|
 |
ab0dbe |
From c8d43e94583cde7c5289d8206e658f2bcfce389a Mon Sep 17 00:00:00 2001
|
|
|
ab0dbe |
From: Coiby Xu <coiby.xu@gmail.com>
|
|
|
ab0dbe |
Date: Fri, 11 Jun 2021 11:15:06 +0800
|
|
|
ab0dbe |
Subject: [PATCH 3/8] fix RESOURCE_LEAK errors detected by covscan in
|
|
|
ab0dbe |
src/dmidecodemodule.c
|
|
|
ab0dbe |
|
|
|
ab0dbe |
Fix the following errors found by covscan,
|
|
|
ab0dbe |
|
|
|
ab0dbe |
Error: RESOURCE_LEAK (CWE-772): [#def1]
|
|
|
ab0dbe |
python-dmidecode-3.12.2/src/dmidecodemodule.c:274: alloc_fn: Storage is returned from allocation function "xmlNewNode".
|
|
|
ab0dbe |
python-dmidecode-3.12.2/src/dmidecodemodule.c:274: var_assign: Assigning: "dmixml_n" = storage returned from "xmlNewNode(NULL, (xmlChar *)"dmidecode")".
|
|
|
ab0dbe |
python-dmidecode-3.12.2/src/dmidecodemodule.c:284: leaked_storage: Variable "dmixml_n" going out of scope leaks the storage it points to.
|
|
|
ab0dbe |
# 282| if( (group_n = load_mappingxml(opt)) == NULL) {
|
|
|
ab0dbe |
# 283| // Exception already set by calling function
|
|
|
ab0dbe |
# 284|-> return NULL;
|
|
|
ab0dbe |
# 285| }
|
|
|
ab0dbe |
# 286|
|
|
|
ab0dbe |
|
|
|
ab0dbe |
Error: RESOURCE_LEAK (CWE-772): [#def2]
|
|
|
ab0dbe |
python-dmidecode-3.12.2/src/dmidecodemodule.c:321: alloc_fn: Storage is returned from allocation function "log_retrieve".
|
|
|
ab0dbe |
python-dmidecode-3.12.2/src/dmidecodemodule.c:321: var_assign: Assigning: "err" = storage returned from "log_retrieve(opt->logdata, 3)".
|
|
|
ab0dbe |
python-dmidecode-3.12.2/src/dmidecodemodule.c:323: leaked_storage: Variable "err" going out of scope leaks the storage it points to.
|
|
|
ab0dbe |
# 321| char *err = log_retrieve(opt->logdata, LOG_ERR);
|
|
|
ab0dbe |
# 322| log_clear_partial(opt->logdata, LOG_ERR, 0);
|
|
|
ab0dbe |
# 323|-> PyReturnError(PyExc_RuntimeError, "Invalid type id '%s' -- %s", typeid, err);
|
|
|
ab0dbe |
# 324| }
|
|
|
ab0dbe |
# 325|
|
|
|
ab0dbe |
|
|
|
ab0dbe |
Error: RESOURCE_LEAK (CWE-772): [#def3]
|
|
|
ab0dbe |
python-dmidecode-3.12.2/src/dmidecodemodule.c:388: alloc_fn: Storage is returned from allocation function "xmlNewNode".
|
|
|
ab0dbe |
python-dmidecode-3.12.2/src/dmidecodemodule.c:388: var_assign: Assigning: "dmixml_n" = storage returned from "xmlNewNode(NULL, (xmlChar *)"dmidecode")".
|
|
|
ab0dbe |
python-dmidecode-3.12.2/src/dmidecodemodule.c:397: leaked_storage: Variable "dmixml_n" going out of scope leaks the storage it points to.
|
|
|
ab0dbe |
# 395| // Fetch the Mapping XML file
|
|
|
ab0dbe |
# 396| if( load_mappingxml(opt) == NULL) {
|
|
|
ab0dbe |
# 397|-> return NULL;
|
|
|
ab0dbe |
# 398| }
|
|
|
ab0dbe |
# 399|
|
|
|
ab0dbe |
|
|
|
ab0dbe |
Error: RESOURCE_LEAK (CWE-772): [#def4]
|
|
|
ab0dbe |
python-dmidecode-3.12.2/src/dmidecodemodule.c:823: alloc_fn: Storage is returned from allocation function "malloc".
|
|
|
ab0dbe |
python-dmidecode-3.12.2/src/dmidecodemodule.c:823: var_assign: Assigning: "opt" = storage returned from "malloc(58UL)".
|
|
|
ab0dbe |
python-dmidecode-3.12.2/src/dmidecodemodule.c:824: noescape: Resource "opt" is not freed or pointed-to in "memset". [Note: The source code implementation of the function has been overridden by a builtin model.]
|
|
|
ab0dbe |
python-dmidecode-3.12.2/src/dmidecodemodule.c:825: noescape: Resource "opt" is not freed or pointed-to in "init".
|
|
|
ab0dbe |
python-dmidecode-3.12.2/src/dmidecodemodule.c:833: leaked_storage: Variable "opt" going out of scope leaks the storage it points to.
|
|
|
ab0dbe |
# 831| #endif
|
|
|
ab0dbe |
# 832| if (module == NULL)
|
|
|
ab0dbe |
# 833|-> MODINITERROR;
|
|
|
ab0dbe |
# 834|
|
|
|
ab0dbe |
# 835| version = PYTEXT_FROMSTRING(VERSION);
|
|
|
ab0dbe |
|
|
|
ab0dbe |
Note for "Error: RESOURCE_LEAK (CWE-772): [#def2]", we have to call _PyReturnError directly so we can free the memory before return.
|
|
|
ab0dbe |
|
|
|
ab0dbe |
Signed-off-by: Coiby Xu <coiby.xu@gmail.com>
|
|
|
ab0dbe |
---
|
|
|
ab0dbe |
src/dmidecodemodule.c | 10 ++++++++--
|
|
|
ab0dbe |
1 file changed, 8 insertions(+), 2 deletions(-)
|
|
|
ab0dbe |
|
|
|
ab0dbe |
diff --git a/src/dmidecodemodule.c b/src/dmidecodemodule.c
|
|
|
ab0dbe |
index b31c002..b73811e 100644
|
|
|
ab0dbe |
--- a/src/dmidecodemodule.c
|
|
|
ab0dbe |
+++ b/src/dmidecodemodule.c
|
|
|
ab0dbe |
@@ -280,6 +280,7 @@ xmlNode *__dmidecode_xml_getsection(options *opt, const char *section) {
|
|
|
ab0dbe |
|
|
|
ab0dbe |
// Fetch the Mapping XML file
|
|
|
ab0dbe |
if( (group_n = load_mappingxml(opt)) == NULL) {
|
|
|
ab0dbe |
+ xmlFreeNode(dmixml_n);
|
|
|
ab0dbe |
// Exception already set by calling function
|
|
|
ab0dbe |
return NULL;
|
|
|
ab0dbe |
}
|
|
|
ab0dbe |
@@ -320,7 +321,9 @@ xmlNode *__dmidecode_xml_getsection(options *opt, const char *section) {
|
|
|
ab0dbe |
if(opt->type == -1) {
|
|
|
ab0dbe |
char *err = log_retrieve(opt->logdata, LOG_ERR);
|
|
|
ab0dbe |
log_clear_partial(opt->logdata, LOG_ERR, 0);
|
|
|
ab0dbe |
- PyReturnError(PyExc_RuntimeError, "Invalid type id '%s' -- %s", typeid, err);
|
|
|
ab0dbe |
+ _pyReturnError(PyExc_RuntimeError, "Invalid type id '%s' -- %s", typeid, err);
|
|
|
ab0dbe |
+ free(err);
|
|
|
ab0dbe |
+ return NULL;
|
|
|
ab0dbe |
}
|
|
|
ab0dbe |
|
|
|
ab0dbe |
// Parse the DMI data and put the result into dmixml_n node chain.
|
|
|
ab0dbe |
@@ -394,6 +397,7 @@ xmlNode *__dmidecode_xml_gettypeid(options *opt, int typeid)
|
|
|
ab0dbe |
|
|
|
ab0dbe |
// Fetch the Mapping XML file
|
|
|
ab0dbe |
if( load_mappingxml(opt) == NULL) {
|
|
|
ab0dbe |
+ xmlFreeNode(dmixml_n);
|
|
|
ab0dbe |
return NULL;
|
|
|
ab0dbe |
}
|
|
|
ab0dbe |
|
|
|
ab0dbe |
@@ -829,8 +833,10 @@ initdmidecodemod(void)
|
|
|
ab0dbe |
module = Py_InitModule3((char *)"dmidecodemod", DMIDataMethods,
|
|
|
ab0dbe |
"Python extension module for dmidecode");
|
|
|
ab0dbe |
#endif
|
|
|
ab0dbe |
- if (module == NULL)
|
|
|
ab0dbe |
+ if (module == NULL) {
|
|
|
ab0dbe |
+ free(opt);
|
|
|
ab0dbe |
MODINITERROR;
|
|
|
ab0dbe |
+ }
|
|
|
ab0dbe |
|
|
|
ab0dbe |
version = PYTEXT_FROMSTRING(VERSION);
|
|
|
ab0dbe |
Py_INCREF(version);
|
|
|
ab0dbe |
--
|
|
|
ab0dbe |
2.31.1
|
|
|
ab0dbe |
|