From 327b2dd0db9d00b7a37bfa42fd717b6d557ec22b Mon Sep 17 00:00:00 2001 From: Cheyenne Wills Date: Fri, 20 Dec 2024 15:29:59 -0700 Subject: [PATCH] libafscp: Fix problems found by static analysis Several static analysis tools have identified various problems: - missing checks to ensure *alloc was successful (infer) - memory leak (infer) - possible null pointer dereference (cppcheck) To resolve the above problems: - add checks to ensure *alloc was successful before using the memory - free memory before returning - move pointer based assignment to after a check for NULL This commit is a reorganization of commits developed by Pat Riehecky, who ran the static analysis tools and developed the fixes. afscp_dir.c:606: Memory dynamically allocated by `malloc`, indirectly via call to `afscp_DupFid()` on line 602 is not freed after the last access at line 606, column 9 afscp_dirops.c:44: Either the condition 'dir==NULL' is redundant or there is possible null pointer dereference: dir. Null pointer dereference Change-Id: I17c8b7b45d581f7c84d8a2930de73783e2ae18be Reviewed-on: https://gerrit.openafs.org/14712 Tested-by: BuildBot Reviewed-by: Michael Meffie Reviewed-by: Andrew Deason --- src/libafscp/afscp_dir.c | 6 ++++++ src/libafscp/afscp_dirops.c | 3 ++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/src/libafscp/afscp_dir.c b/src/libafscp/afscp_dir.c index 3ee49e982e..ad3638f5eb 100644 --- a/src/libafscp/afscp_dir.c +++ b/src/libafscp/afscp_dir.c @@ -509,6 +509,11 @@ afscp_HandleLink(struct afscp_venusfid *in, return in; } linkbuf = malloc(s->Length + 1); + if (linkbuf == NULL) { + afscp_errno = ENOMEM; + free(in); + return NULL; + } code = afscp_PRead(in, linkbuf, s->Length, 0); if (code < 0) { free(linkbuf); @@ -599,6 +604,7 @@ _ResolvePath(const struct afscp_venusfid *start, fidstack infids, if (fids == NULL) fids = fidstack_alloc(); if (fids == NULL) { + free(cwd); return NULL; } diff --git a/src/libafscp/afscp_dirops.c b/src/libafscp/afscp_dirops.c index 238535c397..3421e49885 100644 --- a/src/libafscp/afscp_dirops.c +++ b/src/libafscp/afscp_dirops.c @@ -41,7 +41,7 @@ afscp_CreateFile(const struct afscp_venusfid *dir, char *name, struct AFSStoreStatus *sst, struct afscp_venusfid **ret) { int code, i, j; - struct AFSFid df = dir->fid; + struct AFSFid df; struct afscp_volume *vol; struct AFSFetchStatus dfst, fst; struct AFSVolSync vs; @@ -56,6 +56,7 @@ afscp_CreateFile(const struct afscp_venusfid *dir, char *name, "afscp_CreateFile called with NULL args, cannot continue\n"); return -1; } + df = dir->fid; vol = afscp_VolumeById(dir->cell, dir->fid.Volume); if (vol == NULL) { afscp_errno = ENOENT;