1, "Error reading '%s': %s.\n", serial, strerror(errno)); + free(csr); return CM_SUBMIT_STATUS_UNREACHABLE; } if (fp != NULL) { if (fgets(buf, sizeof(buf), fp) == NULL) { fclose(fp); + free(csr); return CM_SUBMIT_STATUS_UNREACHABLE; } buf[strcspn(buf, "\r\n")] = '\0'; @@ -601,6 +605,7 @@ main(int argc, const char **argv) /* Actually sign the request. */ i = cm_submit_o_sign(parent, csr, signer, key, hexserial, now, 0, &cert); + free(csr); if ((i == 0) && (cert != NULL)) { /* Roll the serial number up. */ hexserial = cm_store_increment_serial(parent, diff --git a/src/scep.c b/src/scep.c index 72dff3d5..68eae788 100644 --- a/src/scep.c +++ b/src/scep.c @@ -338,6 +338,7 @@ main(int argc, const char **argv) } if (c != -1) { poptPrintUsage(pctx, stdout, 0); + free(cainfo); return CM_SUBMIT_STATUS_UNCONFIGURED; } @@ -386,6 +387,7 @@ main(int argc, const char **argv) } if ((message == NULL) || (strlen(message) == 0)) { printf(_("Error reading request. Expected PKCS7 data containing a GetInitialCert pkiMessage, got nothing.\n")); + free(cainfo); return CM_SUBMIT_STATUS_NEED_SCEP_MESSAGES; } /* First step: read capabilities for our use. */ @@ -405,6 +407,7 @@ main(int argc, const char **argv) } if ((message == NULL) || (strlen(message) == 0)) { printf(_("Error reading request. Expected PKCS7 data containing a PKCSReq pkiMessage, got nothing.\n")); + free(cainfo); return CM_SUBMIT_STATUS_NEED_SCEP_MESSAGES; } /* First step: read capabilities for our use. */ @@ -416,6 +419,7 @@ main(int argc, const char **argv) /* Supply help output, if it's needed. */ if (missing_args) { poptPrintUsage(pctx, stdout, 0); + free(cainfo); return CM_SUBMIT_STATUS_UNCONFIGURED; } @@ -492,6 +496,7 @@ main(int argc, const char **argv) verbose > 1 ? cm_submit_h_curl_verbose_on : cm_submit_h_curl_verbose_off); + free(cainfo); cm_submit_h_run(hctx); content_type = cm_submit_h_result_type(hctx); if (content_type == NULL) { diff --git a/src/srvloc.c b/src/srvloc.c index acab55bf..e8f3f5a5 100644 --- a/src/srvloc.c +++ b/src/srvloc.c @@ -189,6 +189,7 @@ cm_srvloc_resolve(void *parent, const char *name, const char *udomain, domain = strdup(udomain); #endif i = res_querydomain(name, domain, C_IN, T_SRV, answer, answer_len); + free(domain); if (i == -1) { return -1; } diff --git a/src/store-files.c b/src/store-files.c index df1fa336..b97ba5ff 100644 --- a/src/store-files.c +++ b/src/store-files.c @@ -558,8 +558,8 @@ cm_store_file_read_lines(void *parent, FILE *fp) case ';': break; } + free(buf); } - free(buf); /* If we were reading a line, append it to the list. */ if (s != NULL) { tlines = talloc_realloc(parent, lines, char *, n_lines + 2); diff --git a/src/submit-x.c b/src/submit-x.c index 60bcf78a..fa81e9aa 100644 --- a/src/submit-x.c +++ b/src/submit-x.c @@ -75,6 +75,8 @@ cm_submit_x_ccache_realm(char **msg) ret = get_error_message(ctx, kret)); if (msg != NULL) { *msg = ret; + } else { + free(ret); } return NULL; } @@ -84,6 +86,8 @@ cm_submit_x_ccache_realm(char **msg) ret = get_error_message(ctx, kret)); if (msg != NULL) { *msg = ret; + } else { + free(ret); } return NULL; } @@ -93,6 +97,8 @@ cm_submit_x_ccache_realm(char **msg) ret = get_error_message(ctx, kret)); if (msg != NULL) { *msg = ret; + } else { + free(ret); } return NULL; } @@ -139,6 +145,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg) fprintf(stderr, "Error initializing Kerberos: %s.\n", ret); if (msg != NULL) { *msg = ret; + } else { + free(ret); } return kret; } @@ -152,6 +160,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg) ret = get_error_message(ctx, kret)); if (msg != NULL) { *msg = ret; + } else { + free(ret); } return kret; } @@ -163,6 +173,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg) principal, ret = get_error_message(ctx, kret)); if (msg != NULL) { *msg = ret; + } else { + free(ret); } return kret; } @@ -174,6 +186,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg) ret = get_error_message(ctx, kret)); if (msg != NULL) { *msg = ret; + } else { + free(ret); } return kret; } @@ -195,6 +209,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg) ret = get_error_message(ctx, kret)); if (msg != NULL) { *msg = ret; + } else { + free(ret); } return kret; } @@ -213,6 +229,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg) ret = get_error_message(ctx, kret)); if (msg != NULL) { *msg = ret; + } else { + free(ret); } return kret; } @@ -227,6 +245,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg) ret = get_error_message(ctx, kret)); if (msg != NULL) { *msg = ret; + } else { + free(ret); } return kret; } @@ -237,6 +257,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg) ret = get_error_message(ctx, kret)); if (msg != NULL) { *msg = ret; + } else { + free(ret); } return kret; } diff --git a/src/util.c b/src/util.c index 67143d52..373bb533 100644 --- a/src/util.c +++ b/src/util.c @@ -98,7 +98,7 @@ read_config_file(const char *filename) char * get_config_entry(char * in_data, const char *section, const char *key) { - char *ptr = NULL, *p, *tmp; + char *ptr = NULL, *p, *tmp = NULL; char *line; int in_section = 0; char * data = strdup(in_data); @@ -129,9 +129,12 @@ get_config_entry(char * in_data, const char *section, const char *key) } if (strcmp(section, tmp) == 0) { free(tmp); + tmp = NULL; in_section = 1; continue; } + free(tmp); + tmp = NULL; } } /* [ */ @@ -145,8 +148,10 @@ get_config_entry(char * in_data, const char *section, const char *key) tmp = strndup(line, p - line); if (strcmp(key, tmp) != 0) { free(tmp); + tmp = NULL; } else { free(tmp); + tmp = NULL; /* Skip over any whitespace after the equal sign. */ line = strchr(line, '='); @@ -168,5 +173,6 @@ get_config_entry(char * in_data, const char *section, const char *key) } } free(data); + free(tmp); return NULL; } diff --git a/tests/tools/addcinfo.c b/tests/tools/addcinfo.c index f016acb4..939005c2 100644 --- a/tests/tools/addcinfo.c +++ b/tests/tools/addcinfo.c @@ -86,6 +86,7 @@ main(int argc, char **argv) if (enveloped == NULL) { cm_log(0, "Internal error: %s.\n", PR_ErrorToName(PORT_GetError())); + free(buffer); return 1; } ci.content_type = enveloped->oid; @@ -96,6 +97,7 @@ main(int argc, char **argv) content_info_template) != &encoded) { cm_log(0, "Encoding error: %s.\n", PR_ErrorToName(PORT_GetError())); + free(buffer); return 1; } j = 0; @@ -105,5 +107,6 @@ main(int argc, char **argv) break; } } + free(buffer); return 0; } diff --git a/tests/tools/base2pem.c b/tests/tools/base2pem.c index 40e74201..31359684 100644 --- a/tests/tools/base2pem.c +++ b/tests/tools/base2pem.c @@ -76,5 +76,6 @@ main(int argc, const char **argv) } } printf("%s", cm_submit_u_pem_from_base64(type, dos, p)); + free(p); return 0; } diff --git a/tests/tools/pem2base.c b/tests/tools/pem2base.c index 0607c162..bb686c0e 100644 --- a/tests/tools/pem2base.c +++ b/tests/tools/pem2base.c @@ -46,5 +46,6 @@ main(int argc, char **argv) } } printf("%s\n", cm_submit_u_base64_from_text(p)); + free(p); return 0; } -- 2.14.4