New covscan errors in 'passkey' code #6733

alexey-tikhonov · 2023-05-15T17:41:14Z

Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.9.0/src/krb5_plugin/common/utils.c:62:22: warning[-Wanalyzer-malloc-leak]: leak of 'strdup(*array_17(D) + _7)'
#   60|       }
#   61|   
#   62|->     for (i = 0; array[i] != NULL; i++) {
#   63|           copy[i] = strdup(array[i]);
#   64|           if (copy[i] == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.9.0/src/krb5_plugin/common/utils.c:62:22: warning[-Wanalyzer-malloc-leak]: leak of 'strdup(*array_18(D) + _8)'
#   60|       }
#   61|   
#   62|->     for (i = 0; array[i] != NULL; i++) {
#   63|           copy[i] = strdup(array[i]);
#   64|           if (copy[i] == NULL) {

Error: CLANG_WARNING:
sssd-2.9.0/src/krb5_plugin/passkey/passkey_utils.c:562:5: warning[unix.Malloc]: Potential leak of memory pointed to by 'data'
#  560|       }
#  561|   
#  562|->     json_decref(jroot);
#  563|       return message;
#  564|   }

Error: UNREACHABLE (CWE-561):
sssd-2.9.0/src/responder/pam/pamsrv_passkey.c:1039: unreachable: This code cannot be reached: "if (!pctx->passkey_auth) {
...".
# 1037|   #endif
# 1038|   
# 1039|->     if (!pctx->passkey_auth) {
# 1040|           return false;
# 1041|       }

CC @ikerexxe, @pbrezina, @justin-stephenson

The text was updated successfully, but these errors were encountered:

ikerexxe · 2023-05-17T11:08:05Z

Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.9.0/src/krb5_plugin/common/utils.c:62:22: warning[-Wanalyzer-malloc-leak]: leak of 'strdup(*array_17(D) + _7)'
#   60|       }
#   61|   
#   62|->     for (i = 0; array[i] != NULL; i++) {
#   63|           copy[i] = strdup(array[i]);
#   64|           if (copy[i] == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401):
sssd-2.9.0/src/krb5_plugin/common/utils.c:62:22: warning[-Wanalyzer-malloc-leak]: leak of 'strdup(*array_18(D) + _8)'
#   60|       }
#   61|   
#   62|->     for (i = 0; array[i] != NULL; i++) {
#   63|           copy[i] = strdup(array[i]);
#   64|           if (copy[i] == NULL) {

These two are false positives. If anything fails while allocating memory in the loop sss_string_array_free() is called. This function manages the freeing of each element of the array, and then the pointer to the whole array.

Fixes following covscan issues: ``` Error: CLANG_WARNING: sssd-2.9.0/src/krb5_plugin/passkey/passkey_utils.c:562:5: warning[unix.Malloc]: Potential leak of memory pointed to by 'data' # 560| } # 561| # 562|-> json_decref(jroot); # 563| return message; # 564| } Error: UNREACHABLE (CWE-561): sssd-2.9.0/src/responder/pam/pamsrv_passkey.c:1039: unreachable: This code cannot be reached: "if (!pctx->passkey_auth) { ...". # 1037| #endif # 1038| # 1039|-> if (!pctx->passkey_auth) { # 1040| return false; # 1041| } ``` Resolves: SSSD#6733 Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

pbrezina · 2023-06-08T11:48:33Z

Pushed PR: #6737

master
- 702f7c2 - passkey: rename function
- 0588bd3 - passkey: fix two covscan issues

Fixes following covscan issues: ``` Error: CLANG_WARNING: sssd-2.9.0/src/krb5_plugin/passkey/passkey_utils.c:562:5: warning[unix.Malloc]: Potential leak of memory pointed to by 'data' # 560| } # 561| # 562|-> json_decref(jroot); # 563| return message; # 564| } Error: UNREACHABLE (CWE-561): sssd-2.9.0/src/responder/pam/pamsrv_passkey.c:1039: unreachable: This code cannot be reached: "if (!pctx->passkey_auth) { ...". # 1037| #endif # 1038| # 1039|-> if (!pctx->passkey_auth) { # 1040| return false; # 1041| } ``` Resolves: SSSD#6733 Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com> Reviewed-by: Justin Stephenson <jstephen@redhat.com> Reviewed-by: Pavel Březina <pbrezina@redhat.com> Reviewed-by: Sumit Bose <sbose@redhat.com>

Fixes following covscan issues: ``` Error: CLANG_WARNING: sssd-2.9.0/src/krb5_plugin/passkey/passkey_utils.c:562:5: warning[unix.Malloc]: Potential leak of memory pointed to by 'data' # 560| } # 561| # 562|-> json_decref(jroot); # 563| return message; # 564| } Error: UNREACHABLE (CWE-561): sssd-2.9.0/src/responder/pam/pamsrv_passkey.c:1039: unreachable: This code cannot be reached: "if (!pctx->passkey_auth) { ...". # 1037| #endif # 1038| # 1039|-> if (!pctx->passkey_auth) { # 1040| return false; # 1041| } ``` Resolves: #6733 Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com> Reviewed-by: Justin Stephenson <jstephen@redhat.com> Reviewed-by: Pavel Březina <pbrezina@redhat.com> Reviewed-by: Sumit Bose <sbose@redhat.com> Reviewed-by: Alexey Tikhonov <atikhono@redhat.com> Reviewed-by: Justin Stephenson <jstephen@redhat.com>

alexey-tikhonov · 2023-08-14T14:53:36Z

Pushed PR: #6876

sssd-2-9
- aba98a4 - passkey: rename function
- f79ce53 - passkey: fix two covscan issues

alexey-tikhonov added passkey Issues and PRs related to 'passkey' feature Future work labels May 15, 2023

alexey-tikhonov assigned ikerexxe May 15, 2023

ikerexxe mentioned this issue May 18, 2023

passkey: fix two covscan issues #6737

Closed

pbrezina closed this as completed in 0588bd3 Jun 8, 2023

pbrezina added the Closed: Fixed Issue was closed as fixed. label Jun 8, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

New covscan errors in 'passkey' code #6733

New covscan errors in 'passkey' code #6733

alexey-tikhonov commented May 15, 2023

ikerexxe commented May 17, 2023

pbrezina commented Jun 8, 2023

alexey-tikhonov commented Aug 14, 2023

New covscan errors in 'passkey' code #6733

New covscan errors in 'passkey' code #6733

Comments

alexey-tikhonov commented May 15, 2023

ikerexxe commented May 17, 2023

pbrezina commented Jun 8, 2023

alexey-tikhonov commented Aug 14, 2023