rpms / ima-evm-utils

Clone
Source Code
GIT

Blame SOURCES/0001-evmctl-fix-memory-leak-in-get_password.patch

c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   c395a8d9635107302d4e5711704e0caaf8942391
  2.   SOURCES
  3.   0001-evmctl-fix-memory-leak-in-get_password.patch
Blob History Raw
c395a8 
From 2f1740eab432abc8e85172531d97eba33342474c Mon Sep 17 00:00:00 2001
c395a8 
From: Bruno Meneguele <bmeneg@redhat.com>
c395a8 
Date: Mon, 16 Aug 2021 12:11:15 -0300
c395a8 
Subject: [PATCH] evmctl: fix memory leak in get_password
c395a8
c395a8 
The variable "password" is not freed nor returned in case get_password()
c395a8 
succeeds. Return it instead of the intermediary variable "pwd". Issue found
c395a8 
by Coverity scan tool.
c395a8
c395a8 
src/evmctl.c:2565: leaked_storage: Variable "password" going out of scope
c395a8 
    leaks the storage it points to.
c395a8
c395a8 
Signed-off-by: Bruno Meneguele <bmeneg@redhat.com>
c395a8 
---
c395a8 
 src/evmctl.c | 7 ++++++-
c395a8 
 1 file changed, 6 insertions(+), 1 deletion(-)
c395a8
c395a8 
diff --git a/src/evmctl.c b/src/evmctl.c
c395a8 
index a8065bbe124a..ab7173723095 100644
c395a8 
--- a/src/evmctl.c
c395a8 
+++ b/src/evmctl.c
c395a8 
@@ -2625,7 +2625,12 @@ static char *get_password(void)
c395a8 
 		return NULL;
c395a8 
 	}
c395a8
c395a8 
-	return pwd;
c395a8 
+	if (pwd == NULL) {
c395a8 
+		free(password);
c395a8 
+		return NULL;
c395a8 
+	}
c395a8 
+
c395a8 
+	return password;
c395a8 
 }
c395a8
c395a8 
 int main(int argc, char *argv[])
c395a8 
--
c395a8 
2.31.1
c395a8

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation