rpms/certmonger
7
0
Fork 0
Code Issues Pull Requests Releases Activity
21eb591c1f
certmonger/0011-clang-Memory-leak.patch

438 lines
12 KiB
Diff
Raw Blame History

From 3310a25181e94f5e05e671acc12d008cbac339ab Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Thu, 13 Sep 2018 15:50:53 -0400
Subject: [PATCH 11/16] clang: Memory leak
---
src/certmaster.c | 3 +++
src/certsave-o.c | 1 +
src/dogtag.c | 3 +++
src/ipa.c | 9 ++++++++-
src/local.c | 5 +++++
src/scep.c | 5 +++++
src/srvloc.c | 1 +
src/store-files.c | 2 +-
src/submit-x.c | 22 ++++++++++++++++++++++
src/util.c | 8 +++++++-
tests/tools/addcinfo.c | 3 +++
tests/tools/base2pem.c | 1 +
tests/tools/pem2base.c | 1 +
13 files changed, 61 insertions(+), 3 deletions(-)
diff --git a/src/certmaster.c b/src/certmaster.c
index 7e0bed90..4a5cf6af 100644
--- a/src/certmaster.c
+++ b/src/certmaster.c
@@ -160,6 +160,7 @@ main(int argc, const char **argv)
CM_SUBMIT_CSR_ENV);
}
poptPrintUsage(pctx, stdout, 0);
+ free(csr);
return CM_SUBMIT_STATUS_UNCONFIGURED;
}
@@ -185,11 +186,13 @@ main(int argc, const char **argv)
if (ctx == NULL) {
fprintf(stderr, "Error setting up for XMLRPC.\n");
printf(_("Error setting up for XMLRPC.\n"));
+ free(csr);
return CM_SUBMIT_STATUS_UNCONFIGURED;
}
/* Add the CSR as the sole argument. */
cm_submit_x_add_arg_s(ctx, csr);
+ free(csr);
/* Submit the request. */
fprintf(stderr, "Submitting request to \"%s\".\n", uri);
diff --git a/src/certsave-o.c b/src/certsave-o.c
index 77f54d7e..3d4018d8 100644
--- a/src/certsave-o.c
+++ b/src/certsave-o.c
@@ -258,6 +258,7 @@ cm_certsave_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
if (bin != NULL) {
BN_bn2bin(bn, bin);
serial = cm_store_hex_from_bin(NULL, bin, BN_num_bytes(bn));
+ free(bin);
}
}
if (serial != NULL) {
diff --git a/src/dogtag.c b/src/dogtag.c
index cd0b38b7..55607f3d 100644
--- a/src/dogtag.c
+++ b/src/dogtag.c
@@ -536,6 +536,7 @@ main(int argc, const char **argv)
CM_SUBMIT_CSR_ENV);
}
poptPrintUsage(pctx, stdout, 0);
+ free(csr);
return CM_SUBMIT_STATUS_UNCONFIGURED;
}
csr = cm_submit_u_url_encode(csr);
@@ -588,6 +589,8 @@ main(int argc, const char **argv)
params = talloc_asprintf(ctx,
"%s&%s=%s",
params, p, q);
+ free(p);
+ free(q);
}
use_agent_approval = FALSE;
break;
diff --git a/src/ipa.c b/src/ipa.c
index 67a0c651..acd1a4e2 100644
--- a/src/ipa.c
+++ b/src/ipa.c
@@ -226,6 +226,7 @@ cm_locate_xmlrpc_service(const char *server,
if (basedn == NULL) {
i = cm_find_default_naming_context(ld, &basedn);
if (i != 0) {
+ free(basedn);
return i;
}
}
@@ -526,6 +527,7 @@ fetch_roots(const char *server, int ldap_uri_cmd, const char *ldap_uri,
if (basedn == NULL) {
i = cm_find_default_naming_context(ld, &basedn);
if (i != 0) {
+ free(basedn);
return i;
}
}
@@ -802,6 +804,7 @@ main(int argc, const char **argv)
printf(_("Unable to read signing request from environment variable \"%s\".\n"),
CM_SUBMIT_CSR_ENV);
}
+ free(csr);
poptPrintUsage(pctx, stdout, 0);
return CM_SUBMIT_STATUS_UNCONFIGURED;
}
@@ -903,12 +906,16 @@ main(int argc, const char **argv)
if ((strcasecmp(mode, CM_OP_SUBMIT) == 0) ||
(strcasecmp(mode, CM_OP_POLL) == 0)) {
- return submit_or_poll(uri, cainfo, capath, server,
+ int ret;
+ ret = submit_or_poll(uri, cainfo, capath, server,
ldap_uri_cmd, ldap_uri, host, domain,
basedn, uid, pwd, csr, reqprinc, profile,
issuer);
+ free(csr);
+ return ret;
} else
if (strcasecmp(mode, CM_OP_FETCH_ROOTS) == 0) {
+ free(csr);
return fetch_roots(server, ldap_uri_cmd, ldap_uri, host,
uid, pwd, domain, basedn);
}
diff --git a/src/local.c b/src/local.c
index f437d62e..92bea144 100644
--- a/src/local.c
+++ b/src/local.c
@@ -559,6 +559,7 @@ main(int argc, const char **argv)
printf(_("Unable to read signing request.\n"));
cm_log(1, "Unable to read signing request.\n");
poptPrintUsage(pctx, stdout, 0);
+ free(csr);
return CM_SUBMIT_STATUS_UNCONFIGURED;
}
/* Take the lock. */
@@ -568,6 +569,7 @@ main(int argc, const char **argv)
&signer, &key);
if ((i != 0) || (signer == NULL)) {
cm_log(1, "Error reading signer info.\n");
+ free(csr);
/* Try again sometime later. */
return CM_SUBMIT_STATUS_UNREACHABLE;
}
@@ -577,11 +579,13 @@ main(int argc, const char **argv)
if ((fp == NULL) && (errno != ENOENT)) {
cm_log(1, "Error reading '%s': %s.\n", serial,
strerror(errno));
+ free(csr);
return CM_SUBMIT_STATUS_UNREACHABLE;
}
if (fp != NULL) {
if (fgets(buf, sizeof(buf), fp) == NULL) {
fclose(fp);
+ free(csr);
return CM_SUBMIT_STATUS_UNREACHABLE;
}
buf[strcspn(buf, "\r\n")] = '\0';
@@ -601,6 +605,7 @@ main(int argc, const char **argv)
/* Actually sign the request. */
i = cm_submit_o_sign(parent, csr, signer, key, hexserial,
now, 0, &cert);
+ free(csr);
if ((i == 0) && (cert != NULL)) {
/* Roll the serial number up. */
hexserial = cm_store_increment_serial(parent,
diff --git a/src/scep.c b/src/scep.c
index 72dff3d5..68eae788 100644
--- a/src/scep.c
+++ b/src/scep.c
@@ -338,6 +338,7 @@ main(int argc, const char **argv)
}
if (c != -1) {
poptPrintUsage(pctx, stdout, 0);
+ free(cainfo);
return CM_SUBMIT_STATUS_UNCONFIGURED;
}
@@ -386,6 +387,7 @@ main(int argc, const char **argv)
}
if ((message == NULL) || (strlen(message) == 0)) {
printf(_("Error reading request. Expected PKCS7 data containing a GetInitialCert pkiMessage, got nothing.\n"));
+ free(cainfo);
return CM_SUBMIT_STATUS_NEED_SCEP_MESSAGES;
}
/* First step: read capabilities for our use. */
@@ -405,6 +407,7 @@ main(int argc, const char **argv)
}
if ((message == NULL) || (strlen(message) == 0)) {
printf(_("Error reading request. Expected PKCS7 data containing a PKCSReq pkiMessage, got nothing.\n"));
+ free(cainfo);
return CM_SUBMIT_STATUS_NEED_SCEP_MESSAGES;
}
/* First step: read capabilities for our use. */
@@ -416,6 +419,7 @@ main(int argc, const char **argv)
/* Supply help output, if it's needed. */
if (missing_args) {
poptPrintUsage(pctx, stdout, 0);
+ free(cainfo);
return CM_SUBMIT_STATUS_UNCONFIGURED;
}
@@ -492,6 +496,7 @@ main(int argc, const char **argv)
verbose > 1 ?
cm_submit_h_curl_verbose_on :
cm_submit_h_curl_verbose_off);
+ free(cainfo);
cm_submit_h_run(hctx);
content_type = cm_submit_h_result_type(hctx);
if (content_type == NULL) {
diff --git a/src/srvloc.c b/src/srvloc.c
index acab55bf..e8f3f5a5 100644
--- a/src/srvloc.c
+++ b/src/srvloc.c
@@ -189,6 +189,7 @@ cm_srvloc_resolve(void *parent, const char *name, const char *udomain,
domain = strdup(udomain);
#endif
i = res_querydomain(name, domain, C_IN, T_SRV, answer, answer_len);
+ free(domain);
if (i == -1) {
return -1;
}
diff --git a/src/store-files.c b/src/store-files.c
index df1fa336..b97ba5ff 100644
--- a/src/store-files.c
+++ b/src/store-files.c
@@ -558,8 +558,8 @@ cm_store_file_read_lines(void *parent, FILE *fp)
case ';':
break;
}
+ free(buf);
}
- free(buf);
/* If we were reading a line, append it to the list. */
if (s != NULL) {
tlines = talloc_realloc(parent, lines, char *, n_lines + 2);
diff --git a/src/submit-x.c b/src/submit-x.c
index 60bcf78a..fa81e9aa 100644
--- a/src/submit-x.c
+++ b/src/submit-x.c
@@ -75,6 +75,8 @@ cm_submit_x_ccache_realm(char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return NULL;
}
@@ -84,6 +86,8 @@ cm_submit_x_ccache_realm(char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return NULL;
}
@@ -93,6 +97,8 @@ cm_submit_x_ccache_realm(char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return NULL;
}
@@ -139,6 +145,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
fprintf(stderr, "Error initializing Kerberos: %s.\n", ret);
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return kret;
}
@@ -152,6 +160,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return kret;
}
@@ -163,6 +173,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
principal, ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return kret;
}
@@ -174,6 +186,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return kret;
}
@@ -195,6 +209,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return kret;
}
@@ -213,6 +229,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return kret;
}
@@ -227,6 +245,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return kret;
}
@@ -237,6 +257,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return kret;
}
diff --git a/src/util.c b/src/util.c
index 67143d52..373bb533 100644
--- a/src/util.c
+++ b/src/util.c
@@ -98,7 +98,7 @@ read_config_file(const char *filename)
char *
get_config_entry(char * in_data, const char *section, const char *key)
{
- char *ptr = NULL, *p, *tmp;
+ char *ptr = NULL, *p, *tmp = NULL;
char *line;
int in_section = 0;
char * data = strdup(in_data);
@@ -129,9 +129,12 @@ get_config_entry(char * in_data, const char *section, const char *key)
}
if (strcmp(section, tmp) == 0) {
free(tmp);
+ tmp = NULL;
in_section = 1;
continue;
}
+ free(tmp);
+ tmp = NULL;
}
} /* [ */
@@ -145,8 +148,10 @@ get_config_entry(char * in_data, const char *section, const char *key)
tmp = strndup(line, p - line);
if (strcmp(key, tmp) != 0) {
free(tmp);
+ tmp = NULL;
} else {
free(tmp);
+ tmp = NULL;
/* Skip over any whitespace after the equal sign. */
line = strchr(line, '=');
@@ -168,5 +173,6 @@ get_config_entry(char * in_data, const char *section, const char *key)
}
}
free(data);
+ free(tmp);
return NULL;
}
diff --git a/tests/tools/addcinfo.c b/tests/tools/addcinfo.c
index f016acb4..939005c2 100644
--- a/tests/tools/addcinfo.c
+++ b/tests/tools/addcinfo.c
@@ -86,6 +86,7 @@ main(int argc, char **argv)
if (enveloped == NULL) {
cm_log(0, "Internal error: %s.\n",
PR_ErrorToName(PORT_GetError()));
+ free(buffer);
return 1;
}
ci.content_type = enveloped->oid;
@@ -96,6 +97,7 @@ main(int argc, char **argv)
content_info_template) != &encoded) {
cm_log(0, "Encoding error: %s.\n",
PR_ErrorToName(PORT_GetError()));
+ free(buffer);
return 1;
}
j = 0;
@@ -105,5 +107,6 @@ main(int argc, char **argv)
break;
}
}
+ free(buffer);
return 0;
}
diff --git a/tests/tools/base2pem.c b/tests/tools/base2pem.c
index 40e74201..31359684 100644
--- a/tests/tools/base2pem.c
+++ b/tests/tools/base2pem.c
@@ -76,5 +76,6 @@ main(int argc, const char **argv)
}
}
printf("%s", cm_submit_u_pem_from_base64(type, dos, p));
+ free(p);
return 0;
}
diff --git a/tests/tools/pem2base.c b/tests/tools/pem2base.c
index 0607c162..bb686c0e 100644
--- a/tests/tools/pem2base.c
+++ b/tests/tools/pem2base.c
@@ -46,5 +46,6 @@ main(int argc, char **argv)
}
}
printf("%s\n", cm_submit_u_base64_from_text(p));
+ free(p);
return 0;
}
--
2.14.4
Reference in New Issue View Git Blame Copy Permalink