From 866764119b61c2796164a1eae28db631f7a9994b Mon Sep 17 00:00:00 2001 From: Tomas Hozza Date: Fri, 24 Aug 2018 16:57:37 +0200 Subject: [PATCH 6/6] Fix RESOURCE LEAK found by Coverity Error: RESOURCE_LEAK (CWE-772): - REAL ERROR wget-1.19.5/src/warc.c:1376: alloc_fn: Storage is returned from allocation function "url_escape". wget-1.19.5/src/url.c:284:3: alloc_fn: Storage is returned from allocation function "url_escape_1". wget-1.19.5/src/url.c:255:3: alloc_fn: Storage is returned from allocation function "xmalloc". wget-1.19.5/lib/xmalloc.c:41:11: alloc_fn: Storage is returned from allocation function "malloc". wget-1.19.5/lib/xmalloc.c:41:11: var_assign: Assigning: "p" = "malloc(n)". wget-1.19.5/lib/xmalloc.c:44:3: return_alloc: Returning allocated memory "p". wget-1.19.5/src/url.c:255:3: var_assign: Assigning: "newstr" = "xmalloc(newlen + 1)". wget-1.19.5/src/url.c:258:3: var_assign: Assigning: "p2" = "newstr". wget-1.19.5/src/url.c:275:3: return_alloc: Returning allocated memory "newstr". wget-1.19.5/src/url.c:284:3: return_alloc_fn: Directly returning storage allocated by "url_escape_1". wget-1.19.5/src/warc.c:1376: var_assign: Assigning: "redirect_location" = storage returned from "url_escape(redirect_location)". wget-1.19.5/src/warc.c:1381: noescape: Resource "redirect_location" is not freed or pointed-to in "fprintf". wget-1.19.5/src/warc.c:1387: leaked_storage: Returning without freeing "redirect_location" leaks the storage that it points to. \# 1385| fflush (warc_current_cdx_file); \# 1386| \# 1387|-> return true; \# 1388| } \# 1389| url_escape() really returns a newly allocated memory and it leaks when the warc_write_cdx_record() returns. The memory returned from url_escape() is usually stored in a temporary variable in other parts of the project and then freed. I took the same approach. Signed-off-by: Tomas Hozza --- src/warc.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/warc.c b/src/warc.c index 5ebd04d7..2eb74966 100644 --- a/src/warc.c +++ b/src/warc.c @@ -1364,6 +1364,7 @@ warc_write_cdx_record (const char *url, const char *timestamp_str, char timestamp_str_cdx[15]; char offset_string[MAX_INT_TO_STRING_LEN(off_t)]; const char *checksum; + char *tmp_location = NULL; memcpy (timestamp_str_cdx , timestamp_str , 4); /* "YYYY" "-" */ memcpy (timestamp_str_cdx + 4, timestamp_str + 5, 2); /* "mm" "-" */ @@ -1382,18 +1383,19 @@ warc_write_cdx_record (const char *url, const char *timestamp_str, if (mime_type == NULL || strlen(mime_type) == 0) mime_type = "-"; if (redirect_location == NULL || strlen(redirect_location) == 0) - redirect_location = "-"; + tmp_location = strdup ("-"); else - redirect_location = url_escape(redirect_location); + tmp_location = url_escape(redirect_location); number_to_string (offset_string, offset); /* Print the CDX line. */ fprintf (warc_current_cdx_file, "%s %s %s %s %d %s %s - %s %s %s\n", url, timestamp_str_cdx, url, mime_type, response_code, checksum, - redirect_location, offset_string, warc_current_filename, + tmp_location, offset_string, warc_current_filename, response_uuid); fflush (warc_current_cdx_file); + free (tmp_location); return true; } -- 2.17.1