897c917424
Rebasing to the latest version fixes most SAST issue, but doesn't includes the latest 8 fixes which have to be bacported on top of it. Resolves: RHEL-40112
58 lines
1.5 KiB
Diff
58 lines
1.5 KiB
Diff
From 3be4066b9a9c6a76a824fc7a7a6a983fd23088a7 Mon Sep 17 00:00:00 2001
|
|
From: Jerome Marchand <jmarchan@redhat.com>
|
|
Date: Tue, 29 Oct 2024 09:01:10 +0100
|
|
Subject: [PATCH 1/8] trace-cmd lib: Prevent a memory leak in handle_options()
|
|
|
|
Buf isn't always fred in the error path. Instead of freing buf at the
|
|
end of the loop, free it in the exit path and before reallocating it.
|
|
|
|
Fixes a RESOURCE_LEAK error (CWE-772)
|
|
|
|
Link: https://lore.kernel.org/20241029080117.625177-2-jmarchan@redhat.com
|
|
Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
|
|
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
|
|
---
|
|
lib/trace-cmd/trace-input.c | 7 +++----
|
|
1 file changed, 3 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/lib/trace-cmd/trace-input.c b/lib/trace-cmd/trace-input.c
|
|
index 8b6e3d0c..ad662fc6 100644
|
|
--- a/lib/trace-cmd/trace-input.c
|
|
+++ b/lib/trace-cmd/trace-input.c
|
|
@@ -4006,7 +4006,7 @@ static int handle_options(struct tracecmd_input *handle)
|
|
char *cpustats = NULL;
|
|
struct hook_list *hook;
|
|
bool compress = false;
|
|
- char *buf;
|
|
+ char *buf = NULL;
|
|
int cpus;
|
|
int ret;
|
|
|
|
@@ -4036,6 +4036,7 @@ static int handle_options(struct tracecmd_input *handle)
|
|
ret = read4(handle, &size);
|
|
if (ret)
|
|
goto out;
|
|
+ free(buf);
|
|
buf = malloc(size);
|
|
if (!buf) {
|
|
ret = -ENOMEM;
|
|
@@ -4189,14 +4190,12 @@ static int handle_options(struct tracecmd_input *handle)
|
|
tracecmd_warning("unknown option %d", option);
|
|
break;
|
|
}
|
|
-
|
|
- free(buf);
|
|
-
|
|
}
|
|
|
|
ret = 0;
|
|
|
|
out:
|
|
+ free(buf);
|
|
if (compress)
|
|
in_uncompress_reset(handle);
|
|
return ret;
|
|
--
|
|
2.47.0
|
|
|