[06/38] trace-cmd lib: prevent a memory leak in handle_options()

Message ID	20240605134054.2626953-7-jmarchan@redhat.com (mailing list archive)
State	Superseded
Headers	show Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C7FDB195FF4 for <linux-trace-devel@vger.kernel.org>; Wed, 5 Jun 2024 13:41:26 +0000 (UTC) From: "Jerome Marchand" <jmarchan@redhat.com> To: Linux Trace Devel <linux-trace-devel@vger.kernel.org> Cc: Steven Rostedt <rostedt@goodmis.org>, Jerome Marchand <jmarchan@redhat.com> Subject: [PATCH 06/38] trace-cmd lib: prevent a memory leak in handle_options() Date: Wed, 5 Jun 2024 15:40:21 +0200 Message-ID: <20240605134054.2626953-7-jmarchan@redhat.com> In-Reply-To: <20240605134054.2626953-1-jmarchan@redhat.com> References: <20240605134054.2626953-1-jmarchan@redhat.com> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	trace-cmd: fix misc issues found by static analysis \| expand [00/38] trace-cmd: fix misc issues found by static analysis [01/38] trace-cmd listen: close ofd before exiting process_client() [02/38] trace-cmd msg: prevent a memory leak in get_trace_req_args() [03/38] trace-cmd lib: prevent a memory leak in read_header_files() [04/38] trace-cmd: call dlclose() in the error path of load_plugin() [05/38] trace-cmd lib: prevent possible memory coruption in add_plugin_file() [06/38] trace-cmd lib: prevent a memory leak in handle_options() [07/38] trace-cmd lib: prevent a memory leak in regex_event_buf() [08/38] trace-cmd lib: prevent a memory leak in create_event_list_item() [09/38] trace-cmd lib: prevent a memory leak in read_ftrace_printk() [10/38] trace-cmd: don't print a NULL string in append_pid_filter() [11/38] trace-cmd record: prevent possible memory coruption in get_pid_addr_maps() [12/38] trace-cmd hist: close tracecmd handle when trace_hist() exits early [13/38] trace-cmd record: prevent a memory leak in show_error() [14/38] trace-cmd record: prevent memory leak in update_pid_filters() [15/38] trace-cmd lib: check the return value of do_lssek() in trace_get_options() [16/38] trace-cmd lib: don't double close a file descriptor in read_header_files() [17/38] trace-cmd lib: prevent memory leak in ptp_clock_server() [18/38] trace-cmd lib: remove useless code in tracecmd_plog() [19/38] trace-cmd record: prevent memory leak in add_all_instances() [20/38] trace-cmd lib: check for a negative return value of read in tracecmd_compress_copy_from() [21/38] trace-cmd record: prevent memory leak in clear_func_filter() [22/38] trace-cmd dump: prevent buffer overrun in dump_clock() [23/38] trace-cmd lib: prevent buffer overrun in read_string() [24/38] trace-cmd: close file descriptor in trace_vsock_make() [25/38] trace-cmd lib: prevent memory leak in glob_events() [26/38] trace-cmd record: don't print a NULL string in get_temp_file() [27/38] trace-cmd lib: prevent a possible file descriptor leak in set_proc_kptr_restrict() [28/38] trace-cmd lib: remove unused tracecmd_parse_cmdlines() function [29/38] trace-cmd record: prevent memory leak in setup_network() [30/38] trace-cmd listen: prevent memory leak in communicate_with_client() [31/38] trace-cmd listen: prevent a infinite loop in communicate_with_client() [32/38] trace-cmd lib: prevent memory leak in tracecmd_create_event_hook() [33/38] trace-cmd record: prevent memory corruption in parse_record_options() [34/38] trace-cmd mem: prevent a memory leak in trace_mem() [35/38] trace-cmd: move the initialization of found_pid at the beginning of stop_trace_connect() [36/38] trace-cmd record: check the length of the protocol version received [37/38] trace-cmd record: close socket fd before retrying to connect [38/38] trace-cmd lib: prevent a memory leak in tracecmd_tsync_proto_getall()

Message ID

20240605134054.2626953-7-jmarchan@redhat.com (mailing list archive)

State

Superseded

Headers

From: "Jerome Marchand" <jmarchan@redhat.com>
To: Linux Trace Devel <linux-trace-devel@vger.kernel.org>
Cc: Steven Rostedt <rostedt@goodmis.org>,
	Jerome Marchand <jmarchan@redhat.com>
Subject: [PATCH 06/38] trace-cmd lib: prevent a memory leak in
 handle_options()
Date: Wed,  5 Jun 2024 15:40:21 +0200
Message-ID: <20240605134054.2626953-7-jmarchan@redhat.com>
In-Reply-To: <20240605134054.2626953-1-jmarchan@redhat.com>
References: <20240605134054.2626953-1-jmarchan@redhat.com>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

trace-cmd: fix misc issues found by static analysis | expand

Free buf in the error path. Fixes a RESOURCE_LEAK error (CWE-772) Signed-off-by: Jerome Marchand <jmarchan@redhat.com> --- lib/trace-cmd/trace-input.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-)

Comments

Steven Rostedt July 17, 2024, 8:27 p.m. UTC | #1

On Wed,  5 Jun 2024 15:40:21 +0200
"Jerome Marchand" <jmarchan@redhat.com> wrote:

> Free buf in the error path.
> 
> Fixes a RESOURCE_LEAK error (CWE-772)
> 
> Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
> ---
>  lib/trace-cmd/trace-input.c | 10 ++++++----
>  1 file changed, 6 insertions(+), 4 deletions(-)
> 
> diff --git a/lib/trace-cmd/trace-input.c b/lib/trace-cmd/trace-input.c
> index ce4ecf43..2cf0d1c1 100644
> --- a/lib/trace-cmd/trace-input.c
> +++ b/lib/trace-cmd/trace-input.c
> @@ -4030,7 +4030,7 @@ static int handle_options(struct tracecmd_input *handle)
>  		}
>  		ret = do_read_check(handle, buf, size);
>  		if (ret)
> -			goto out;
> +			goto out_free;
>  
>  		switch (option) {
>  		case TRACECMD_OPTION_DATE:
> @@ -4084,7 +4084,7 @@ static int handle_options(struct tracecmd_input *handle)
>  							     buf + 8, 4);
>  			ret = tsync_cpu_offsets_load(handle, buf + 12, size - 12);
>  			if (ret < 0)
> -				goto out;
> +				goto out_free;
>  			tracecmd_enable_tsync(handle, true);
>  			break;
>  		case TRACECMD_OPTION_CPUSTAT:
> @@ -4093,7 +4093,7 @@ static int handle_options(struct tracecmd_input *handle)
>  					   handle->cpustats_size + size + 1);
>  			if (!cpustats) {
>  				ret = -ENOMEM;
> -				goto out;
> +				goto out_free;
>  			}
>  			memcpy(cpustats + handle->cpustats_size, buf, size);
>  			handle->cpustats_size += size;
> @@ -4104,7 +4104,7 @@ static int handle_options(struct tracecmd_input *handle)
>  		case TRACECMD_OPTION_BUFFER_TEXT:
>  			ret = handle_buffer_option(handle, option, buf, size);
>  			if (ret < 0)
> -				goto out;
> +				goto out_free;
>  			break;
>  		case TRACECMD_OPTION_TRACECLOCK:
>  			tracecmd_parse_trace_clock(handle, buf, size);
> @@ -4183,6 +4183,8 @@ static int handle_options(struct tracecmd_input *handle)
>  
>  	ret = 0;
>  

The for (;;) loop ends with a free(buf) and then in the next iteration it can do:

		if (!HAS_SECTIONS(handle) && option == TRACECMD_OPTION_DONE)
			break;

> +out_free:
> +	free(buf);

Which will cause this to do a double free.

I'm going to not pull this patch.

-- Steve


>  out:
>  	if (compress)
>  		in_uncompress_reset(handle);

diff --git a/lib/trace-cmd/trace-input.c b/lib/trace-cmd/trace-input.c
index ce4ecf43..2cf0d1c1 100644
--- a/lib/trace-cmd/trace-input.c
+++ b/lib/trace-cmd/trace-input.c
@@ -4030,7 +4030,7 @@  static int handle_options(struct tracecmd_input *handle)
 		}
 		ret = do_read_check(handle, buf, size);
 		if (ret)
-			goto out;
+			goto out_free;
 
 		switch (option) {
 		case TRACECMD_OPTION_DATE:
@@ -4084,7 +4084,7 @@  static int handle_options(struct tracecmd_input *handle)
 							     buf + 8, 4);
 			ret = tsync_cpu_offsets_load(handle, buf + 12, size - 12);
 			if (ret < 0)
-				goto out;
+				goto out_free;
 			tracecmd_enable_tsync(handle, true);
 			break;
 		case TRACECMD_OPTION_CPUSTAT:
@@ -4093,7 +4093,7 @@  static int handle_options(struct tracecmd_input *handle)
 					   handle->cpustats_size + size + 1);
 			if (!cpustats) {
 				ret = -ENOMEM;
-				goto out;
+				goto out_free;
 			}
 			memcpy(cpustats + handle->cpustats_size, buf, size);
 			handle->cpustats_size += size;
@@ -4104,7 +4104,7 @@  static int handle_options(struct tracecmd_input *handle)
 		case TRACECMD_OPTION_BUFFER_TEXT:
 			ret = handle_buffer_option(handle, option, buf, size);
 			if (ret < 0)
-				goto out;
+				goto out_free;
 			break;
 		case TRACECMD_OPTION_TRACECLOCK:
 			tracecmd_parse_trace_clock(handle, buf, size);
@@ -4183,6 +4183,8 @@  static int handle_options(struct tracecmd_input *handle)
 
 	ret = 0;
 
+out_free:
+	free(buf);
 out:
 	if (compress)
 		in_uncompress_reset(handle);

[06/38] trace-cmd lib: prevent a memory leak in handle_options()

Commit Message

Comments

Patch