72 lines
3.3 KiB
Diff
72 lines
3.3 KiB
Diff
|
From 2f451dbf4e83c751f6bbba7ed26d90bf275fcbf7 Mon Sep 17 00:00:00 2001
|
||
|
|
From: Tomas Hozza <thozza@redhat.com>
|
||
|
|
Date: Fri, 24 Aug 2018 16:57:37 +0200
|
||
|
|
Subject: [PATCH 22/83] * src/warc.c (warc_write_cdx_record): Fix RESOURCE LEAK
|
||
|
|
found by Coverity
|
||
|
|
|
||
|
|
Error: RESOURCE_LEAK (CWE-772): - REAL ERROR
|
||
|
|
wget-1.19.5/src/warc.c:1376: alloc_fn: Storage is returned from allocation function "url_escape".
|
||
|
|
wget-1.19.5/src/url.c:284:3: alloc_fn: Storage is returned from allocation function "url_escape_1".
|
||
|
|
wget-1.19.5/src/url.c:255:3: alloc_fn: Storage is returned from allocation function "xmalloc".
|
||
|
|
wget-1.19.5/lib/xmalloc.c:41:11: alloc_fn: Storage is returned from allocation function "malloc".
|
||
|
|
wget-1.19.5/lib/xmalloc.c:41:11: var_assign: Assigning: "p" = "malloc(n)".
|
||
|
|
wget-1.19.5/lib/xmalloc.c:44:3: return_alloc: Returning allocated memory "p".
|
||
|
|
wget-1.19.5/src/url.c:255:3: var_assign: Assigning: "newstr" = "xmalloc(newlen + 1)".
|
||
|
|
wget-1.19.5/src/url.c:258:3: var_assign: Assigning: "p2" = "newstr".
|
||
|
|
wget-1.19.5/src/url.c:275:3: return_alloc: Returning allocated memory "newstr".
|
||
|
|
wget-1.19.5/src/url.c:284:3: return_alloc_fn: Directly returning storage allocated by "url_escape_1".
|
||
|
|
wget-1.19.5/src/warc.c:1376: var_assign: Assigning: "redirect_location" = storage returned from "url_escape(redirect_location)".
|
||
|
|
wget-1.19.5/src/warc.c:1381: noescape: Resource "redirect_location" is not freed or pointed-to in "fprintf".
|
||
|
|
wget-1.19.5/src/warc.c:1387: leaked_storage: Returning without freeing "redirect_location" leaks the storage that it points to.
|
||
|
|
\# 1385| fflush (warc_current_cdx_file);
|
||
|
|
\# 1386|
|
||
|
|
\# 1387|-> return true;
|
||
|
|
\# 1388| }
|
||
|
|
\# 1389|
|
||
|
|
|
||
|
|
url_escape() really returns a newly allocated memory and it leaks when the warc_write_cdx_record() returns. The memory returned from url_escape() is usually stored in a temporary variable in other parts of the project and then freed. I took the same approach.
|
||
|
|
|
||
|
|
Signed-off-by: Tomas Hozza <thozza@redhat.com>
|
||
|
|
---
|
||
|
|
src/warc.c | 8 +++++---
|
||
|
|
1 file changed, 5 insertions(+), 3 deletions(-)
|
||
|
|
|
||
|
|
diff --git a/src/warc.c b/src/warc.c
|
||
|
|
index 5ebd04d7..2eb74966 100644
|
||
|
|
--- a/src/warc.c
|
||
|
|
+++ b/src/warc.c
|
||
|
|
@@ -1364,6 +1364,7 @@ warc_write_cdx_record (const char *url, const char *timestamp_str,
|
||
|
|
char timestamp_str_cdx[15];
|
||
|
|
char offset_string[MAX_INT_TO_STRING_LEN(off_t)];
|
||
|
|
const char *checksum;
|
||
|
|
+ char *tmp_location = NULL;
|
||
|
|
|
||
|
|
memcpy (timestamp_str_cdx , timestamp_str , 4); /* "YYYY" "-" */
|
||
|
|
memcpy (timestamp_str_cdx + 4, timestamp_str + 5, 2); /* "mm" "-" */
|
||
|
|
@@ -1382,18 +1383,19 @@ warc_write_cdx_record (const char *url, const char *timestamp_str,
|
||
|
|
if (mime_type == NULL || strlen(mime_type) == 0)
|
||
|
|
mime_type = "-";
|
||
|
|
if (redirect_location == NULL || strlen(redirect_location) == 0)
|
||
|
|
- redirect_location = "-";
|
||
|
|
+ tmp_location = strdup ("-");
|
||
|
|
else
|
||
|
|
- redirect_location = url_escape(redirect_location);
|
||
|
|
+ tmp_location = url_escape(redirect_location);
|
||
|
|
|
||
|
|
number_to_string (offset_string, offset);
|
||
|
|
|
||
|
|
/* Print the CDX line. */
|
||
|
|
fprintf (warc_current_cdx_file, "%s %s %s %s %d %s %s - %s %s %s\n", url,
|
||
|
|
timestamp_str_cdx, url, mime_type, response_code, checksum,
|
||
|
|
- redirect_location, offset_string, warc_current_filename,
|
||
|
|
+ tmp_location, offset_string, warc_current_filename,
|
||
|
|
response_uuid);
|
||
|
|
fflush (warc_current_cdx_file);
|
||
|
|
+ free (tmp_location);
|
||
|
|
|
||
|
|
return true;
|
||
|
|
}
|
||
|
|
--
|
||
|
|
2.19.1
|
||
|
|
|