rpms / mcstrans

Clone
Source Code
GIT

Blame SOURCES/0001-mcstrans-Fir-RESOURCE_LEAK-and-USE_AFTER_FREE-coveri.patch

c4 c5 c5-plus c6 c6-plus c7 c7-beta c8 c8-beta c8s c9 c9-beta
  1.   2ea27276dbb294fed9ad15af3889b14373dfdbfa
  2.   SOURCES
  3.   0001-mcstrans-Fir-RESOURCE_LEAK-and-USE_AFTER_FREE-coveri.patch
Blob History Raw
c01fd8 
From eeac35fa98b8b2d323741703a2e59593d1ad200a Mon Sep 17 00:00:00 2001
c01fd8 
From: Petr Lautrbach <plautrba@redhat.com>
c01fd8 
Date: Wed, 28 Nov 2018 18:28:05 +0100
c01fd8 
Subject: [PATCH] mcstrans: Fir RESOURCE_LEAK and USE_AFTER_FREE coverity scan
c01fd8 
 defects
c01fd8
c01fd8 
---
c01fd8 
 mcstrans/src/mcstrans.c  | 17 ++++++++++++++++-
c01fd8 
 mcstrans/src/mcstransd.c |  4 +++-
c01fd8 
 2 files changed, 19 insertions(+), 2 deletions(-)
c01fd8
c01fd8 
diff --git a/mcstrans/src/mcstrans.c b/mcstrans/src/mcstrans.c
c01fd8 
index 96bdbdff..29cadb78 100644
c01fd8 
--- a/mcstrans/src/mcstrans.c
c01fd8 
+++ b/mcstrans/src/mcstrans.c
c01fd8 
@@ -633,16 +633,23 @@ add_cache(domain_t *domain, char *raw, char *trans) {
c01fd8
c01fd8 
 	map->raw = strdup(raw);
c01fd8 
 	if (!map->raw) {
c01fd8 
+		free(map);
c01fd8 
 		goto err;
c01fd8 
 	}
c01fd8 
 	map->trans = strdup(trans);
c01fd8 
 	if (!map->trans) {
c01fd8 
+		free(map->raw);
c01fd8 
+		free(map);
c01fd8 
 		goto err;
c01fd8 
 	}
c01fd8
c01fd8 
 	log_debug(" add_cache (%s,%s)\n", raw, trans);
c01fd8 
-	if (add_to_hashtable(domain->raw_to_trans, map->raw, map) < 0)
c01fd8 
+	if (add_to_hashtable(domain->raw_to_trans, map->raw, map) < 0) {
c01fd8 
+		free(map->trans);
c01fd8 
+		free(map->raw);
c01fd8 
+		free(map);
c01fd8 
 		goto err;
c01fd8 
+	}
c01fd8
c01fd8 
 	if (add_to_hashtable(domain->trans_to_raw, map->trans, map) < 0)
c01fd8 
 		goto err;
c01fd8 
@@ -1519,6 +1526,7 @@ trans_context(const security_context_t incon, security_context_t *rcon) {
c01fd8 
 			trans = compute_trans_from_raw(range, domain);
c01fd8 
 			if (trans)
c01fd8 
 				if (add_cache(domain, range, trans) < 0) {
c01fd8 
+					free(trans);
c01fd8 
 					free(range);
c01fd8 
 					return -1;
c01fd8 
 				}
c01fd8 
@@ -1530,6 +1538,7 @@ trans_context(const security_context_t incon, security_context_t *rcon) {
c01fd8 
 				ltrans = compute_trans_from_raw(lrange, domain);
c01fd8 
 				if (ltrans) {
c01fd8 
 					if (add_cache(domain, lrange, ltrans) < 0) {
c01fd8 
+						free(ltrans);
c01fd8 
 						free(range);
c01fd8 
 						return -1;
c01fd8 
 					}
c01fd8 
@@ -1548,6 +1557,7 @@ trans_context(const security_context_t incon, security_context_t *rcon) {
c01fd8 
 				utrans = compute_trans_from_raw(urange, domain);
c01fd8 
 				if (utrans) {
c01fd8 
 					if (add_cache(domain, urange, utrans) < 0) {
c01fd8 
+						free(utrans);
c01fd8 
 						free(ltrans);
c01fd8 
 						free(range);
c01fd8 
 						return -1;
c01fd8 
@@ -1647,7 +1657,9 @@ untrans_context(const security_context_t incon, security_context_t *rcon) {
c01fd8 
 					canonical = compute_trans_from_raw(raw, domain);
c01fd8 
 					if (canonical && strcmp(canonical, range))
c01fd8 
 						if (add_cache(domain, raw, canonical) < 0) {
c01fd8 
+							free(canonical);
c01fd8 
 							free(range);
c01fd8 
+							free(raw);
c01fd8 
 							return -1;
c01fd8 
 						}
c01fd8 
 				}
c01fd8 
@@ -1655,6 +1667,7 @@ untrans_context(const security_context_t incon, security_context_t *rcon) {
c01fd8 
 					free(canonical);
c01fd8 
 				if (add_cache(domain, raw, range) < 0) {
c01fd8 
 					free(range);
c01fd8 
+					free(raw);
c01fd8 
 					return -1;
c01fd8 
 				}
c01fd8 
 			} else {
c01fd8 
@@ -1672,6 +1685,7 @@ untrans_context(const security_context_t incon, security_context_t *rcon) {
c01fd8 
 						canonical = compute_trans_from_raw(lraw, domain);
c01fd8 
 						if (canonical)
c01fd8 
 							if (add_cache(domain, lraw, canonical) < 0) {
c01fd8 
+								free(canonical);
c01fd8 
 								free(lraw);
c01fd8 
 								free(range);
c01fd8 
 								return -1;
c01fd8 
@@ -1703,6 +1717,7 @@ untrans_context(const security_context_t incon, security_context_t *rcon) {
c01fd8 
 						canonical = compute_trans_from_raw(uraw, domain);
c01fd8 
 						if (canonical)
c01fd8 
 							if (add_cache(domain, uraw, canonical) < 0) {
c01fd8 
+								free(canonical);
c01fd8 
 								free(uraw);
c01fd8 
 								free(lraw);
c01fd8 
 								free(range);
c01fd8 
diff --git a/mcstrans/src/mcstransd.c b/mcstrans/src/mcstransd.c
c01fd8 
index 85899493..a1ec81ac 100644
c01fd8 
--- a/mcstrans/src/mcstransd.c
c01fd8 
+++ b/mcstrans/src/mcstransd.c
c01fd8 
@@ -335,6 +335,7 @@ process_events(struct pollfd **ufds, int *nfds)
c01fd8 
 					/* Setup pollfd for deletion later. */
c01fd8 
 					(*ufds)[ii].fd = -1;
c01fd8 
 					close(connfd);
c01fd8 
+					connfd = -1;
c01fd8 
 					/* So we don't get bothered later */
c01fd8 
 					revents = revents & ~(POLLHUP);
c01fd8 
 				}
c01fd8 
@@ -348,10 +349,11 @@ process_events(struct pollfd **ufds, int *nfds)
c01fd8 
 			/* Set the pollfd up for deletion later. */
c01fd8 
 			(*ufds)[ii].fd = -1;
c01fd8 
 			close(connfd);
c01fd8 
+			connfd = -1;
c01fd8
c01fd8 
 			revents = revents & ~(POLLHUP);
c01fd8 
 		}
c01fd8 
-		if (revents) {
c01fd8 
+		if (revents && connfd != -1) {
c01fd8 
 			syslog(LOG_ERR, "Unknown/error events (%x) encountered"
c01fd8 
 					" for fd (%d)\n", revents, connfd);
c01fd8
c01fd8 
--
c01fd8 
2.21.0
c01fd8

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation