certmonger/SOURCES/0019-clang-more-Memory-leaks.patch
2021-09-09 15:18:05 +00:00

322 lines
8.6 KiB
Diff

From 83a701de85a6b22cc5ad3cec8cb2ddb54d0b2aae Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Mon, 8 Oct 2018 12:53:57 -0400
Subject: [PATCH 19/26] clang: more Memory leaks
Fix leaks in tests/tools/addcinfo.c, dogtag.c and submit-x.c
---
src/dogtag.c | 17 +++++++++++++----
src/getcert.c | 3 ++-
src/store-files.c | 1 +
src/submit-d.c | 6 ++++++
src/submit-x.c | 39 ++++++++++-----------------------------
tests/tools/addcinfo.c | 8 +++++---
6 files changed, 37 insertions(+), 37 deletions(-)
diff --git a/src/dogtag.c b/src/dogtag.c
index 55607f3d..8e3890a5 100644
--- a/src/dogtag.c
+++ b/src/dogtag.c
@@ -117,7 +117,7 @@ main(int argc, const char **argv)
const char *ssldir = NULL, *cainfo = NULL, *capath = NULL;
const char *sslcert = NULL, *sslkey = NULL;
const char *sslpin = NULL, *sslpinfile = NULL;
- const char *csr = NULL, *serial = NULL, *template = NULL;
+ const char *csr = NULL, *csre = NULL, *serial = NULL, *template = NULL;
const char *uid = NULL, *pwd = NULL, *pwdfile = NULL;
const char *udn = NULL, *pin = NULL, *pinfile = NULL;
char *poptarg;
@@ -127,7 +127,7 @@ main(int argc, const char **argv)
} *aoptions = NULL, *soptions = NULL;
size_t num_aoptions = 0, num_soptions = 0, j;
char *savedstate = NULL;
- char *p, *q, *params = NULL, *params2 = NULL;
+ char *p = NULL, *q = NULL, *params = NULL, *params2 = NULL;
const char *lasturl = NULL, *lastparams = NULL;
const char *tmp = NULL, *results = NULL;
struct cm_submit_h_context *hctx;
@@ -537,16 +537,19 @@ main(int argc, const char **argv)
}
poptPrintUsage(pctx, stdout, 0);
free(csr);
+ free(p);
return CM_SUBMIT_STATUS_UNCONFIGURED;
}
- csr = cm_submit_u_url_encode(csr);
+ csre = cm_submit_u_url_encode(csr);
params = talloc_asprintf(ctx,
"profileId=%s&"
"cert_request_type=pkcs10&"
"cert_request=%s&"
"xml=true",
template,
- csr);
+ csre);
+ free(csr);
+ free(csre);
}
/* Check for creds specified as options. */
for (j = 0; j < num_soptions; j++) {
@@ -608,12 +611,16 @@ main(int argc, const char **argv)
printf(_("No agent URL (-A) given, and no default "
"known.\n"));
poptPrintUsage(pctx, stdout, 0);
+ free(p);
+ free(q);
return CM_SUBMIT_STATUS_UNCONFIGURED;
}
if ((sslcert == NULL) || (strlen(sslcert) == 0)) {
printf(_("No agent credentials (-n) given, but they "
"are needed.\n"));
poptPrintUsage(pctx, stdout, 0);
+ free(p);
+ free(q);
return CM_SUBMIT_STATUS_UNCONFIGURED;
}
/* Reading profile defaults for this certificate, then applying
@@ -778,12 +785,14 @@ main(int argc, const char **argv)
lasturl);
}
talloc_free(ctx);
+ free(p);
return CM_SUBMIT_STATUS_UNREACHABLE;
}
if (results == NULL) {
printf(_("Internal error: no response to \"%s?%s\".\n"),
lasturl, lastparams);
talloc_free(ctx);
+ free(p);
return CM_SUBMIT_STATUS_REJECTED;
}
switch (op) {
diff --git a/src/getcert.c b/src/getcert.c
index ddb28de2..0d527ab0 100644
--- a/src/getcert.c
+++ b/src/getcert.c
@@ -4042,11 +4042,12 @@ thumbprint(const char *s, SECOidTag tag, int bits)
}
u = malloc(length);
if (u == NULL) {
+ free(t);
goto done;
}
length = cm_store_base64_to_bin(t, -1, u, length);
+ free(t);
if (PK11_HashBuf(tag, digest, u, length) == SECSuccess) {
- free(t);
t = malloc(bits / 4 + howmany(bits, 32));
if (t != NULL) {
ret = t;
diff --git a/src/store-files.c b/src/store-files.c
index b97ba5ff..4e57ae16 100644
--- a/src/store-files.c
+++ b/src/store-files.c
@@ -573,6 +573,7 @@ cm_store_file_read_lines(void *parent, FILE *fp)
lines = tlines;
}
}
+ free(buf);
return lines;
}
diff --git a/src/submit-d.c b/src/submit-d.c
index 5a4edb3f..36cc9828 100644
--- a/src/submit-d.c
+++ b/src/submit-d.c
@@ -1204,6 +1204,9 @@ restart:
} else {
printf("Error %d.\n", c);
}
+ if (defaults != nodefault) {
+ free(defaults);
+ }
return 1;
}
result = cm_submit_h_results(hctx, NULL) ?: "";
@@ -1365,6 +1368,9 @@ restart:
/* never reached */
break;
}
+ if (defaults != nodefault) {
+ free(defaults);
+ }
return 0;
}
#endif
diff --git a/src/submit-x.c b/src/submit-x.c
index abebc610..58d007ef 100644
--- a/src/submit-x.c
+++ b/src/submit-x.c
@@ -45,14 +45,17 @@ get_error_message(krb5_context ctx, krb5_error_code kcode)
{
const char *ret;
#ifdef HAVE_KRB5_GET_ERROR_MESSAGE
- ret = ctx ? krb5_get_error_message(ctx, kcode) : NULL;
- if (ret == NULL) {
- ret = error_message(kcode);
+ if (ctx) {
+ const char *msg = krb5_get_error_message(ctx, kcode);
+ ret = strdup(msg);
+ krb5_free_error_message(ctx, msg);
+ } else {
+ ret = strdup(error_message(kcode));
}
#else
- ret = error_message(kcode);
+ ret = strdup(error_message(kcode));
#endif
- return strdup(ret);
+ return ret;
}
char *
@@ -75,8 +78,6 @@ cm_submit_x_ccache_realm(char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
- } else {
- free(ret);
}
return NULL;
}
@@ -86,8 +87,6 @@ cm_submit_x_ccache_realm(char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
- } else {
- free(ret);
}
return NULL;
}
@@ -97,8 +96,6 @@ cm_submit_x_ccache_realm(char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
- } else {
- free(ret);
}
return NULL;
}
@@ -106,7 +103,7 @@ cm_submit_x_ccache_realm(char **msg)
if (data == NULL) {
fprintf(stderr, "Error retrieving principal realm.\n");
if (msg != NULL) {
- *msg = "Error retrieving principal realm.\n";
+ *msg = strdup("Error retrieving principal realm.\n");
}
return NULL;
}
@@ -114,7 +111,7 @@ cm_submit_x_ccache_realm(char **msg)
if (ret == NULL) {
fprintf(stderr, "Out of memory for principal realm.\n");
if (msg != NULL) {
- *msg = "Out of memory for principal realm.\n";
+ *msg = strdup("Out of memory for principal realm.\n");
}
return NULL;
}
@@ -145,8 +142,6 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
fprintf(stderr, "Error initializing Kerberos: %s.\n", ret);
if (msg != NULL) {
*msg = ret;
- } else {
- free(ret);
}
return kret;
}
@@ -160,8 +155,6 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
- } else {
- free(ret);
}
return kret;
}
@@ -173,8 +166,6 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
principal, ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
- } else {
- free(ret);
}
return kret;
}
@@ -186,8 +177,6 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
- } else {
- free(ret);
}
return kret;
}
@@ -209,8 +198,6 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
- } else {
- free(ret);
}
return kret;
}
@@ -229,8 +216,6 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
- } else {
- free(ret);
}
return kret;
}
@@ -245,8 +230,6 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
- } else {
- free(ret);
}
return kret;
}
@@ -257,8 +240,6 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
- } else {
- free(ret);
}
return kret;
}
diff --git a/tests/tools/addcinfo.c b/tests/tools/addcinfo.c
index 939005c2..e34612a5 100644
--- a/tests/tools/addcinfo.c
+++ b/tests/tools/addcinfo.c
@@ -63,7 +63,7 @@ content_info_template[] = {
int
main(int argc, char **argv)
{
- unsigned char *buffer = NULL, buf[BUFSIZ];
+ unsigned char *buffer = NULL, *newbuffer = NULL, buf[BUFSIZ];
int i, n = 0;
unsigned int j;
SECItem encoded;
@@ -73,11 +73,13 @@ main(int argc, char **argv)
cm_log_set_method(cm_log_stderr);
cm_log_set_level(3);
while ((i = read(STDIN_FILENO, buf, sizeof(buf))) > 0) {
- buffer = realloc(buffer, n + i);
- if (buffer == NULL) {
+ newbuffer = realloc(buffer, n + i);
+ if (newbuffer == NULL) {
+ free(buffer);
cm_log(0, "Out of memory.\n");
return 1;
}
+ buffer = newbuffer;
memcpy(buffer + n, buf, i);
n += i;
}
--
2.14.4