diff mbox series

[4/9] obexd: Fix possible memleak

Message ID 20240702084900.773620-5-hadess@hadess.net (mailing list archive)
State Superseded
Headers show
Series Fix a number of static analysis issues #4 | expand

Checks

Context Check Description
tedd_an/pre-ci_am success Success
tedd_an/CheckPatch success CheckPatch PASS
tedd_an/GitLint fail WARNING: I3 - ignore-body-lines: gitlint will be switching from using Python regex 'match' (match beginning) to 'search' (match anywhere) semantics. Please review your ignore-body-lines.regex option accordingly. To remove this warning, set general.regex-style-search=True. More details: https://jorisroovers.github.io/gitlint/configuration/#regex-style-search 7: B1 Line exceeds max length (122>80): "bluez-5.76/obexd/plugins/messages-dummy.c:362:4: alloc_fn: Storage is returned from allocation function "g_strdup_inline"." 8: B1 Line exceeds max length (141>80): "bluez-5.76/obexd/plugins/messages-dummy.c:362:4: var_assign: Assigning: "entry->handle" = storage returned from "g_strdup_inline(values[i])"." 9: B1 Line exceeds max length (189>80): "bluez-5.76/obexd/plugins/messages-dummy.c:362:4: overwrite_var: Overwriting "entry->handle" in "entry->handle = g_strdup_inline(values[i])" leaks the storage that "entry->handle" points to." 10: B3 Line contains hard tab characters (\t): "360| for (i = 0 ; names[i]; ++i) {" 11: B3 Line contains hard tab characters (\t): "361| if (g_strcmp0(names[i], "handle") == 0) {" 12: B3 Line contains hard tab characters (\t): "362|-> entry->handle = g_strdup(values[i]);" 13: B3 Line contains hard tab characters (\t): "363| mld->size++;" 14: B3 Line contains hard tab characters (\t): "364| continue;" 17: B1 Line exceeds max length (122>80): "bluez-5.76/obexd/plugins/messages-dummy.c:367:4: alloc_fn: Storage is returned from allocation function "g_strdup_inline"." 18: B1 Line exceeds max length (150>80): "bluez-5.76/obexd/plugins/messages-dummy.c:367:4: var_assign: Assigning: "entry->attachment_size" = storage returned from "g_strdup_inline(values[i])"." 19: B1 Line exceeds max length (216>80): "bluez-5.76/obexd/plugins/messages-dummy.c:367:4: overwrite_var: Overwriting "entry->attachment_size" in "entry->attachment_size = g_strdup_inline(values[i])" leaks the storage that "entry->attachment_size" points to." 20: B3 Line contains hard tab characters (\t): "365| }" 21: B3 Line contains hard tab characters (\t): "366| if (g_strcmp0(names[i], "attachment_size") == 0) {" 22: B3 Line contains hard tab characters (\t): "367|-> entry->attachment_size = g_strdup(values[i]);" 23: B3 Line contains hard tab characters (\t): "368| continue;" 24: B3 Line contains hard tab characters (\t): "369| }" 27: B1 Line exceeds max length (122>80): "bluez-5.76/obexd/plugins/messages-dummy.c:371:4: alloc_fn: Storage is returned from allocation function "g_strdup_inline"." 28: B1 Line exceeds max length (143>80): "bluez-5.76/obexd/plugins/messages-dummy.c:371:4: var_assign: Assigning: "entry->datetime" = storage returned from "g_strdup_inline(values[i])"." 29: B1 Line exceeds max length (195>80): "bluez-5.76/obexd/plugins/messages-dummy.c:371:4: overwrite_var: Overwriting "entry->datetime" in "entry->datetime = g_strdup_inline(values[i])" leaks the storage that "entry->datetime" points to." 30: B3 Line contains hard tab characters (\t): "369| }" 31: B3 Line contains hard tab characters (\t): "370| if (g_strcmp0(names[i], "datetime") == 0) {" 32: B3 Line contains hard tab characters (\t): "371|-> entry->datetime = g_strdup(values[i]);" 33: B3 Line contains hard tab characters (\t): "372| continue;" 34: B3 Line contains hard tab characters (\t): "373| }" 37: B1 Line exceeds max length (122>80): "bluez-5.76/obexd/plugins/messages-dummy.c:375:4: alloc_fn: Storage is returned from allocation function "g_strdup_inline"." 38: B1 Line exceeds max length (142>80): "bluez-5.76/obexd/plugins/messages-dummy.c:375:4: var_assign: Assigning: "entry->subject" = storage returned from "g_strdup_inline(values[i])"." 39: B1 Line exceeds max length (192>80): "bluez-5.76/obexd/plugins/messages-dummy.c:375:4: overwrite_var: Overwriting "entry->subject" in "entry->subject = g_strdup_inline(values[i])" leaks the storage that "entry->subject" points to." 40: B3 Line contains hard tab characters (\t): "373| }" 41: B3 Line contains hard tab characters (\t): "374| if (g_strcmp0(names[i], "subject") == 0) {" 42: B3 Line contains hard tab characters (\t): "375|-> entry->subject = g_strdup(values[i]);" 43: B3 Line contains hard tab characters (\t): "376| continue;" 44: B3 Line contains hard tab characters (\t): "377| }" 47: B1 Line exceeds max length (122>80): "bluez-5.76/obexd/plugins/messages-dummy.c:379:4: alloc_fn: Storage is returned from allocation function "g_strdup_inline"." 48: B1 Line exceeds max length (155>80): "bluez-5.76/obexd/plugins/messages-dummy.c:379:4: var_assign: Assigning: "entry->recipient_addressing" = storage returned from "g_strdup_inline(values[i])"." 49: B1 Line exceeds max length (231>80): "bluez-5.76/obexd/plugins/messages-dummy.c:379:4: overwrite_var: Overwriting "entry->recipient_addressing" in "entry->recipient_addressing = g_strdup_inline(values[i])" leaks the storage that "entry->recipient_addressing" points to." 50: B3 Line contains hard tab characters (\t): "377| }" 51: B3 Line contains hard tab characters (\t): "378| if (g_strcmp0(names[i], "recipient_addressing") == 0) {" 52: B3 Line contains hard tab characters (\t): "379|-> entry->recipient_addressing = g_strdup(values[i]);" 53: B3 Line contains hard tab characters (\t): "380| continue;" 54: B3 Line contains hard tab characters (\t): "381| }" 57: B1 Line exceeds max length (122>80): "bluez-5.76/obexd/plugins/messages-dummy.c:383:4: alloc_fn: Storage is returned from allocation function "g_strdup_inline"." 58: B1 Line exceeds max length (152>80): "bluez-5.76/obexd/plugins/messages-dummy.c:383:4: var_assign: Assigning: "entry->sender_addressing" = storage returned from "g_strdup_inline(values[i])"." 59: B1 Line exceeds max length (222>80): "bluez-5.76/obexd/plugins/messages-dummy.c:383:4: overwrite_var: Overwriting "entry->sender_addressing" in "entry->sender_addressing = g_strdup_inline(values[i])" leaks the storage that "entry->sender_addressing" points to." 60: B3 Line contains hard tab characters (\t): "381| }" 61: B3 Line contains hard tab characters (\t): "382| if (g_strcmp0(names[i], "sender_addressing") == 0) {" 62: B3 Line contains hard tab characters (\t): "383|-> entry->sender_addressing = g_strdup(values[i]);" 63: B3 Line contains hard tab characters (\t): "384| continue;" 64: B3 Line contains hard tab characters (\t): "385| }" 67: B1 Line exceeds max length (122>80): "bluez-5.76/obexd/plugins/messages-dummy.c:387:4: alloc_fn: Storage is returned from allocation function "g_strdup_inline"." 68: B1 Line exceeds max length (139>80): "bluez-5.76/obexd/plugins/messages-dummy.c:387:4: var_assign: Assigning: "entry->type" = storage returned from "g_strdup_inline(values[i])"." 69: B1 Line exceeds max length (183>80): "bluez-5.76/obexd/plugins/messages-dummy.c:387:4: overwrite_var: Overwriting "entry->type" in "entry->type = g_strdup_inline(values[i])" leaks the storage that "entry->type" points to." 70: B3 Line contains hard tab characters (\t): "385| }" 71: B3 Line contains hard tab characters (\t): "386| if (g_strcmp0(names[i], "type") == 0) {" 72: B3 Line contains hard tab characters (\t): "387|-> entry->type = g_strdup(values[i]);" 73: B3 Line contains hard tab characters (\t): "388| continue;" 74: B3 Line contains hard tab characters (\t): "389| }" 77: B1 Line exceeds max length (122>80): "bluez-5.76/obexd/plugins/messages-dummy.c:391:4: alloc_fn: Storage is returned from allocation function "g_strdup_inline"." 78: B1 Line exceeds max length (151>80): "bluez-5.76/obexd/plugins/messages-dummy.c:391:4: var_assign: Assigning: "entry->reception_status" = storage returned from "g_strdup_inline(values[i])"." 79: B1 Line exceeds max length (219>80): "bluez-5.76/obexd/plugins/messages-dummy.c:391:4: overwrite_var: Overwriting "entry->reception_status" in "entry->reception_status = g_strdup_inline(values[i])" leaks the storage that "entry->reception_status" points to." 80: B3 Line contains hard tab characters (\t): "389| }" 81: B3 Line contains hard tab characters (\t): "390| if (g_strcmp0(names[i], "reception_status") == 0)" 82: B3 Line contains hard tab characters (\t): "391|-> entry->reception_status = g_strdup(values[i]);" 83: B3 Line contains hard tab characters (\t): "392| }"
tedd_an/IncrementalBuild success Incremental Build PASS

Commit Message

Bastien Nocera July 2, 2024, 8:47 a.m. UTC 
Fix possible resource leak if a attribute is repeated, overriding the
original value.

Error: RESOURCE_LEAK (CWE-772): [#def28] [important]
bluez-5.76/obexd/plugins/messages-dummy.c:362:4: alloc_fn: Storage is returned from allocation function "g_strdup_inline".
bluez-5.76/obexd/plugins/messages-dummy.c:362:4: var_assign: Assigning: "entry->handle" = storage returned from "g_strdup_inline(values[i])".
bluez-5.76/obexd/plugins/messages-dummy.c:362:4: overwrite_var: Overwriting "entry->handle" in "entry->handle = g_strdup_inline(values[i])" leaks the storage that "entry->handle" points to.
360|	for (i = 0 ; names[i]; ++i) {
361|		if (g_strcmp0(names[i], "handle") == 0) {
362|->			entry->handle = g_strdup(values[i]);
363|			mld->size++;
364|			continue;

Error: RESOURCE_LEAK (CWE-772): [#def29] [important]
bluez-5.76/obexd/plugins/messages-dummy.c:367:4: alloc_fn: Storage is returned from allocation function "g_strdup_inline".
bluez-5.76/obexd/plugins/messages-dummy.c:367:4: var_assign: Assigning: "entry->attachment_size" = storage returned from "g_strdup_inline(values[i])".
bluez-5.76/obexd/plugins/messages-dummy.c:367:4: overwrite_var: Overwriting "entry->attachment_size" in "entry->attachment_size = g_strdup_inline(values[i])" leaks the storage that "entry->attachment_size" points to.
365|		}
366|		if (g_strcmp0(names[i], "attachment_size") == 0) {
367|->			entry->attachment_size = g_strdup(values[i]);
368|			continue;
369|		}

Error: RESOURCE_LEAK (CWE-772): [#def30] [important]
bluez-5.76/obexd/plugins/messages-dummy.c:371:4: alloc_fn: Storage is returned from allocation function "g_strdup_inline".
bluez-5.76/obexd/plugins/messages-dummy.c:371:4: var_assign: Assigning: "entry->datetime" = storage returned from "g_strdup_inline(values[i])".
bluez-5.76/obexd/plugins/messages-dummy.c:371:4: overwrite_var: Overwriting "entry->datetime" in "entry->datetime = g_strdup_inline(values[i])" leaks the storage that "entry->datetime" points to.
369|		}
370|		if (g_strcmp0(names[i], "datetime") == 0) {
371|->			entry->datetime = g_strdup(values[i]);
372|			continue;
373|		}

Error: RESOURCE_LEAK (CWE-772): [#def31] [important]
bluez-5.76/obexd/plugins/messages-dummy.c:375:4: alloc_fn: Storage is returned from allocation function "g_strdup_inline".
bluez-5.76/obexd/plugins/messages-dummy.c:375:4: var_assign: Assigning: "entry->subject" = storage returned from "g_strdup_inline(values[i])".
bluez-5.76/obexd/plugins/messages-dummy.c:375:4: overwrite_var: Overwriting "entry->subject" in "entry->subject = g_strdup_inline(values[i])" leaks the storage that "entry->subject" points to.
373|		}
374|		if (g_strcmp0(names[i], "subject") == 0) {
375|->			entry->subject = g_strdup(values[i]);
376|			continue;
377|		}

Error: RESOURCE_LEAK (CWE-772): [#def32] [important]
bluez-5.76/obexd/plugins/messages-dummy.c:379:4: alloc_fn: Storage is returned from allocation function "g_strdup_inline".
bluez-5.76/obexd/plugins/messages-dummy.c:379:4: var_assign: Assigning: "entry->recipient_addressing" = storage returned from "g_strdup_inline(values[i])".
bluez-5.76/obexd/plugins/messages-dummy.c:379:4: overwrite_var: Overwriting "entry->recipient_addressing" in "entry->recipient_addressing = g_strdup_inline(values[i])" leaks the storage that "entry->recipient_addressing" points to.
377|		}
378|		if (g_strcmp0(names[i], "recipient_addressing") == 0) {
379|->			entry->recipient_addressing = g_strdup(values[i]);
380|			continue;
381|		}

Error: RESOURCE_LEAK (CWE-772): [#def33] [important]
bluez-5.76/obexd/plugins/messages-dummy.c:383:4: alloc_fn: Storage is returned from allocation function "g_strdup_inline".
bluez-5.76/obexd/plugins/messages-dummy.c:383:4: var_assign: Assigning: "entry->sender_addressing" = storage returned from "g_strdup_inline(values[i])".
bluez-5.76/obexd/plugins/messages-dummy.c:383:4: overwrite_var: Overwriting "entry->sender_addressing" in "entry->sender_addressing = g_strdup_inline(values[i])" leaks the storage that "entry->sender_addressing" points to.
381|		}
382|		if (g_strcmp0(names[i], "sender_addressing") == 0) {
383|->			entry->sender_addressing = g_strdup(values[i]);
384|			continue;
385|		}

Error: RESOURCE_LEAK (CWE-772): [#def34] [important]
bluez-5.76/obexd/plugins/messages-dummy.c:387:4: alloc_fn: Storage is returned from allocation function "g_strdup_inline".
bluez-5.76/obexd/plugins/messages-dummy.c:387:4: var_assign: Assigning: "entry->type" = storage returned from "g_strdup_inline(values[i])".
bluez-5.76/obexd/plugins/messages-dummy.c:387:4: overwrite_var: Overwriting "entry->type" in "entry->type = g_strdup_inline(values[i])" leaks the storage that "entry->type" points to.
385|		}
386|		if (g_strcmp0(names[i], "type") == 0) {
387|->			entry->type = g_strdup(values[i]);
388|			continue;
389|		}

Error: RESOURCE_LEAK (CWE-772): [#def35] [important]
bluez-5.76/obexd/plugins/messages-dummy.c:391:4: alloc_fn: Storage is returned from allocation function "g_strdup_inline".
bluez-5.76/obexd/plugins/messages-dummy.c:391:4: var_assign: Assigning: "entry->reception_status" = storage returned from "g_strdup_inline(values[i])".
bluez-5.76/obexd/plugins/messages-dummy.c:391:4: overwrite_var: Overwriting "entry->reception_status" in "entry->reception_status = g_strdup_inline(values[i])" leaks the storage that "entry->reception_status" points to.
389|		}
390|		if (g_strcmp0(names[i], "reception_status") == 0)
391|->			entry->reception_status = g_strdup(values[i]);
392|	}
393|
---
 obexd/plugins/messages-dummy.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/obexd/plugins/messages-dummy.c b/obexd/plugins/messages-dummy.c
index e37b52df6266..92378dab4b20 100644
--- a/obexd/plugins/messages-dummy.c
+++ b/obexd/plugins/messages-dummy.c
@@ -359,36 +359,45 @@  static void msg_element(GMarkupParseContext *ctxt, const char *element,
 
 	for (i = 0 ; names[i]; ++i) {
 		if (g_strcmp0(names[i], "handle") == 0) {
+			g_free(entry->handle);
 			entry->handle = g_strdup(values[i]);
 			mld->size++;
 			continue;
 		}
 		if (g_strcmp0(names[i], "attachment_size") == 0) {
+			g_free(entry->attachment_size);
 			entry->attachment_size = g_strdup(values[i]);
 			continue;
 		}
 		if (g_strcmp0(names[i], "datetime") == 0) {
+			g_free(entry->datetime);
 			entry->datetime = g_strdup(values[i]);
 			continue;
 		}
 		if (g_strcmp0(names[i], "subject") == 0) {
+			g_free(entry->subject);
 			entry->subject = g_strdup(values[i]);
 			continue;
 		}
 		if (g_strcmp0(names[i], "recipient_addressing") == 0) {
+			g_free(entry->recipient_addressing);
 			entry->recipient_addressing = g_strdup(values[i]);
 			continue;
 		}
 		if (g_strcmp0(names[i], "sender_addressing") == 0) {
+			g_free(entry->sender_addressing);
 			entry->sender_addressing = g_strdup(values[i]);
 			continue;
 		}
 		if (g_strcmp0(names[i], "type") == 0) {
+			g_free(entry->type);
 			entry->type = g_strdup(values[i]);
 			continue;
 		}
-		if (g_strcmp0(names[i], "reception_status") == 0)
+		if (g_strcmp0(names[i], "reception_status") == 0) {
+			g_free(entry->reception_status);
 			entry->reception_status = g_strdup(values[i]);
+		}
 	}
 
 	if (mld->size > mld->offset)