[BlueZ,3/4] tools: Fix handle leak in rfcomm

Message ID	20220507170703.29902-4-i.kamaletdinov@omp.ru (mailing list archive)
State	Superseded
Headers	show Return-Path: <linux-bluetooth-owner@kernel.org> From: Ildar Kamaletdinov <i.kamaletdinov@omp.ru> To: <linux-bluetooth@vger.kernel.org> CC: Ildar Kamaletdinov <i.kamaletdinov@omp.ru> Subject: [PATCH BlueZ 3/4] tools: Fix handle leak in rfcomm Date: Sat, 7 May 2022 20:07:02 +0300 Message-ID: <20220507170703.29902-4-i.kamaletdinov@omp.ru> In-Reply-To: <20220507170703.29902-1-i.kamaletdinov@omp.ru> References: <20220507170703.29902-1-i.kamaletdinov@omp.ru> MIME-Version: 1.0 Content-Transfer-Encoding: 7BIT Content-Type: text/plain; charset=US-ASCII Precedence: bulk
Series	Fix few more bugs found by SVACE \| expand [BlueZ,0/4,v2] Fix few more bugs found by SVACE [BlueZ,1/4] tools: Fix memory leak in hciconfig [BlueZ,2/4] tools: Fix memory leaks in btgatt-server/client [BlueZ,3/4] tools: Fix handle leak in rfcomm [BlueZ,4/4] device: Fix uninitialized value usage

Message ID

20220507170703.29902-4-i.kamaletdinov@omp.ru (mailing list archive)

State

Superseded

Headers

From: Ildar Kamaletdinov <i.kamaletdinov@omp.ru>
To: <linux-bluetooth@vger.kernel.org>
CC: Ildar Kamaletdinov <i.kamaletdinov@omp.ru>
Subject: [PATCH BlueZ 3/4] tools: Fix handle leak in rfcomm
Date: Sat, 7 May 2022 20:07:02 +0300
Message-ID: <20220507170703.29902-4-i.kamaletdinov@omp.ru>
In-Reply-To: <20220507170703.29902-1-i.kamaletdinov@omp.ru>
References: <20220507170703.29902-1-i.kamaletdinov@omp.ru>
MIME-Version: 1.0
Content-Transfer-Encoding: 7BIT
Content-Type: text/plain; charset=US-ASCII
Precedence: bulk

Series

Fix few more bugs found by SVACE | expand

Checks

Context	Check	Description
tedd_an/pre-ci_am	success	Success
tedd_an/checkpatch	success	Checkpatch PASS
tedd_an/gitlint	success	Gitlint PASS

Context

Check

Description

tedd_an/pre-ci_am

success

Success

tedd_an/checkpatch

success

Checkpatch PASS

tedd_an/gitlint

success

Gitlint PASS

Commit Message

Ildar Kamaletdinov May 7, 2022, 5:07 p.m. UTC

Some branches of execution can make handle (socket) leakage.

Found by Linux Verification Center (linuxtesting.org) with the SVACE
static analysis tool.
---
 tools/rfcomm.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tools/rfcomm.c b/tools/rfcomm.c
index cd520aa44..e013ff588 100644
--- a/tools/rfcomm.c
+++ b/tools/rfcomm.c
@@ -298,6 +298,7 @@  static void cmd_connect(int ctl, int dev, bdaddr_t *bdaddr, int argc, char **arg
 
 		if (setsockopt(sk, SOL_SOCKET, SO_LINGER, &l, sizeof(l)) < 0) {
 			perror("Can't set linger option");
+			close(sk);
 			return;
 		}
 	}
@@ -466,6 +467,7 @@  static void cmd_listen(int ctl, int dev, bdaddr_t *bdaddr, int argc, char **argv
 	if (getsockname(nsk, (struct sockaddr *)&laddr, &alen) < 0) {
 		perror("Can't get RFCOMM socket name");
 		close(nsk);
+		close(sk);
 		return;
 	}
 
@@ -475,6 +477,7 @@  static void cmd_listen(int ctl, int dev, bdaddr_t *bdaddr, int argc, char **argv
 		if (setsockopt(nsk, SOL_SOCKET, SO_LINGER, &l, sizeof(l)) < 0) {
 			perror("Can't set linger option");
 			close(nsk);
+			close(sk);
 			return;
 		}
 	}
@@ -490,6 +493,7 @@  static void cmd_listen(int ctl, int dev, bdaddr_t *bdaddr, int argc, char **argv
 	dev = ioctl(nsk, RFCOMMCREATEDEV, &req);
 	if (dev < 0) {
 		perror("Can't create RFCOMM TTY");
+		close(nsk);
 		close(sk);
 		return;
 	}

[BlueZ,3/4] tools: Fix handle leak in rfcomm

Checks

Commit Message

Patch