Bug 891669

Summary: cppcheck error: extras/scsi_id/scsi_id.c: Memory leak: newargv [error]
Product: Red Hat Enterprise Linux 6 Reporter: Karel Volný <kvolny>
Component: udevAssignee: Harald Hoyer <harald>
Status: CLOSED ERRATA QA Contact: Radka Brychtova <rskvaril>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.4CC: msekleta, psklenar, rskvaril, udev-maint-list
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: udev-147-2.66.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-05-11 00:25:49 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1270825    

Description Karel Volný 2013-01-03 15:39:50 UTC 
Description of problem:
trying to run cppcheck on udev package, it reports error in scsi_id.c

Version-Release number of selected component (if applicable):
udev-147-2.43.el6.src.rpm

How reproducible:
always

Steps to Reproduce:
1. rpmbuild -bp udev-147-2.43.el6.src.rpm
2. cd ~/rpmbuild/BUILD/udev-147
3. cppcheck .
  
Actual results:
...
17/50 files checked 27% done
Checking extras/scsi_id/scsi_id.c...
[extras/scsi_id/scsi_id.c:680]: (error) Memory leak: newargv
18/50 files checked 30% done
...

Expected results:
no errors

Additional info:
I do not know how serious is this ... if this is not a bug in udev, then this should be reassigned to cppcheck not to report false positive.
Comment 2 RHEL Program Management 2013-01-07 06:47:18 UTC 
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
Comment 3 Harald Hoyer 2013-07-03 11:40:15 UTC 
int main(int argc, char **argv)
{
...
		if (set_options(udev, newargc, newargv, short_options, maj_min_dev) < 0) {
			retval = 2;
                        free(newargv); // <--------- MISSING
			goto exit;
		}
		free(newargv);
...
}
Comment 4 Michal Sekletar 2015-10-15 13:40:20 UTC 
(In reply to Harald Hoyer from comment #3)

>                         free(newargv); // <--------- MISSING

I've merged to my staging branch a different patch, because freeing just newargv is not enough. We also need to free newargv[0] because this is a pointer to buffer which actually hold the arguments. Btw, such patch is also upstream.

While at it, I also merged one more patch which prevents fd leak, also already upstream.
Comment 7 Radka Brychtova 2016-02-05 13:44:53 UTC 
Cppcheck is now part of Covscan in Errata-tool.
Cppcheck is clear in version udev-147-2.70.el6.
Comment 9 errata-xmlrpc 2016-05-11 00:25:49 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-0903.html