ELF Tool Chain / Tickets / #607 Resource leaks in libelftc

#607 Resource leaks in libelftc

Milestone: RELEASE_1_0

Status: accepted

Owner: Joseph Koshy

Labels: None

Resolution:

Component:

Priority: High

Version:

Type: Resource Leak

Updated: 2021-08-20

Created: 2021-08-17

Creator: Ryan Long

Private: No

We use libelftc in RTEMS, and Coverity found some resource leaks that y'all should be aware of.

There are several resource leaks that were found by Coverity. They are in

libelftc_dem_arm.c
- arg needs freed before returning on line 230
- to_str needs freed before returning on line 959
- from_str needs freed before returning on line 959
libelftc_dem_gnu2.c
- arg needs freed before returning on line 245
libelftc_dem_gnu3.c
- exp_str needs to be free before returning on line 2914

I plan to fix these errors, and I'll attach the patch that I used to fix them.

What the errors look like

   50. alloc_fn: Storage is returned from allocation function vector_str_substr. [show details]
   51. var_assign: Assigning: arg = storage returned from vector_str_substr(&d.vec, arg_begin, d.vec.size - 1UL, &arg_len).
   52. Condition (arg = vector_str_substr(&d.vec, arg_begin, d.vec.size - 1, &arg_len)) == NULL, taking false branch.
205                if ((arg = vector_str_substr(&d.vec, arg_begin, d.vec.size - 1,
206                            &arg_len)) == NULL)
207                        goto clean;
208
   33. Condition vector_str_push(&d.arg, arg, arg_len) == 0, taking false branch.
   53. noescape: Resource arg is not freed or pointed-to in vector_str_push. [show details]
   54. Condition vector_str_push(&d.arg, arg, arg_len) == 0, taking true branch.
209                if (vector_str_push(&d.arg, arg, arg_len) == false)
   55. Jumping to label clean.
210                        goto clean;
211
212                free(arg);
213
   34. Condition vector_str_push(&d.vec, ", ", strlen(", ")) == 0, taking false branch.
214                if (VEC_PUSH_STR(&d.vec, ", ") == false)
215                        goto clean;
216
   35. Condition ++try > 128, taking false branch.
217                if (++try > CPP_DEMANGLE_ARM_TRY)
218                        goto clean;
   36. Jumping back to the beginning of the loop.
219        }
220
221        /* end argument types */
222        if (VEC_PUSH_STR(&d.vec, ")") == false)
223                goto clean;
224
225flat:
226        rtn = vector_str_get_flat(&d.vec, NULL);
227clean:
228        dest_demangle_data(&d);
229
   CID 1262518 (#1 of 1): Resource leak (RESOURCE_LEAK)56. leaked_storage: Variable arg going out of scope leaks the storage it points to.
230        return (rtn);
231}

Discussion

Ryan Long - 2021-08-17

Here are the patches to fix this.

resource_leaks.tar

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Joseph Koshy - 2021-08-20

status: new --> accepted

assigned_to: Joseph Koshy
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Resource leaks in libelftc

BSD licensed ELF toolchain

Milestone

Searches

Help

#607 Resource leaks in libelftc

Discussion