|
 |
0503a1 |
From 95800c144d2ab2af95cdc8f08df0518c496a579a Mon Sep 17 00:00:00 2001
|
|
|
0503a1 |
From: Cathy Avery <cavery@redhat.com>
|
|
|
0503a1 |
Date: Thu, 12 Nov 2020 09:01:08 -0500
|
|
|
0503a1 |
Subject: [PATCH] Fix memory leaks.
|
|
|
0503a1 |
|
|
|
0503a1 |
RH-Author: Cathy Avery (cavery)
|
|
|
0503a1 |
RH-MergeRequest: 2: Fix memory leaks.
|
|
|
0503a1 |
RH-Commit: [1/1] 79ac85f5e8c31cc48b7b0834682c6320afcc2288 (cavery/open-vm-tools)
|
|
|
0503a1 |
RH-Bugzilla: 1896804
|
|
|
0503a1 |
|
|
|
0503a1 |
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1896804
|
|
|
0503a1 |
Brew: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=33050983
|
|
|
0503a1 |
Tested: By QE
|
|
|
0503a1 |
Upstream Status: devel branch
|
|
|
0503a1 |
|
|
|
0503a1 |
A Coverity scan of open-vm-tools reported a number of memory leaks
|
|
|
0503a1 |
on error code paths. Fix seven reported leaks, and modify code
|
|
|
0503a1 |
to address two false positives in order to make the code clearer
|
|
|
0503a1 |
and/or keep Coverity from reporting the issues. Also fix additional
|
|
|
0503a1 |
leaks found in the routine Proto_TextContents during code review.
|
|
|
0503a1 |
|
|
|
0503a1 |
(cherry picked from commit e18e67f727d0354b08a55b685178fd05f542c6da)
|
|
|
0503a1 |
Signed-off-by: Cathy Avery <cavery@redhat.com>
|
|
|
0503a1 |
---
|
|
|
0503a1 |
open-vm-tools/libvmtools/vmtoolsLog.c | 6 ++---
|
|
|
0503a1 |
.../plugins/guestInfo/guestInfoServer.c | 2 +-
|
|
|
0503a1 |
open-vm-tools/services/vmtoolsd/pluginMgr.c | 1 +
|
|
|
0503a1 |
open-vm-tools/vgauth/lib/proto.c | 23 +++++++++++++++----
|
|
|
0503a1 |
open-vm-tools/vgauth/serviceImpl/alias.c | 4 ++++
|
|
|
0503a1 |
5 files changed, 28 insertions(+), 8 deletions(-)
|
|
|
0503a1 |
|
|
|
0503a1 |
diff --git a/open-vm-tools/libvmtools/vmtoolsLog.c b/open-vm-tools/libvmtools/vmtoolsLog.c
|
|
|
0503a1 |
index a991b49f..bea5abd4 100644
|
|
|
0503a1 |
--- a/open-vm-tools/libvmtools/vmtoolsLog.c
|
|
|
0503a1 |
+++ b/open-vm-tools/libvmtools/vmtoolsLog.c
|
|
|
0503a1 |
@@ -2395,7 +2395,6 @@ VMTools_ChangeLogFilePath(const gchar *delimiter, // IN
|
|
|
0503a1 |
{
|
|
|
0503a1 |
gchar key[128];
|
|
|
0503a1 |
gchar *path = NULL;
|
|
|
0503a1 |
- gchar *userLogTemp = NULL;
|
|
|
0503a1 |
gchar **tokens;
|
|
|
0503a1 |
gboolean retVal = FALSE;
|
|
|
0503a1 |
|
|
|
0503a1 |
@@ -2412,8 +2411,9 @@ VMTools_ChangeLogFilePath(const gchar *delimiter, // IN
|
|
|
0503a1 |
|
|
|
0503a1 |
tokens = g_strsplit(path, delimiter, 2);
|
|
|
0503a1 |
if (tokens != NULL && *tokens != NULL){
|
|
|
0503a1 |
- userLogTemp = g_strjoin(appendString, *tokens, " ", NULL);
|
|
|
0503a1 |
- userLogTemp = g_strchomp (userLogTemp);
|
|
|
0503a1 |
+ char *userLogTemp = g_strjoin(appendString, *tokens, " ", NULL);
|
|
|
0503a1 |
+
|
|
|
0503a1 |
+ g_strchomp(userLogTemp);
|
|
|
0503a1 |
if (*(tokens+1) != NULL){
|
|
|
0503a1 |
gchar *userLog;
|
|
|
0503a1 |
userLog = g_strjoin(delimiter, userLogTemp, *(tokens+1), NULL);
|
|
|
0503a1 |
diff --git a/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c b/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c
|
|
|
0503a1 |
index c1ab6962..ab6725fe 100644
|
|
|
0503a1 |
--- a/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c
|
|
|
0503a1 |
+++ b/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c
|
|
|
0503a1 |
@@ -1298,12 +1298,12 @@ GuestInfoSendDiskInfoV1(ToolsAppCtx *ctx, // IN
|
|
|
0503a1 |
b64name,
|
|
|
0503a1 |
pdi->partitionList[i].freeBytes,
|
|
|
0503a1 |
pdi->partitionList[i].totalBytes);
|
|
|
0503a1 |
+ g_free(b64name);
|
|
|
0503a1 |
if (len <= 0) {
|
|
|
0503a1 |
goto exit;
|
|
|
0503a1 |
}
|
|
|
0503a1 |
|
|
|
0503a1 |
DynBuf_Append(&dynBuffer, tmpBuf, len);
|
|
|
0503a1 |
- g_free(b64name);
|
|
|
0503a1 |
|
|
|
0503a1 |
if (pdi->partitionList[i].fsType[0] != '\0') {
|
|
|
0503a1 |
len = Str_Snprintf(tmpBuf, sizeof tmpBuf, jsonPerDiskFsTypeFmt,
|
|
|
0503a1 |
diff --git a/open-vm-tools/services/vmtoolsd/pluginMgr.c b/open-vm-tools/services/vmtoolsd/pluginMgr.c
|
|
|
0503a1 |
index 53b91f7a..d5f2c0ef 100644
|
|
|
0503a1 |
--- a/open-vm-tools/services/vmtoolsd/pluginMgr.c
|
|
|
0503a1 |
+++ b/open-vm-tools/services/vmtoolsd/pluginMgr.c
|
|
|
0503a1 |
@@ -512,6 +512,7 @@ ToolsCoreLoadDirectory(ToolsAppCtx *ctx,
|
|
|
0503a1 |
dir = g_dir_open(pluginPath, 0, &err;;
|
|
|
0503a1 |
if (dir == NULL) {
|
|
|
0503a1 |
g_warning("Error opening dir: %s\n", err->message);
|
|
|
0503a1 |
+ g_clear_error(&err;;
|
|
|
0503a1 |
goto exit;
|
|
|
0503a1 |
}
|
|
|
0503a1 |
|
|
|
0503a1 |
diff --git a/open-vm-tools/vgauth/lib/proto.c b/open-vm-tools/vgauth/lib/proto.c
|
|
|
0503a1 |
index 12386918..01df9df7 100644
|
|
|
0503a1 |
--- a/open-vm-tools/vgauth/lib/proto.c
|
|
|
0503a1 |
+++ b/open-vm-tools/vgauth/lib/proto.c
|
|
|
0503a1 |
@@ -830,8 +830,10 @@ Proto_TextContents(GMarkupParseContext *parseContext,
|
|
|
0503a1 |
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
|
|
|
0503a1 |
"Found pipeName in reply type %d",
|
|
|
0503a1 |
reply->expectedReplyType);
|
|
|
0503a1 |
+ g_free(val);
|
|
|
0503a1 |
+ } else {
|
|
|
0503a1 |
+ reply->replyData.sessionReq.pipeName = val;
|
|
|
0503a1 |
}
|
|
|
0503a1 |
- reply->replyData.sessionReq.pipeName = val;
|
|
|
0503a1 |
break;
|
|
|
0503a1 |
|
|
|
0503a1 |
case PARSE_STATE_TICKET:
|
|
|
0503a1 |
@@ -839,8 +841,10 @@ Proto_TextContents(GMarkupParseContext *parseContext,
|
|
|
0503a1 |
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
|
|
|
0503a1 |
"Found ticket in reply type %d",
|
|
|
0503a1 |
reply->expectedReplyType);
|
|
|
0503a1 |
+ g_free(val);
|
|
|
0503a1 |
+ } else {
|
|
|
0503a1 |
+ reply->replyData.createTicket.ticket = val;
|
|
|
0503a1 |
}
|
|
|
0503a1 |
- reply->replyData.createTicket.ticket = val;
|
|
|
0503a1 |
break;
|
|
|
0503a1 |
|
|
|
0503a1 |
case PARSE_STATE_TOKEN:
|
|
|
0503a1 |
@@ -853,6 +857,7 @@ Proto_TextContents(GMarkupParseContext *parseContext,
|
|
|
0503a1 |
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
|
|
|
0503a1 |
"Found token in reply type %d",
|
|
|
0503a1 |
reply->expectedReplyType);
|
|
|
0503a1 |
+ g_free(val);
|
|
|
0503a1 |
}
|
|
|
0503a1 |
break;
|
|
|
0503a1 |
|
|
|
0503a1 |
@@ -863,6 +868,7 @@ Proto_TextContents(GMarkupParseContext *parseContext,
|
|
|
0503a1 |
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
|
|
|
0503a1 |
"Found token in reply type %d",
|
|
|
0503a1 |
reply->expectedReplyType);
|
|
|
0503a1 |
+ g_free(val);
|
|
|
0503a1 |
}
|
|
|
0503a1 |
break;
|
|
|
0503a1 |
|
|
|
0503a1 |
@@ -878,6 +884,7 @@ Proto_TextContents(GMarkupParseContext *parseContext,
|
|
|
0503a1 |
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
|
|
|
0503a1 |
"Found username in reply type %d",
|
|
|
0503a1 |
reply->expectedReplyType);
|
|
|
0503a1 |
+ g_free(val);
|
|
|
0503a1 |
}
|
|
|
0503a1 |
break;
|
|
|
0503a1 |
|
|
|
0503a1 |
@@ -890,6 +897,7 @@ Proto_TextContents(GMarkupParseContext *parseContext,
|
|
|
0503a1 |
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
|
|
|
0503a1 |
"Found pemCert in reply type %d",
|
|
|
0503a1 |
reply->expectedReplyType);
|
|
|
0503a1 |
+ g_free(val);
|
|
|
0503a1 |
}
|
|
|
0503a1 |
break;
|
|
|
0503a1 |
case PARSE_STATE_CERTCOMMENT:
|
|
|
0503a1 |
@@ -899,6 +907,7 @@ Proto_TextContents(GMarkupParseContext *parseContext,
|
|
|
0503a1 |
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
|
|
|
0503a1 |
"Found cert comment in reply type %d",
|
|
|
0503a1 |
reply->expectedReplyType);
|
|
|
0503a1 |
+ g_free(val);
|
|
|
0503a1 |
}
|
|
|
0503a1 |
break;
|
|
|
0503a1 |
|
|
|
0503a1 |
@@ -923,6 +932,7 @@ Proto_TextContents(GMarkupParseContext *parseContext,
|
|
|
0503a1 |
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
|
|
|
0503a1 |
"Found SAMLSubject in reply type %d",
|
|
|
0503a1 |
reply->expectedReplyType);
|
|
|
0503a1 |
+ g_free(val);
|
|
|
0503a1 |
}
|
|
|
0503a1 |
break;
|
|
|
0503a1 |
case PARSE_STATE_USERHANDLETYPE:
|
|
|
0503a1 |
@@ -968,6 +978,7 @@ Proto_TextContents(GMarkupParseContext *parseContext,
|
|
|
0503a1 |
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
|
|
|
0503a1 |
"Found NamedSubject in reply type %d",
|
|
|
0503a1 |
reply->expectedReplyType);
|
|
|
0503a1 |
+ g_free(val);
|
|
|
0503a1 |
}
|
|
|
0503a1 |
break;
|
|
|
0503a1 |
case PARSE_STATE_ANYSUBJECT:
|
|
|
0503a1 |
@@ -990,6 +1001,7 @@ Proto_TextContents(GMarkupParseContext *parseContext,
|
|
|
0503a1 |
"Found AnySubject in reply type %d",
|
|
|
0503a1 |
reply->expectedReplyType);
|
|
|
0503a1 |
}
|
|
|
0503a1 |
+ g_free(val);
|
|
|
0503a1 |
break;
|
|
|
0503a1 |
case PARSE_STATE_COMMENT:
|
|
|
0503a1 |
if (PROTO_REPLY_QUERYALIASES == reply->expectedReplyType) {
|
|
|
0503a1 |
@@ -1005,11 +1017,13 @@ Proto_TextContents(GMarkupParseContext *parseContext,
|
|
|
0503a1 |
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
|
|
|
0503a1 |
"Found comment in reply type %d",
|
|
|
0503a1 |
reply->expectedReplyType);
|
|
|
0503a1 |
+ g_free(val);
|
|
|
0503a1 |
}
|
|
|
0503a1 |
break;
|
|
|
0503a1 |
default:
|
|
|
0503a1 |
g_warning("Unexpected value '%s' in unhandled parseState %d in %s\n",
|
|
|
0503a1 |
val, reply->parseState, __FUNCTION__);
|
|
|
0503a1 |
+ g_free(val);
|
|
|
0503a1 |
ASSERT(0);
|
|
|
0503a1 |
}
|
|
|
0503a1 |
}
|
|
|
0503a1 |
@@ -1200,7 +1214,6 @@ VGAuth_ReadAndParseResponse(VGAuthContext *ctx,
|
|
|
0503a1 |
VGAuthError err = VGAUTH_E_OK;
|
|
|
0503a1 |
GMarkupParseContext *parseContext;
|
|
|
0503a1 |
gsize len;
|
|
|
0503a1 |
- gchar *rawReply = NULL;
|
|
|
0503a1 |
ProtoReply *reply;
|
|
|
0503a1 |
gboolean bRet;
|
|
|
0503a1 |
GError *gErr = NULL;
|
|
|
0503a1 |
@@ -1217,6 +1230,8 @@ VGAuth_ReadAndParseResponse(VGAuthContext *ctx,
|
|
|
0503a1 |
* transport.
|
|
|
0503a1 |
*/
|
|
|
0503a1 |
while (!reply->complete) {
|
|
|
0503a1 |
+ gchar *rawReply = NULL;
|
|
|
0503a1 |
+
|
|
|
0503a1 |
err = VGAuth_CommReadData(ctx, &len, &rawReply);
|
|
|
0503a1 |
if (0 == len) { // EOF -- not expected
|
|
|
0503a1 |
err = VGAUTH_E_COMM;
|
|
|
0503a1 |
@@ -1237,6 +1252,7 @@ VGAuth_ReadAndParseResponse(VGAuthContext *ctx,
|
|
|
0503a1 |
rawReply,
|
|
|
0503a1 |
len,
|
|
|
0503a1 |
&gErr);
|
|
|
0503a1 |
+ g_free(rawReply);
|
|
|
0503a1 |
if (!bRet) {
|
|
|
0503a1 |
/*
|
|
|
0503a1 |
* XXX Could drain the wire here, but since this should
|
|
|
0503a1 |
@@ -1252,7 +1268,6 @@ VGAuth_ReadAndParseResponse(VGAuthContext *ctx,
|
|
|
0503a1 |
* XXX need some way to break out if packet never completed
|
|
|
0503a1 |
* yet socket left valid. timer?
|
|
|
0503a1 |
*/
|
|
|
0503a1 |
- g_free(rawReply);
|
|
|
0503a1 |
}
|
|
|
0503a1 |
|
|
|
0503a1 |
#if VGAUTH_PROTO_TRACE
|
|
|
0503a1 |
diff --git a/open-vm-tools/vgauth/serviceImpl/alias.c b/open-vm-tools/vgauth/serviceImpl/alias.c
|
|
|
0503a1 |
index f6cde02c..0a43811e 100644
|
|
|
0503a1 |
--- a/open-vm-tools/vgauth/serviceImpl/alias.c
|
|
|
0503a1 |
+++ b/open-vm-tools/vgauth/serviceImpl/alias.c
|
|
|
0503a1 |
@@ -3158,6 +3158,9 @@ ServiceIDVerifyStoreContents(void)
|
|
|
0503a1 |
* a blacklist of bad files and keep going. but that's
|
|
|
0503a1 |
* a lot of risky work that's very hard to test, so punt for now.
|
|
|
0503a1 |
*/
|
|
|
0503a1 |
+ g_free(badFileName);
|
|
|
0503a1 |
+ g_free(fullFileName);
|
|
|
0503a1 |
+ g_dir_close(dir);
|
|
|
0503a1 |
return VGAUTH_E_FAIL;
|
|
|
0503a1 |
} else {
|
|
|
0503a1 |
Audit_Event(TRUE,
|
|
|
0503a1 |
@@ -3408,6 +3411,7 @@ ServiceAliasInitAliasStore(void)
|
|
|
0503a1 |
"Failed to rename suspect Alias store directory '%s' to '%s'"),
|
|
|
0503a1 |
aliasStoreRootDir, badRootDirName);
|
|
|
0503a1 |
// XXX making this fatal for now. can we do anything better?
|
|
|
0503a1 |
+ g_free(badRootDirName);
|
|
|
0503a1 |
return VGAUTH_E_FAIL;
|
|
|
0503a1 |
}
|
|
|
0503a1 |
g_free(badRootDirName);
|
|
|
0503a1 |
--
|
|
|
0503a1 |
2.18.4
|
|
|
0503a1 |
|