lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 13 Feb 2013 19:38:42 +0100
From:	Borislav Petkov <bp@...en8.de>
To:	Scan Subscription <scan-subscription@...erity.com>
Cc:	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"hpa@...or.com" <hpa@...or.com>
Subject: Re: New Defect(s) reported by Coverity Scan

On Wed, Feb 13, 2013 at 05:40:11PM +0000, Scan Subscription wrote:
> Hi,
> 
> Please find the latest report on new defect(s) that have been introduced to the Linux Kernel found with Coverity SCAN. 
> 
> 
> Defect(s) Reported-by: Coverity Scan:
> ___________________________________________________________________________
> ** CID 971353: Resource leak (RESOURCE_LEAK)
> /arch/x86/boot/tools/build.c: 259
> http://scan5.coverity.com:8080/sourcebrowser.htm?projectId=10063#mergedDefectId=971353
> 
> 
> ###########################################################################
> Defect Details:
> ___________________________________________________________________________
> CID 971353: Resource leak (RESOURCE_LEAK)
> http://scan5.coverity.com:8080/sourcebrowser.htm?projectId=10063#mergedDefectId=971353
> 
> /arch/x86/boot/tools/build.c: 240 ( alloc_fn)
> 
>    234 static void parse_zoffset(char *fname)
>    235 {
>    236        FILE *file;
>    237    	char *p;
>    238    	int c;
>    239    
> >>> Storage is returned from allocation function "fopen(char const * restrict, char const * restrict)".
> >>> Assigning: "file" = storage returned from "fopen(fname, "r")".
>    240    	file = fopen(fname, "r");
>    241    	if (!file)
>    242    		die("Unable to open `%s': %m", fname);
> >>> Resource "file" is not freed or pointed-to in function "fread(void * restrict, size_t, size_t, FILE * restrict)".
>    243    	c = fread(buf, 1, sizeof(buf) - 1, file);
> >>> Resource "file" is not freed or pointed-to in function "ferror(FILE *)".
>    244    	if (ferror(file))
>    245    		die("read-error on `zoffset.h'");
>    246    	buf[c] = 0;
>    247    
>   
> 
> /arch/x86/boot/tools/build.c: 259 ( leaked_storage)
>    256    		while (p && (*p == '\r' || *p == '\n'))
>    257    			p++;
>    258    	}
> >>> CID 971353: Resource leak (RESOURCE_LEAK) Variable "file" going out 
> >>> of scope leaks the storage it points to.

Well, we do

	fclose(file)

a couple of lines later in the same function.

The only problem I can see is that we don't fclose the file when ferror
returns non-NULL but that shouldn't matter because we die() then and all
resources are automatically freed.

-- 
Regards/Gruss,
    Boris.

Sent from a fat crate under my desk. Formatting is fine.
--
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ