Merge maint-1.2 #1221
Merged
Merge maint-1.2 #1221
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Remove unused commented code
Error: RESOURCE_LEAK (CWE-772): [#def28]
openscap-1.3.0_alpha1/src/OVAL/probes/independent/textfilecontent54_probe.c:144:
alloc_fn: Storage is returned from allocation function
"SEXP_string_newf".
openscap-1.3.0_alpha1/src/OVAL/probes/SEAP/sexp-manip.c:616:9: alloc_fn:
Storage is returned from allocation function "SEXP_new".
openscap-1.3.0_alpha1/src/OVAL/probes/SEAP/sexp-manip.c:1587:16:
alloc_fn: Storage is returned from allocation function "malloc".
openscap-1.3.0_alpha1/src/OVAL/probes/SEAP/sexp-manip.c:1587:16:
var_assign: Assigning: "s_exp" = "malloc(16UL)".
openscap-1.3.0_alpha1/src/OVAL/probes/SEAP/sexp-manip.c:1596:9:
return_alloc: Returning allocated memory "s_exp".
openscap-1.3.0_alpha1/src/OVAL/probes/SEAP/sexp-manip.c:616:9:
var_assign: Assigning: "sexp" = "SEXP_new()".
openscap-1.3.0_alpha1/src/OVAL/probes/SEAP/sexp-manip.c:618:9:
identity_transfer: Passing "sexp" as argument 1 to function
"SEXP_string_newf_rv", which returns that argument.
openscap-1.3.0_alpha1/src/OVAL/probes/SEAP/sexp-manip_r.c:288:9:
return_parm: Returning parameter "sexp_mem".
openscap-1.3.0_alpha1/src/OVAL/probes/SEAP/sexp-manip.c:618:9: noescape:
Resource "sexp" is not freed or pointed-to in function
"SEXP_string_newf_rv".
openscap-1.3.0_alpha1/src/OVAL/probes/SEAP/sexp-manip_r.c:243:37:
noescape: "SEXP_string_newf_rv(SEXP_t *, char const *, va_list)" does
not free or save its parameter "sexp_mem".
openscap-1.3.0_alpha1/src/OVAL/probes/SEAP/sexp-manip.c:618:9:
var_assign: Assigning: "sexp" = "SEXP_string_newf_rv(sexp, format, ap)".
openscap-1.3.0_alpha1/src/OVAL/probes/SEAP/sexp-manip.c:621:9:
return_alloc: Returning allocated memory "sexp".
openscap-1.3.0_alpha1/src/OVAL/probes/independent/textfilecontent54_probe.c:144:
var_assign: Assigning: "se_filepath" = storage returned from
"SEXP_string_newf("%s%s", path, filename)".
openscap-1.3.0_alpha1/src/OVAL/probes/independent/textfilecontent54_probe.c:150:
noescape: Resource "se_filepath" is not freed or pointed-to in
"probe_item_create".
openscap-1.3.0_alpha1/src/OVAL/probes/independent/textfilecontent54_probe.c:165:
leaked_storage: Variable "se_filepath" going out of scope leaks the
storage it points to.
163| }
164|
165|-> return item;
166| }
167|
A similar situation for se_instance variable.
Plug memory leaks
Extracted the process into a function and called it where it was missing.
Do not free oscap_source when parsing cvrf_xml for index. It should not be the duty of cvrf xml parsing function to free its source of input. Plus, cvrf_index_import is also called in function cvrf_session_new_from_source. In cvrf_session structure, the import source is part of the strucutre along with cvrf index, it make no sense to free it.
`fix_text` is allocated in `_xccdf_fix_decode_xml` and was possibly freed in `_write_text_to_fd_and_free`, but in meantime could have been be jumped over free, causing a memory leak.
Error: RESOURCE_LEAK (CWE-772): [#def9]
openscap-1.3.0_alpha1/src/CVRF/cvrf_priv.c:1659: alloc_fn: Storage is
returned from allocation function "oscap_element_string_copy".
openscap-1.3.0_alpha1/src/common/elements.c:134:3: alloc_fn: Storage is
returned from allocation function "calloc".
openscap-1.3.0_alpha1/src/common/elements.c:134:3: return_alloc_fn:
Directly returning storage allocated by "calloc".
openscap-1.3.0_alpha1/src/CVRF/cvrf_priv.c:1659: noescape: Resource
"oscap_element_string_copy(reader)" is not freed or pointed-to in
"oscap_stringlist_add_string".
openscap-1.3.0_alpha1/src/common/list.c:353:77: noescape:
"oscap_stringlist_add_string(struct oscap_stringlist *, char const *)"
does not free or save its parameter "str".
openscap-1.3.0_alpha1/src/CVRF/cvrf_priv.c:1659: leaked_storage: Failing
to save or free storage allocated by "oscap_element_string_copy(reader)"
leaks it.
1657| score_set->vector =
oscap_element_string_copy(reader);
1658| } else if
(xmlStrcmp(xmlTextReaderConstLocalName(reader), TAG_PRODUCT_ID) == 0) {
1659|->
oscap_stringlist_add_string(score_set->product_ids,
oscap_element_string_copy(reader));
1660| } else if
(xmlStrcmp(xmlTextReaderConstLocalName(reader), TAG_BASE_SCORE) == 0) {
1661| cvrf_score_set_add_metric(score_set,
CVSS_BASE, oscap_element_string_copy(reader));
…_leaks_maint-1.2 Add missing 'free' calls to src/OVAL/probes/probe/worker.c (maint-1.2 branch)
Stable_free complements Stable_new.
Fixed some Coverity issues
Fixed a memory leak, introduced Stable_free.
…eap-command OVAL/probes/SEAP/seap-command.c: fixed memory leaks
…rce_when_parsing_cvrf_xml Don't free oscap_source when parsing cvrf_xml
Plug a memory leak
Also extracted non-trivial generation of probe items to functions.
Make sure that intermediate results are freed.
…erity_false_positive OVAL/probes/SEAP/sexp-manip.c: fixed false positives reported by coverity
Conflicts: src/OVAL/probes/SEAP/seap-command-backendS.c src/OVAL/probes/probe/worker.c
|
LGTM, if tests pass, I am in favor of merge. |
|
test this please |
Merged
Codecov Report
@@ Coverage Diff @@
## master #1221 +/- ##
==========================================
- Coverage 61.85% 61.83% -0.03%
==========================================
Files 275 275
Lines 45164 45203 +39
==========================================
+ Hits 27936 27950 +14
- Misses 17228 17253 +25
Continue to review full report at Codecov.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR merges maint-1.2 to master.