|
 |
d5ce1b |
From ec6817736968fb4683b9df0bd932c1a86dec0ba8 Mon Sep 17 00:00:00 2001
|
|
|
d5ce1b |
From: Alexey Tikhonov <atikhono@redhat.com>
|
|
|
d5ce1b |
Date: Wed, 4 Aug 2021 19:22:19 +0200
|
|
|
d5ce1b |
Subject: [PATCH 4/6] INI: fix check for error code
|
|
|
d5ce1b |
|
|
|
d5ce1b |
In case of fail `asprintf()` returns -1, not 1.
|
|
|
d5ce1b |
|
|
|
d5ce1b |
Fixes following covscan issues:
|
|
|
d5ce1b |
```
|
|
|
d5ce1b |
Error: RESOURCE_LEAK (CWE-772): [#def1]
|
|
|
d5ce1b |
ding-libs-0.6.1/ini/ini_configmod.c:869: alloc_arg: "asprintf" allocates memory that is stored into "strval". [Note: The source code implementation of the function has been overridden by a builtin model.]
|
|
|
d5ce1b |
ding-libs-0.6.1/ini/ini_configmod.c:873: leaked_storage: Variable "strval" going out of scope leaks the storage it points to.
|
|
|
d5ce1b |
# 871| TRACE_ERROR_NUMBER("Asprintf failed.", ret);
|
|
|
d5ce1b |
# 872| /* The main reason is propbaly memory allocation */
|
|
|
d5ce1b |
# 873|-> return ENOMEM;
|
|
|
d5ce1b |
# 874| }
|
|
|
d5ce1b |
# 875|
|
|
|
d5ce1b |
```
|
|
|
d5ce1b |
|
|
|
d5ce1b |
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
|
|
d5ce1b |
---
|
|
|
d5ce1b |
ini/ini_configmod.c | 2 +-
|
|
|
d5ce1b |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
d5ce1b |
|
|
|
d5ce1b |
diff --git a/ini/ini_configmod.c b/ini/ini_configmod.c
|
|
|
d5ce1b |
index da4175c..88a7133 100644
|
|
|
d5ce1b |
--- a/ini/ini_configmod.c
|
|
|
d5ce1b |
+++ b/ini/ini_configmod.c
|
|
|
d5ce1b |
@@ -867,7 +867,7 @@ int ini_config_add_double_value(struct ini_cfgobj *ini_config,
|
|
|
d5ce1b |
TRACE_FLOW_ENTRY();
|
|
|
d5ce1b |
|
|
|
d5ce1b |
ret = asprintf(&strval, "%f", value);
|
|
|
d5ce1b |
- if (ret == 1) {
|
|
|
d5ce1b |
+ if (ret == -1) {
|
|
|
d5ce1b |
TRACE_ERROR_NUMBER("Asprintf failed.", ret);
|
|
|
d5ce1b |
/* The main reason is propbaly memory allocation */
|
|
|
d5ce1b |
return ENOMEM;
|
|
|
d5ce1b |
--
|
|
|
d5ce1b |
2.26.3
|
|
|
d5ce1b |
|