Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Memleak fixes for kb_item_get_str() #502

Merged
merged 4 commits into from
May 11, 2020
Merged

Memleak fixes for kb_item_get_str() #502

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
751f90a
Add missing free of string scan_id.
janowagner May 10, 2020
9c186cf
Add free of strings cert, key, passwd, cafile.
janowagner May 10, 2020
dcfb9b2
Move retrieval of auth further down and free it.
janowagner May 10, 2020
0290519
Add Changelog entry.
janowagner May 10, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Fix format-truncation warning in GCC 8.2 and later. [#461](https://github.com/greenbone/openvas/pull/461)
- Clean the new kb when the scan was stopped and the host has not been started. [#494](https://github.com/greenbone/openvas/pull/494)
- Prevent child deadlock. [#491](https://github.com/greenbone/openvas/pull/491)
- Memleak fixes for kb_item_get_str(). [#502](https://github.com/greenbone/openvas/pull/502)

### Removed
- Removed "network scan" mode. This includes removal of NASL API methods "scan_phase()" and "network_targets()". Sending a "network_mode=yes" in a scanner configuration will have no effect anymore. [#493](https://github.com/greenbone/openvas/pull/493)
Expand Down
8 changes: 8 additions & 0 deletions misc/network.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -709,13 +709,21 @@ socket_negotiate_ssl (int fd, openvas_encaps_t transport,
if (open_SSL_connection (fp, cert, key, passwd, cafile, hostname) <= 0)
{
g_free (hostname);
g_free (cert);
g_free (key);
g_free (passwd);
g_free (cafile);
g_message ("Function socket_negotiate_ssl called from %s: "
"SSL/TLS connection failed.",
nasl_get_plugin_filename ());
release_connection_fd (fd, 0);
return -1;
}
g_free (hostname);
g_free (cert);
g_free (key);
g_free (passwd);
g_free (cafile);
return fd;
}

Expand Down
9 changes: 5 additions & 4 deletions nasl/nasl_http.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -100,10 +100,6 @@ _http_req (lex_ctxt *lexic, char *keyword)

kb = plug_get_kb (script_infos);
g_snprintf (tmp, sizeof (tmp), "/tmp/http/auth/%d", port);
auth = kb_item_get_str (kb, tmp);

if (!auth)
auth = kb_item_get_str (kb, "http/auth");

g_snprintf (tmp, sizeof (tmp), "http/%d", port);
ver = kb_item_get_int (kb, tmp);
Expand Down Expand Up @@ -160,10 +156,15 @@ Accept-Charset: iso-8859-1,*,utf-8\r\n",
else
request = build_encode_URL (keyword, NULL, item, "HTTP/1.0\r\n");

auth = kb_item_get_str (kb, tmp);
if (!auth)
auth = kb_item_get_str (kb, "http/auth");

if (auth)
{
char *tmp = g_strconcat (request, auth, "\r\n", NULL);
g_free (request);
g_free (auth);
request = tmp;
}
if (data)
Expand Down
1 change: 1 addition & 0 deletions src/attack.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,7 @@ set_scan_status (char *status)
snprintf (buffer, sizeof (buffer), "internal/%s", scan_id);
kb_item_set_str (main_kb, buffer, status, 0);
kb_lnk_reset (main_kb);
g_free (scan_id);
}

/**
Expand Down