Fixed some issues found by static analyzers #2634
Open
Commits on Mar 6, 2024
-
Error: RESOURCE_LEAK (CWE-772): src/util/util.c:188: alloc_fn: Storage is returned from allocation function "strdup". src/util/util.c:188: var_assign: Assigning: "cmdline" = storage returned from "strdup(p)". src/util/util.c:209: identity_transfer: Passing "cmdline" as argument 1 to function "next_arg", which returns an offset off that argument. src/util/util.c:209: identity_transfer: Passing "cmdline" as argument 1 to function "next_arg", which sets "key" to an offset off that argument. src/util/util.c:209: identity_transfer: Passing "cmdline" as argument 1 to function "next_arg", which sets "value" to an offset off that argument. src/util/util.c:209: var_assign: Assigning: "cmdline" = storage returned from "next_arg(cmdline, &key, &value)". src/util/util.c:210: noescape: Resource "key" is not freed or pointed-to in "strcmp". src/util/util.c:219: leaked_storage: Variable "value" going out of scope leaks the storage it points to. src/util/util.c:219: leaked_storage: Variable "key" going out of scope leaks the storage it points to. src/util/util.c:209: identity_transfer: Passing "cmdline" as argument 1 to function "next_arg", which returns an offset off that argument. src/util/util.c:209: identity_transfer: Passing "cmdline" as argument 1 to function "next_arg", which sets "key" to an offset off that argument. src/util/util.c:209: identity_transfer: Passing "cmdline" as argument 1 to function "next_arg", which sets "value" to an offset off that argument. src/util/util.c:209: var_assign: Assigning: "cmdline" = storage returned from "next_arg(cmdline, &key, &value)". src/util/util.c:210: noescape: Resource "key" is not freed or pointed-to in "strcmp". src/util/util.c:219: leaked_storage: Variable "value" going out of scope leaks the storage it points to. src/util/util.c:219: leaked_storage: Variable "key" going out of scope leaks the storage it points to. src/util/util.c:238: leaked_storage: Variable "cmdline" going out of scope leaks the storage it points to.
-
fix(dracut-install): buffer overrun
Error: OVERRUN (CWE-119): src/install/dracut-install.c:464: identity_transfer: Passing "4097UL" as argument 3 to function "readlink", which returns that argument. [Note: The source code implementation of the function has been overridden by a builtin model.] src/install/dracut-install.c:464: assignment: Assigning: "linksz" = "readlink(fullsrcpath, linktarget, 4097UL)". The value of "linksz" is now 4097. src/install/dracut-install.c:467: overrun-local: Overrunning array "linktarget" of 4097 bytes at byte offset 4097 using index "linksz" (which evaluates to 4097). 465| if (linksz < 0) 466| return NULL; 467|-> linktarget[linksz] = '\0'; 468| 469| log_debug("get_real_file: readlink('%s') returns '%s'", fullsrcpath, linktarget); -
"Error: RESOURCE_LEAK (CWE-772): src/util/util.c:252: alloc_fn: Storage is returned from allocation function ""strdup"". src/util/util.c:252: var_assign: Assigning: ""cmdline"" = storage returned from ""strdup(p)"". src/util/util.c:273: identity_transfer: Passing ""cmdline"" as argument 1 to function ""next_arg"", which returns an offset off that argument. src/util/util.c:273: identity_transfer: Passing ""cmdline"" as argument 1 to function ""next_arg"", which sets ""key"" to an offset off that argument. src/util/util.c:273: identity_transfer: Passing ""cmdline"" as argument 1 to function ""next_arg"", which sets ""value"" to an offset off that argument. src/util/util.c:273: var_assign: Assigning: ""cmdline"" = storage returned from ""next_arg(cmdline, &key, &value)"". src/util/util.c:274: noescape: Resource ""key"" is not freed or pointed-to in ""strcmp"". src/util/util.c:289: leaked_storage: Variable ""value"" going out of scope leaks the storage it points to. src/util/util.c:289: leaked_storage: Variable ""key"" going out of scope leaks the storage it points to. src/util/util.c:273: identity_transfer: Passing ""cmdline"" as argument 1 to function ""next_arg"", which returns an offset off that argument. src/util/util.c:273: identity_transfer: Passing ""cmdline"" as argument 1 to function ""next_arg"", which sets ""key"" to an offset off that argument. src/util/util.c:273: identity_transfer: Passing ""cmdline"" as argument 1 to function ""next_arg"", which sets ""value"" to an offset off that argument. src/util/util.c:273: var_assign: Assigning: ""cmdline"" = storage returned from ""next_arg(cmdline, &key, &value)"". src/util/util.c:274: noescape: Resource ""key"" is not freed or pointed-to in ""strcmp"". src/util/util.c:289: leaked_storage: Variable ""value"" going out of scope leaks the storage it points to. src/util/util.c:289: leaked_storage: Variable ""key"" going out of scope leaks the storage it points to. src/util/util.c:290: leaked_storage: Variable ""cmdline"" going out of scope leaks the storage it points to. 288| } 289| } while (cmdline[0]); 290|-> return found_value ? EXIT_SUCCESS : EXIT_FAILURE; 291| } 292| "
-
fix(dracut-install): memory leak
"Error: RESOURCE_LEAK (CWE-772): src/install/dracut-install.c:1135: alloc_fn: Storage is returned from allocation function ""strv_split"". src/install/dracut-install.c:1135: var_assign: Assigning: ""firmwaredirs"" = storage returned from ""strv_split(optarg, "":"")"". src/install/dracut-install.c:1135: overwrite_var: Overwriting ""firmwaredirs"" in ""firmwaredirs = strv_split(optarg, "":"")"" leaks the storage that ""firmwaredirs"" points to. 1133| break; 1134| case ARG_FIRMWAREDIRS: 1135|-> firmwaredirs = strv_split(optarg, "":""); 1136| break; 1137| case 'f':"
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.