rpms / libXt

Clone
Source Code
GIT

Blame SOURCES/0007-Fix-leaks-detected-by-covscan.patch

c4 c5 c5-plus c6 c6-plus c7 c7-beta c8 c8-beta c9 c9-beta
  1.   9f799c79f929e9be489c9dae2001db2be415c703
  2.   SOURCES
  3.   0007-Fix-leaks-detected-by-covscan.patch
Blob History Raw
9f799c 
From a35bef8c333f3fcf12d66e38ad769bc5f1df16a3 Mon Sep 17 00:00:00 2001
9f799c 
From: Benjamin Tissoires <benjamin.tissoires@gmail.com>
9f799c 
Date: Thu, 11 Apr 2019 17:26:58 +0200
9f799c 
Subject: [PATCH 7/9] Fix leaks detected by covscan
9f799c
9f799c 
The following leaks are reported by covscan:
9f799c
9f799c 
Error: RESOURCE_LEAK (CWE-772):
9f799c 
libXt-20190411/src/ResConfig.c:542: alloc_arg: "_get_part" allocates memory that is stored into "part".
9f799c 
libXt-20190411/src/ResConfig.c:544: noescape: Resource "part" is not freed or pointed-to in "_match_resource_to_widget".
9f799c 
libXt-20190411/src/ResConfig.c:560: leaked_storage: Variable "part" going out of scope leaks the storage it points to.
9f799c
9f799c 
Error: RESOURCE_LEAK (CWE-772):
9f799c 
libXt-20190411/src/TMgrab.c:108: alloc_arg: "XtKeysymToKeycodeList" allocates memory that is stored into "keycodes".
9f799c 
libXt-20190411/src/TMgrab.c:115: var_assign: Assigning: "keycodeP" = "keycodes".
9f799c 
libXt-20190411/src/TMgrab.c:124: leaked_storage: Variable "keycodeP" going out of scope leaks the storage it points to.
9f799c 
libXt-20190411/src/TMgrab.c:124: leaked_storage: Variable "keycodes" going out of scope leaks the storage it points to.
9f799c
9f799c 
Error: RESOURCE_LEAK (CWE-772):
9f799c 
libXt-20190411/src/TMparse.c:1544: alloc_fn: Storage is returned from allocation function "XtMalloc".
9f799c 
libXt-20190411/src/TMparse.c:1544: var_assign: Assigning: "event" = storage returned from "XtMalloc(88U)".
9f799c 
libXt-20190411/src/TMparse.c:1549: noescape: Resource "event" is not freed or pointed-to in "ParseQuotedStringEvent".
9f799c 
libXt-20190411/src/TMparse.c:1555: leaked_storage: Variable "event" going out of scope leaks the storage it points to.
9f799c
9f799c 
Error: RESOURCE_LEAK (CWE-772):
9f799c 
libXt-20190411/src/TMparse.c:1779: alloc_fn: Storage is returned from allocation function "XtMalloc".
9f799c 
libXt-20190411/src/TMparse.c:1779: var_assign: Assigning: "action" = storage returned from "XtMalloc(32U)".
9f799c 
libXt-20190411/src/TMparse.c:1784: noescape: Resource "action" is not freed or pointed-to in "ParseAction".
9f799c 
libXt-20190411/src/TMparse.c:1785: leaked_storage: Variable "action" going out of scope leaks the storage it points to.
9f799c
9f799c 
In addition to this legitimate leaks, covscan can get confused by
9f799c 
the allocated memory in XtKeysymToKeycodeList:
9f799c
9f799c 
Error: RESOURCE_LEAK (CWE-772):
9f799c 
libXt-20190411/src/TMgrab.c:108: alloc_arg: "XtKeysymToKeycodeList" allocates memory that is stored into "keycodes".
9f799c 
libXt-20190411/src/TMgrab.c:114: leaked_storage: Variable "keycodes" going out of scope leaks the storage it points to.
9f799c
9f799c 
Signed-off-by: Benjamin Tissoires <benjamin.tissoires@gmail.com>
9f799c 
---
9f799c 
 src/ResConfig.c |  1 +
9f799c 
 src/TMgrab.c    | 10 ++++++++--
9f799c 
 src/TMparse.c   |  6 +++++-
9f799c 
 3 files changed, 14 insertions(+), 3 deletions(-)
9f799c
9f799c 
diff --git a/src/ResConfig.c b/src/ResConfig.c
9f799c 
index 5a7f6d2..bd6792c 100644
9f799c 
--- a/src/ResConfig.c
9f799c 
+++ b/src/ResConfig.c
9f799c 
@@ -557,6 +557,7 @@ _set_and_search (
9f799c 
 			} else
9f799c 
 				_search_child (w, local_index, remainder,
9f799c 
 					resource, value, last_token, last_part);
9f799c 
+			XtFree (part);
9f799c 
 			return;
9f799c 
 		}
9f799c 
 		if (token == '*') {
9f799c 
diff --git a/src/TMgrab.c b/src/TMgrab.c
9f799c 
index 08cb486..4e7d20d 100644
9f799c 
--- a/src/TMgrab.c
9f799c 
+++ b/src/TMgrab.c
9f799c 
@@ -105,13 +105,17 @@ static void GrabAllCorrectKeys(
9f799c 
     careOn |= modMatch->modifiers;
9f799c 
     careMask |= modMatch->modifierMask;
9f799c
9f799c 
+    keycodes = NULL;
9f799c 
     XtKeysymToKeycodeList(
9f799c 
 	    dpy,
9f799c 
 	    (KeySym)typeMatch->eventCode,
9f799c 
 	    &keycodes,
9f799c 
 	    &keycount
9f799c 
 			 );
9f799c 
-    if (keycount == 0) return;
9f799c 
+    if (keycount == 0) {
9f799c 
+	XtFree((char *)keycodes);
9f799c 
+	return;
9f799c 
+    }
9f799c 
     for (keycodeP = keycodes; keycount--; keycodeP++) {
9f799c 
 	if (modMatch->standard) {
9f799c 
 	    /* find standard modifiers that produce this keysym */
9f799c 
@@ -120,8 +124,10 @@ static void GrabAllCorrectKeys(
9f799c 
 	    Modifiers modifiers_return;
9f799c 
 	    XtTranslateKeycode( dpy, *keycodeP, (Modifiers)0,
9f799c 
 			        &modifiers_return, &keysym );
9f799c 
-	    if (careOn & modifiers_return)
9f799c 
+	    if (careOn & modifiers_return) {
9f799c 
+		XtFree((char *)keycodes);
9f799c 
 		return;
9f799c 
+	    }
9f799c 
 	    if (keysym == typeMatch->eventCode) {
9f799c 
 		XtGrabKey(widget, *keycodeP, careOn,
9f799c 
 			  grabP->owner_events,
9f799c 
diff --git a/src/TMparse.c b/src/TMparse.c
9f799c 
index df94181..086f53d 100644
9f799c 
--- a/src/TMparse.c
9f799c 
+++ b/src/TMparse.c
9f799c 
@@ -1551,6 +1551,7 @@ static String ParseEventSeq(
9f799c 
 			XtCXtToolkitError,
9f799c 
 			"... probably due to non-Latin1 character in quoted string",
9f799c 
 			(String*)NULL, (Cardinal*)NULL);
9f799c 
+		    XtFree((char *)event);
9f799c 
 		    return PanicModeRecovery(str);
9f799c 
 		}
9f799c 
 		*nextEvent = event;
9f799c 
@@ -1781,7 +1782,10 @@ static String ParseActionSeq(
9f799c 
         action->next = NULL;
9f799c
9f799c 
 	str = ParseAction(str, action, &quark, error);
9f799c 
-	if (*error) return PanicModeRecovery(str);
9f799c 
+	if (*error) {
9f799c 
+	    XtFree((char *)action);
9f799c 
+	    return PanicModeRecovery(str);
9f799c 
+	}
9f799c
9f799c 
 	action->idx = _XtGetQuarkIndex(parseTree, quark);
9f799c 
 	ScanWhitespace(str);
9f799c 
--
9f799c 
2.19.2
9f799c

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation