Bug 1777920 - covscan memory leaks report
Summary: covscan memory leaks report
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: ipa
Version: 8.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: 8.0
Assignee: Thomas Woerner
QA Contact: ipa-qe
URL:
Whiteboard:
Depends On:
Blocks: 1817922
TreeView+ depends on / blocked
 
Reported: 2019-11-28 16:38 UTC by Florence Blanc-Renaud
Modified: 2020-04-28 15:44 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1817922 (view as bug list)
Environment:
Last Closed: 2020-04-28 15:44:12 UTC
Type: ---
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2020:1640 None None None 2020-04-28 15:44:32 UTC

Description Florence Blanc-Renaud 2019-11-28 16:38:47 UTC
This bug is created as a clone of upstream ticket:
https://pagure.io/freeipa/issue/8131

After running Red Hat's covscan tool, following issues were found:

### Error: RESOURCE_LEAK (CWE-772):
```
freeipa-4.8.3/util/ipa_pwd_ntlm.c:63: alloc_fn: Storage is returned from allocation function "calloc".
freeipa-4.8.3/util/ipa_pwd_ntlm.c:63: var_assign: Assigning: "ucs2Passwd" = storage returned from "calloc(ol, 1UL)".
freeipa-4.8.3/util/ipa_pwd_ntlm.c:71: var_assign: Assigning: "outc" = "ucs2Passwd".
freeipa-4.8.3/util/ipa_pwd_ntlm.c:92: noescape: Resource "ucs2Passwd" is not freed or pointed-to in "MD4_Update".
freeipa-4.8.3/util/ipa_pwd_ntlm.c:108: leaked_storage: Variable "ucs2Passwd" going out of scope leaks the storage it points to.
freeipa-4.8.3/util/ipa_pwd_ntlm.c:108: leaked_storage: Variable "outc" going out of scope leaks the storage it points to.
#  106|   
#  107|   done:
#  108|->     return ret;
#  109|   }
```

### Error: RESOURCE_LEAK (CWE-772):
```
freeipa-4.8.3/client/ipa-getkeytab.c:513: alloc_arg: "ipa_string_to_enctypes" allocates memory that is stored into "es".
freeipa-4.8.3/client/ipa-getkeytab.c:515: leaked_storage: Variable "es" going out of scope leaks the storage it points to.
#  513|           ret = ipa_string_to_enctypes(enctypes, &es, &num_es, err_msg);
#  514|           if (ret || num_es == 0) {
#  515|->             return LDAP_OPERATIONS_ERROR;
#  516|           }
#  517|       }
```

Comment 1 Alexander Bokovoy 2019-11-28 16:42:45 UTC
PR: https://github.com/freeipa/freeipa/pull/3956

Comment 3 Christian Heimes 2019-11-29 10:14:57 UTC
master:

* e3ad78538e1dd2f63f171ef1c2b470a1a4f47a8c covscan: free encryption types in case there is an error
* e9dd757763c76402e07f533f19e269eeebc554fa covscan: free ucs2-encoded password copy when generating NTLM hash

Comment 8 errata-xmlrpc 2020-04-28 15:44:12 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2020:1640


Note You need to log in before you can comment on or make changes to this bug.