wget/src-http.c-check_auth-Fix-RESOURCE-LEAK-found-by-Cov.patch

From b8be904ac7c25387672b0aa39f7cba699bffc48e Mon Sep 17 00:00:00 2001
From: Tomas Hozza <thozza@redhat.com>
Date: Mon, 30 Jul 2018 15:38:45 +0200
Subject: [PATCH 18/83] * src/http.c (check_auth): Fix RESOURCE LEAK found by
 Coverity

Error: RESOURCE_LEAK (CWE-772):
wget-1.19.5/src/http.c:2434: alloc_fn: Storage is returned from allocation function "xmalloc".
wget-1.19.5/lib/xmalloc.c:41:11: alloc_fn: Storage is returned from allocation function "malloc".
wget-1.19.5/lib/xmalloc.c:41:11: var_assign: Assigning: "p" = "malloc(n)".
wget-1.19.5/lib/xmalloc.c:44:3: return_alloc: Returning allocated memory "p".
wget-1.19.5/src/http.c:2434: var_assign: Assigning: "auth_stat" = storage returned from "xmalloc(4UL)".
wget-1.19.5/src/http.c:2446: noescape: Resource "auth_stat" is not freed or pointed-to in "create_authorization_line".
wget-1.19.5/src/http.c:5203:70: noescape: "create_authorization_line(char const *, char const *, char const *, char const *, char const *, _Bool *, uerr_t *)" does not free or save its parameter "auth_err".
wget-1.19.5/src/http.c:2476: leaked_storage: Variable "auth_stat" going out of scope leaks the storage it points to.
\# 2474|                 /* Creating the Authorization header went wrong */
\# 2475|               }
\# 2476|->         }
\# 2477|         else
\# 2478|           {

Error: RESOURCE_LEAK (CWE-772):
wget-1.19.5/src/http.c:2431: alloc_fn: Storage is returned from allocation function "url_full_path".
wget-1.19.5/src/url.c:1105:19: alloc_fn: Storage is returned from allocation function "xmalloc".
wget-1.19.5/lib/xmalloc.c:41:11: alloc_fn: Storage is returned from allocation function "malloc".
wget-1.19.5/lib/xmalloc.c:41:11: var_assign: Assigning: "p" = "malloc(n)".
wget-1.19.5/lib/xmalloc.c:44:3: return_alloc: Returning allocated memory "p".
wget-1.19.5/src/url.c:1105:19: var_assign: Assigning: "full_path" = "xmalloc(length + 1)".
wget-1.19.5/src/url.c:1107:3: noescape: Resource "full_path" is not freed or pointed-to in function "full_path_write".
wget-1.19.5/src/url.c:1078:47: noescape: "full_path_write(struct url const *, char *)" does not free or save its parameter "where".
wget-1.19.5/src/url.c:1110:3: return_alloc: Returning allocated memory "full_path".
wget-1.19.5/src/http.c:2431: var_assign: Assigning: "pth" = storage returned from "url_full_path(u)".
wget-1.19.5/src/http.c:2446: noescape: Resource "pth" is not freed or pointed-to in "create_authorization_line".
wget-1.19.5/src/http.c:5203:40: noescape: "create_authorization_line(char const *, char const *, char const *, char const *, char const *, _Bool *, uerr_t *)" does not free or save its parameter "path".
wget-1.19.5/src/http.c:2476: leaked_storage: Variable "pth" going out of scope leaks the storage it points to.
\# 2474|                 /* Creating the Authorization header went wrong */
\# 2475|               }
\# 2476|->         }
\# 2477|         else
\# 2478|           {

Both "pth" and "auth_stat" are allocated in "check_auth()" function. These are used for creating the HTTP Authorization Request header via "create_authorization_line()" function. In case the creation went OK (auth_err == RETROK), then the memory previously allocated to "pth" and "auth_stat" is freed. However if the creation failed, then the memory is never freed and it leaks.

Signed-off-by: Tomas Hozza <thozza@redhat.com>
---
 src/http.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/http.c b/src/http.c
index 093be167..4e0d467a 100644
--- a/src/http.c
+++ b/src/http.c
@@ -2451,6 +2451,8 @@ check_auth (const struct url *u, char *user, char *passwd, struct response *resp
                                               auth_stat);
 
           auth_err = *auth_stat;
+          xfree (auth_stat);
+          xfree (pth);
           if (auth_err == RETROK)
             {
               request_set_header (req, "Authorization", value, rel_value);
@@ -2464,8 +2466,6 @@ check_auth (const struct url *u, char *user, char *passwd, struct response *resp
                   register_basic_auth_host (u->host);
                 }
 
-              xfree (pth);
-              xfree (auth_stat);
               *retry = true;
               goto cleanup;
             }
-- 
2.19.1
Package init 2019-09-30 11:19:50 -04:00			`From b8be904ac7c25387672b0aa39f7cba699bffc48e Mon Sep 17 00:00:00 2001`
			`From: Tomas Hozza <thozza@redhat.com>`
			`Date: Mon, 30 Jul 2018 15:38:45 +0200`
			`Subject: [PATCH 18/83] * src/http.c (check_auth): Fix RESOURCE LEAK found by`
			`Coverity`

			`Error: RESOURCE_LEAK (CWE-772):`
			`wget-1.19.5/src/http.c:2434: alloc_fn: Storage is returned from allocation function "xmalloc".`
			`wget-1.19.5/lib/xmalloc.c:41:11: alloc_fn: Storage is returned from allocation function "malloc".`
			`wget-1.19.5/lib/xmalloc.c:41:11: var_assign: Assigning: "p" = "malloc(n)".`
			`wget-1.19.5/lib/xmalloc.c:44:3: return_alloc: Returning allocated memory "p".`
			`wget-1.19.5/src/http.c:2434: var_assign: Assigning: "auth_stat" = storage returned from "xmalloc(4UL)".`
			`wget-1.19.5/src/http.c:2446: noescape: Resource "auth_stat" is not freed or pointed-to in "create_authorization_line".`
			`wget-1.19.5/src/http.c:5203:70: noescape: "create_authorization_line(char const , char const , char const , char const , char const , _Bool , uerr_t *)" does not free or save its parameter "auth_err".`
			`wget-1.19.5/src/http.c:2476: leaked_storage: Variable "auth_stat" going out of scope leaks the storage it points to.`
			`\# 2474\| /* Creating the Authorization header went wrong */`
			`\# 2475\| }`
			`\# 2476\|-> }`
			`\# 2477\| else`
			`\# 2478\| {`

			`Error: RESOURCE_LEAK (CWE-772):`
			`wget-1.19.5/src/http.c:2431: alloc_fn: Storage is returned from allocation function "url_full_path".`
			`wget-1.19.5/src/url.c:1105:19: alloc_fn: Storage is returned from allocation function "xmalloc".`
			`wget-1.19.5/lib/xmalloc.c:41:11: alloc_fn: Storage is returned from allocation function "malloc".`
			`wget-1.19.5/lib/xmalloc.c:41:11: var_assign: Assigning: "p" = "malloc(n)".`
			`wget-1.19.5/lib/xmalloc.c:44:3: return_alloc: Returning allocated memory "p".`
			`wget-1.19.5/src/url.c:1105:19: var_assign: Assigning: "full_path" = "xmalloc(length + 1)".`
			`wget-1.19.5/src/url.c:1107:3: noescape: Resource "full_path" is not freed or pointed-to in function "full_path_write".`
			`wget-1.19.5/src/url.c:1078:47: noescape: "full_path_write(struct url const , char )" does not free or save its parameter "where".`
			`wget-1.19.5/src/url.c:1110:3: return_alloc: Returning allocated memory "full_path".`
			`wget-1.19.5/src/http.c:2431: var_assign: Assigning: "pth" = storage returned from "url_full_path(u)".`
			`wget-1.19.5/src/http.c:2446: noescape: Resource "pth" is not freed or pointed-to in "create_authorization_line".`
			`wget-1.19.5/src/http.c:5203:40: noescape: "create_authorization_line(char const , char const , char const , char const , char const , _Bool , uerr_t *)" does not free or save its parameter "path".`
			`wget-1.19.5/src/http.c:2476: leaked_storage: Variable "pth" going out of scope leaks the storage it points to.`
			`\# 2474\| /* Creating the Authorization header went wrong */`
			`\# 2475\| }`
			`\# 2476\|-> }`
			`\# 2477\| else`
			`\# 2478\| {`

			`Both "pth" and "auth_stat" are allocated in "check_auth()" function. These are used for creating the HTTP Authorization Request header via "create_authorization_line()" function. In case the creation went OK (auth_err == RETROK), then the memory previously allocated to "pth" and "auth_stat" is freed. However if the creation failed, then the memory is never freed and it leaks.`

			`Signed-off-by: Tomas Hozza <thozza@redhat.com>`
			`---`
			`src/http.c \| 4 ++--`
			`1 file changed, 2 insertions(+), 2 deletions(-)`

			`diff --git a/src/http.c b/src/http.c`
			`index 093be167..4e0d467a 100644`
			`--- a/src/http.c`
			`+++ b/src/http.c`
			`@@ -2451,6 +2451,8 @@ check_auth (const struct url u, char user, char passwd, struct response resp`
			`auth_stat);`

			`auth_err = *auth_stat;`
			`+ xfree (auth_stat);`
			`+ xfree (pth);`
			`if (auth_err == RETROK)`
			`{`
			`request_set_header (req, "Authorization", value, rel_value);`
			`@@ -2464,8 +2466,6 @@ check_auth (const struct url u, char user, char passwd, struct response resp`
			`register_basic_auth_host (u->host);`
			`}`

			`- xfree (pth);`
			`- xfree (auth_stat);`
			`*retry = true;`
			`goto cleanup;`
			`}`
			`--`
			`2.19.1`