From 6ef06c19bb4e0a410f523bdae8c675229408ad17 Mon Sep 17 00:00:00 2001
From: Coiby Xu <coiby.xu@gmail.com>
Date: Fri, 11 Jun 2021 11:00:27 +0800
Subject: [PATCH 1/8] fix RESOURCE_LEAK errors detected by covscan in
src/xmlpythonizer.c
Fix the following errors found by covscan,
Error: RESOURCE_LEAK (CWE-772): [#def6]
python-dmidecode-3.12.2/src/xmlpythonizer.c:847: alloc_fn: Storage is returned from allocation function "malloc".
python-dmidecode-3.12.2/src/xmlpythonizer.c:847: var_assign: Assigning: "key" = storage returned from "malloc(258UL)".
python-dmidecode-3.12.2/src/xmlpythonizer.c:853: noescape: Resource "key" is not freed or pointed-to in "_get_key_value".
python-dmidecode-3.12.2/src/xmlpythonizer.c:857: leaked_storage: Variable "key" going out of scope leaks the storage it points to.
# 855| PyADD_DICT_VALUE(retdata, key, value);
# 856| } else {
# 857|-> PyReturnError(PyExc_ValueError, "Could not get key value: %s [%i] (Defining key: %s)",
# 858| map_p->rootpath, elmtid, map_p->key);
# 859| }
Error: RESOURCE_LEAK (CWE-772): [#def7]
python-dmidecode-3.12.2/src/xmlpythonizer.c:847: alloc_fn: Storage is returned from allocation function "malloc".
python-dmidecode-3.12.2/src/xmlpythonizer.c:847: var_assign: Assigning: "key" = storage returned from "malloc(258UL)".
python-dmidecode-3.12.2/src/xmlpythonizer.c:879: noescape: Resource "key" is not freed or pointed-to in "_get_key_value".
python-dmidecode-3.12.2/src/xmlpythonizer.c:921: leaked_storage: Variable "key" going out of scope leaks the storage it points to.
# 919| xmlXPathFreeObject(xpo);
# 920| } else {
# 921|-> PyReturnError(PyExc_ValueError, "Could not get key value: "
# 922| "%s [%i] (Defining key: %s)",
# 923| map_p->rootpath, elmtid, map_p->key);
Error: RESOURCE_LEAK (CWE-772): [#def8]
python-dmidecode-3.12.2/src/xmlpythonizer.c:877: alloc_fn: Storage is returned from allocation function "_get_xpath_values".
python-dmidecode-3.12.2/src/xmlpythonizer.c:877: var_assign: Assigning: "xpo" = storage returned from "_get_xpath_values(xpctx, map_p->value)".
python-dmidecode-3.12.2/src/xmlpythonizer.c:921: leaked_storage: Variable "xpo" going out of scope leaks the storage it points to.
# 919| xmlXPathFreeObject(xpo);
# 920| } else {
# 921|-> PyReturnError(PyExc_ValueError, "Could not get key value: "
# 922| "%s [%i] (Defining key: %s)",
# 923| map_p->rootpath, elmtid, map_p->key);
Error: RESOURCE_LEAK (CWE-772): [#def9]
python-dmidecode-3.12.2/src/xmlpythonizer.c:847: alloc_fn: Storage is returned from allocation function "malloc".
python-dmidecode-3.12.2/src/xmlpythonizer.c:847: var_assign: Assigning: "key" = storage returned from "malloc(258UL)".
python-dmidecode-3.12.2/src/xmlpythonizer.c:933: noescape: Resource "key" is not freed or pointed-to in "_get_key_value".
python-dmidecode-3.12.2/src/xmlpythonizer.c:934: leaked_storage: Variable "key" going out of scope leaks the storage it points to.
# 932| }
# 933| if( _get_key_value(logp, key, 256, map_p, xpctx, 0) == NULL ) {
# 934|-> PyReturnError(PyExc_ValueError,
# 935| "Could not get key value: %s [%i] (Defining key: %s)",
# 936| map_p->rootpath, elmtid, map_p->key);
Error: RESOURCE_LEAK (CWE-772): [#def10]
python-dmidecode-3.12.2/src/xmlpythonizer.c:847: alloc_fn: Storage is returned from allocation function "malloc".
python-dmidecode-3.12.2/src/xmlpythonizer.c:847: var_assign: Assigning: "key" = storage returned from "malloc(258UL)".
python-dmidecode-3.12.2/src/xmlpythonizer.c:947: noescape: Resource "key" is not freed or pointed-to in "_get_key_value".
python-dmidecode-3.12.2/src/xmlpythonizer.c:948: leaked_storage: Variable "key" going out of scope leaks the storage it points to.
# 946| }
# 947| if( _get_key_value(logp, key, 256, map_p, xpctx, 0) == NULL ) {
# 948|-> PyReturnError(PyExc_ValueError,
# 949| "Could not get key value: %s [%i] (Defining key: %s)",
# 950| map_p->rootpath, elmtid, map_p->key);
Error: RESOURCE_LEAK (CWE-772): [#def11]
python-dmidecode-3.12.2/src/xmlpythonizer.c:847: alloc_fn: Storage is returned from allocation function "malloc".
python-dmidecode-3.12.2/src/xmlpythonizer.c:847: var_assign: Assigning: "key" = storage returned from "malloc(258UL)".
python-dmidecode-3.12.2/src/xmlpythonizer.c:947: identity_transfer: Passing "key" as argument 2 to function "_get_key_value", which returns that argument.
python-dmidecode-3.12.2/src/xmlpythonizer.c:947: noescape: Resource "key" is not freed or pointed-to in "_get_key_value".
python-dmidecode-3.12.2/src/xmlpythonizer.c:959: leaked_storage: Variable "key" going out of scope leaks the storage it points to.
# 957| xmlXPathFreeObject(xpo);
# 958| }
# 959|-> PyReturnError(PyExc_ValueError,
# 960| "Could not get key value: %s [%i] (Defining key: %s)",
# 961| map_p->rootpath, elmtid, map_p->key);
Error: RESOURCE_LEAK (CWE-772): [#def12]
python-dmidecode-3.12.2/src/xmlpythonizer.c:847: alloc_fn: Storage is returned from allocation function "malloc".
python-dmidecode-3.12.2/src/xmlpythonizer.c:847: var_assign: Assigning: "key" = storage returned from "malloc(258UL)".
python-dmidecode-3.12.2/src/xmlpythonizer.c:947: identity_transfer: Passing "key" as argument 2 to function "_get_key_value", which returns that argument.
python-dmidecode-3.12.2/src/xmlpythonizer.c:947: noescape: Resource "key" is not freed or pointed-to in "_get_key_value".
python-dmidecode-3.12.2/src/xmlpythonizer.c:995: leaked_storage: Variable "key" going out of scope leaks the storage it points to.
# 993| } else {
# 994| // If NULL, something is wrong - exception is already set.
# 995|-> return NULL;
# 996| }
# 997| }
Error: RESOURCE_LEAK (CWE-772): [#def13]
python-dmidecode-3.12.2/src/xmlpythonizer.c:954: alloc_fn: Storage is returned from allocation function "_get_xpath_values".
python-dmidecode-3.12.2/src/xmlpythonizer.c:954: var_assign: Assigning: "xpo" = storage returned from "_get_xpath_values(xpctx, map_p->value)".
python-dmidecode-3.12.2/src/xmlpythonizer.c:995: leaked_storage: Variable "xpo" going out of scope leaks the storage it points to.
# 993| } else {
# 994| // If NULL, something is wrong - exception is already set.
# 995|-> return NULL;
# 996| }
# 997| }
Error: RESOURCE_LEAK (CWE-772): [#def14]
python-dmidecode-3.12.2/src/xmlpythonizer.c:1031: alloc_fn: Storage is returned from allocation function "malloc".
python-dmidecode-3.12.2/src/xmlpythonizer.c:1031: var_assign: Assigning: "key" = storage returned from "malloc(258UL)".
python-dmidecode-3.12.2/src/xmlpythonizer.c:1050: leaked_storage: Variable "key" going out of scope leaks the storage it points to.
# 1048| xpctx = xmlXPathNewContext(xpdoc);
# 1049| if( xpctx == NULL ) {
# 1050|-> PyReturnError(PyExc_MemoryError, "Could not setup new XPath context");
# 1051| }
# 1052| xpctx->node = data_n;
Error: RESOURCE_LEAK (CWE-772): [#def15]
python-dmidecode-3.12.2/src/xmlpythonizer.c:1054: alloc_fn: Storage is returned from allocation function "_get_xpath_values".
python-dmidecode-3.12.2/src/xmlpythonizer.c:1054: var_assign: Assigning: "xpo" = storage returned from "_get_xpath_values(xpctx, map_p->rootpath)".
python-dmidecode-3.12.2/src/xmlpythonizer.c:1065: leaked_storage: Variable "xpo" going out of scope leaks the storage it points to.
# 1063| // Exit if we get NULL - something is wrong
# 1064| //and exception is set
# 1065|-> return NULL;
# 1066| }
# 1067| }
Error: RESOURCE_LEAK (CWE-772): [#def16]
python-dmidecode-3.12.2/src/xmlpythonizer.c:1031: alloc_fn: Storage is returned from allocation function "malloc".
python-dmidecode-3.12.2/src/xmlpythonizer.c:1031: var_assign: Assigning: "key" = storage returned from "malloc(258UL)".
python-dmidecode-3.12.2/src/xmlpythonizer.c:1059: identity_transfer: Passing "key" as argument 2 to function "_get_key_value", which returns that argument.
python-dmidecode-3.12.2/src/xmlpythonizer.c:1059: noescape: Resource "key" is not freed or pointed-to in "_get_key_value".
python-dmidecode-3.12.2/src/xmlpythonizer.c:1059: identity_transfer: Passing "key" as argument 2 to function "_get_key_value", which returns that argument.
python-dmidecode-3.12.2/src/xmlpythonizer.c:1059: noescape: Resource "key" is not freed or pointed-to in "_get_key_value".
python-dmidecode-3.12.2/src/xmlpythonizer.c:1087: leaked_storage: Variable "key" going out of scope leaks the storage it points to.
# 1085| // Exit if we get NULL - something is wrong
# 1086| //and exception is set
# 1087|-> return NULL;
# 1088| }
# 1089| }
Signed-off-by: Coiby Xu <coiby.xu@gmail.com>
---
src/xmlpythonizer.c | 27 +++++++++++++++++++++++++++
1 file changed, 27 insertions(+)
diff --git a/src/xmlpythonizer.c b/src/xmlpythonizer.c
index e9c9242..ce2d067 100644
--- a/src/xmlpythonizer.c
+++ b/src/xmlpythonizer.c
@@ -854,6 +854,9 @@ PyObject *_deep_pythonize(Log_t *logp, PyObject *retdata,
value = PyBytes_FromString(map_p->value);
PyADD_DICT_VALUE(retdata, key, value);
} else {
+ xmlXPathFreeContext(xpctx);
+ xmlFreeDoc(xpdoc);
+ free(key);
PyReturnError(PyExc_ValueError, "Could not get key value: %s [%i] (Defining key: %s)",
map_p->rootpath, elmtid, map_p->key);
}
@@ -918,6 +921,10 @@ PyObject *_deep_pythonize(Log_t *logp, PyObject *retdata,
PyADD_DICT_VALUE(retdata, key, value);
xmlXPathFreeObject(xpo);
} else {
+ xmlXPathFreeObject(xpo);
+ xmlXPathFreeContext(xpctx);
+ xmlFreeDoc(xpdoc);
+ free(key);
PyReturnError(PyExc_ValueError, "Could not get key value: "
"%s [%i] (Defining key: %s)",
map_p->rootpath, elmtid, map_p->key);
@@ -931,6 +938,9 @@ PyObject *_deep_pythonize(Log_t *logp, PyObject *retdata,
break;
}
if( _get_key_value(logp, key, 256, map_p, xpctx, 0) == NULL ) {
+ xmlXPathFreeContext(xpctx);
+ xmlFreeDoc(xpdoc);
+ free(key);
PyReturnError(PyExc_ValueError,
"Could not get key value: %s [%i] (Defining key: %s)",
map_p->rootpath, elmtid, map_p->key);
@@ -945,6 +955,9 @@ PyObject *_deep_pythonize(Log_t *logp, PyObject *retdata,
break;
}
if( _get_key_value(logp, key, 256, map_p, xpctx, 0) == NULL ) {
+ xmlXPathFreeContext(xpctx);
+ xmlFreeDoc(xpdoc);
+ free(key);
PyReturnError(PyExc_ValueError,
"Could not get key value: %s [%i] (Defining key: %s)",
map_p->rootpath, elmtid, map_p->key);
@@ -956,6 +969,9 @@ PyObject *_deep_pythonize(Log_t *logp, PyObject *retdata,
if( xpo != NULL ) {
xmlXPathFreeObject(xpo);
}
+ xmlXPathFreeContext(xpctx);
+ xmlFreeDoc(xpdoc);
+ free(key);
PyReturnError(PyExc_ValueError,
"Could not get key value: %s [%i] (Defining key: %s)",
map_p->rootpath, elmtid, map_p->key);
@@ -991,6 +1007,10 @@ PyObject *_deep_pythonize(Log_t *logp, PyObject *retdata,
PyList_Append(value, dataset);
}
} else {
+ xmlXPathFreeObject(xpo);
+ xmlXPathFreeContext(xpctx);
+ xmlFreeDoc(xpdoc);
+ free(key);
// If NULL, something is wrong - exception is already set.
return NULL;
}
@@ -1047,6 +1067,8 @@ PyObject *pythonizeXMLnode(Log_t *logp, ptzMAP *in_map, xmlNode *data_n) {
xpctx = xmlXPathNewContext(xpdoc);
if( xpctx == NULL ) {
+ xmlFreeDoc(xpdoc);
+ free(key);
PyReturnError(PyExc_MemoryError, "Could not setup new XPath context");
}
xpctx->node = data_n;
@@ -1062,6 +1084,10 @@ PyObject *pythonizeXMLnode(Log_t *logp, ptzMAP *in_map, xmlNode *data_n) {
if( res == NULL ) {
// Exit if we get NULL - something is wrong
//and exception is set
+ xmlXPathFreeObject(xpo);
+ xmlXPathFreeContext(xpctx);
+ xmlFreeDoc(xpdoc);
+ free(key);
return NULL;
}
}
@@ -1084,6 +1110,7 @@ PyObject *pythonizeXMLnode(Log_t *logp, ptzMAP *in_map, xmlNode *data_n) {
if( res == NULL ) {
// Exit if we get NULL - something is wrong
//and exception is set
+ free(key);
return NULL;
}
}
--
2.31.1