Martin discovered memory leaks in the unenroll function in ipa-client while reviewing ticket #3275. For starters the host, paramArrayP or argArrayP.
Additional leaks found by Coverity:
12454:
3. Condition NULL == hostname, taking false branch 962 if (NULL == hostname) { 963 uname(&uinfo); 964 host = strdup(uinfo.nodename); 965 } else { 4. returned_null: strdup returns null. 5. var_assigned: Assigning: host = null return value from strdup. 966 host = strdup(hostname); 967 } 968 6. identity_transfer: Passing host as argument 1 to function strstr, which returns an offset off that argument. CID 12454 (#2-3 of 4): Dereference null return value (NULL_RETURNS) 7. dereference: Dereferencing a pointer that might be null host when calling strstr. 969 if (NULL == strstr(host, ".")) { 970 fprintf(stderr, _("The hostname must be fully-qualified: %s\n"), host); 971 rval = 16; 972 goto cleanup; 973 }
12456:
544ldap_done: 545 546 free(filter); 547 free(search_base); 548 free(ldap_base); 549 550 if (ld != NULL) { 551 ldap_unbind_ext(ld, NULL, NULL); 552 } 553 554done: 8. Condition valresult, taking false branch 555 if (valresult) ber_bvfree(valresult); 9. Condition oidresult, taking false branch 556 if (oidresult) free(oidresult); CID 12456 (#1-2 of 2): Resource leak (RESOURCE_LEAK) 10. leaked_storage: Variable ldap_base going out of scope leaks the storage it points to. 557 return rval; 558}
12457:
849 krberr = krb5_cc_store_cred(krbctx, ccache, &creds); 17. Condition krberr != 0, taking true branch 850 if (krberr != 0) { 18. Condition !quiet, taking true branch 851 if (!quiet) 852 fprintf(stderr, 853 _("Error storing creds in credential cache: %s.\n"), 854 error_message(krberr)); CID 12458 (2): Resource leak (RESOURCE_LEAK) [select issue] CID 12457 (#3 of 3): Resource leak (RESOURCE_LEAK) 19. leaked_storage: Variable ipaserver going out of scope leaks the storage it points to. 855 return krberr; 856 } 857 krb5_cc_close(krbctx, ccache); 858 ccache = NULL; 859 putenv("KRB5CCNAME=MEMORY:ipa-join"); 860
12458:
913cleanup: 914 915 free(user_agent); 13. Condition keytab, taking false branch 916 if (keytab) krb5_kt_close(krbctx, keytab); 917 free((char *)principal); 918 free((char *)ipaserver); 14. Condition princ, taking false branch 919 if (princ) krb5_free_principal(krbctx, princ); 15. Condition ccache, taking false branch 920 if (ccache) krb5_cc_close(krbctx, ccache); 16. Condition krbctx, taking true branch 921 if (krbctx) krb5_free_context(krbctx); 922 923 free(url); 924 xmlrpc_env_clean(&env); 925 xmlrpc_client_cleanup(); 926 CID 12458 (#9-1 of 10): Resource leak (RESOURCE_LEAK) 17. leaked_storage: Variable host going out of scope leaks the storage it points to. 927 return rval; 928} 929
Metadata Update from @rcritten: - Issue assigned to someone - Issue set to the milestone: Ticket Backlog
I checked the code. The ldap_base, host and ipaserver are now properly freed.
ldap_base
host
ipaserver
Metadata Update from @cheimes: - Issue close_status updated to: fixed
Login to comment on this ticket.