From 6885a1caaad68f0844715cca90fd0d913e19aba5 Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>

Date: Thu, 1 Jul 2021 16:06:23 +0200

Subject: [PATCH 1/9] Plug a memory leak

Addressing:

1. openscap-1.3.5/src/OVAL/probes/independent/system_info_probe.c:738:6: warning[unix.Malloc]: Potential leak of memory pointed to by 'hname'

   736|   		hname = strdup(unknown);

   737|

   738|-> 	if (__sysinfo_saneval(os_name) < 1 ||

   739|   		__sysinfo_saneval(os_version) < 1 ||

   740|   		__sysinfo_saneval(architecture) < 1 ||

---

 src/OVAL/probes/independent/system_info_probe.c | 7 ++++++-

 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/OVAL/probes/independent/system_info_probe.c b/src/OVAL/probes/independent/system_info_probe.c

index 8251e655e..9f680e14d 100644

--- a/src/OVAL/probes/independent/system_info_probe.c

+++ b/src/OVAL/probes/independent/system_info_probe.c

@@ -732,8 +732,13 @@ int system_info_probe_main(probe_ctx *ctx, void *arg)

 	if (!architecture)

 		architecture = strdup(unknown);

-	if (!hname || *hname == '\0')

+	if (hname && *hname == '\0') {

+		free(hname);

+		hname = NULL;

+	}

+	if (!hname) {

 		hname = strdup(unknown);

+	}

 	if (__sysinfo_saneval(os_name) < 1 ||

 		__sysinfo_saneval(os_version) < 1 ||

From a600fa5d034daa408d277f91ceefd29b5ab10213 Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>

Date: Thu, 1 Jul 2021 16:43:46 +0200

Subject: [PATCH 2/9] Fix a possible NULL dereference

Addressing:

openscap-1.3.5/utils/oscap-tool.c:78:11: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'to'

---

 utils/oscap-tool.c | 3 ++-

 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/utils/oscap-tool.c b/utils/oscap-tool.c

index 62c4cde0e..d37fbb0e5 100644

--- a/utils/oscap-tool.c

+++ b/utils/oscap-tool.c

@@ -73,7 +73,8 @@ static size_t paramlist_size(const char **p) { size_t s = 0; if (!p) return s; w

 static size_t paramlist_cpy(const char **to, const char **p) {

     size_t s = 0;

-    if (!p) return s;

+    if (!to || !p)

+        return s;

     for (;p && p[s]; s += 2) to[s] = p[s], to[s+1] = p[s+1];

     to[s] = p[s];

     return s;

From d7bb7e755b262424e5970f2bcc2d2af670f8ac63 Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>

Date: Thu, 1 Jul 2021 17:03:09 +0200

Subject: [PATCH 3/9] Fix a possible NULL dereference

Addressing:

openscap-1.3.5/src/source/xslt.c:124:21: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'strdup(xsltfile)' where non-null expected

---

 src/source/xslt.c | 2 +-

 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/source/xslt.c b/src/source/xslt.c

index 0d01c535b..24c4c46e9 100644

--- a/src/source/xslt.c

+++ b/src/source/xslt.c

@@ -105,7 +105,7 @@ static inline int save_stylesheet_result_to_file(xmlDoc *resulting_doc, xsltStyl

 static xmlDoc *apply_xslt_path_internal(struct oscap_source *source, const char *xsltfile, const char **params, const char *path_to_xslt, xsltStylesheet **stylesheet)

 {

 	xmlDoc *doc = oscap_source_get_xmlDoc(source);

-	if (doc == NULL || stylesheet == NULL) {

+	if (doc == NULL || stylesheet == NULL || xsltfile == NULL) {

 		return NULL;

 	}

From a51952f0bc66402c3b68783ee9deaf3b4ecd529e Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>

Date: Fri, 2 Jul 2021 10:12:31 +0200

Subject: [PATCH 4/9] Fix possible NULL dereference

Addressing:

openscap-1.3.5/src/XCCDF/xccdf_session.c:1349:15: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'to'

---

 src/XCCDF/xccdf_session.c | 3 ++-

 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/XCCDF/xccdf_session.c b/src/XCCDF/xccdf_session.c

index 9d8f42c44..10735214c 100644

--- a/src/XCCDF/xccdf_session.c

+++ b/src/XCCDF/xccdf_session.c

@@ -1344,7 +1344,8 @@ static size_t _paramlist_size(const char **p) { size_t s = 0; if (!p) return s;

 static size_t _paramlist_cpy(const char **to, const char **p) {

 	size_t s = 0;

-	if (!p) return s;

+	if (!to || !p)

+		return s;

 	for (;p && p[s]; s += 2) to[s] = p[s], to[s+1] = p[s+1];

 	to[s] = p[s];

 	return s;

From 2f0ad2e9a7bbd69ecad14b28de6e12d237bcbf9b Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>

Date: Fri, 2 Jul 2021 10:15:39 +0200

Subject: [PATCH 5/9] Fix possible NULL dereference

Addressing:

openscap-1.3.5/src/OVAL/results/oval_cmp_evr_string.c:132:16: warning[-Wanalyzer-null-dereference]: dereference of NULL 's'

---

 src/OVAL/results/oval_cmp_evr_string.c | 3 +++

 1 file changed, 3 insertions(+)

diff --git a/src/OVAL/results/oval_cmp_evr_string.c b/src/OVAL/results/oval_cmp_evr_string.c

index 89e51729b..b195a73f7 100644

--- a/src/OVAL/results/oval_cmp_evr_string.c

+++ b/src/OVAL/results/oval_cmp_evr_string.c

@@ -128,6 +128,9 @@ static void parseEVR(char *evr, const char **ep, const char **vp, const char **r

 	const char *release;

 	char *s, *se;

+	if (!evr)

+		return;

+

 	s = evr;

 	while (*s && risdigit(*s)) s++;		/* s points to epoch terminator */

 	se = strrchr(s, '-');			/* se points to version terminator */

From fe351d432d25d48116ec077671c97f0a2d996c82 Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>

Date: Fri, 2 Jul 2021 10:26:03 +0200

Subject: [PATCH 6/9] Fix possible NULL dereference

openscap-1.3.5/src/OVAL/probes/unix/xinetd_probe.c:1492:56: warning[-Wanalyzer-null-dereference]: dereference of NULL 'valstr_array'

---

 src/OVAL/probes/unix/xinetd_probe.c | 4 ++++

 1 file changed, 4 insertions(+)

diff --git a/src/OVAL/probes/unix/xinetd_probe.c b/src/OVAL/probes/unix/xinetd_probe.c

index 009fb4c4c..b3375500d 100644

--- a/src/OVAL/probes/unix/xinetd_probe.c

+++ b/src/OVAL/probes/unix/xinetd_probe.c

@@ -1483,6 +1483,10 @@ int op_remove_strl(void *var, char *val)

 		valstr_array[valstr_array_size-1] = tok;

 		valstr_array[valstr_array_size] = NULL;

 	}

+	if (valstr_array == NULL) {

+		free(newstr_array);

+		return -2;

+	}

 	// Remove the insersection from the string array

 	newstr_array_size = 0;

From 0ae47d335db49f049ba5bad5ba69c3bdbb0a55bc Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>

Date: Fri, 2 Jul 2021 10:52:28 +0200

Subject: [PATCH 7/9] Fix possible NULL dereference

The function oval_criteria_node_new can return NULL in multiple situations.

Addressing:

openscap-1.3.5/src/OVAL/oval_criteriaNode.c:390:28: warning[-Wanalyzer-null-dereference]: dereference of NULL 'node'

---

 src/OVAL/oval_criteriaNode.c | 5 +++++

 1 file changed, 5 insertions(+)

diff --git a/src/OVAL/oval_criteriaNode.c b/src/OVAL/oval_criteriaNode.c

index de9081f9d..975a480a4 100644

--- a/src/OVAL/oval_criteriaNode.c

+++ b/src/OVAL/oval_criteriaNode.c

@@ -387,6 +387,11 @@ int oval_criteria_parse_tag(xmlTextReaderPtr reader, struct oval_parser_context

 		assert(context != NULL);	/* This is not asserted as attribute, because we

 						   can pass NULL pointer in case of OVAL_NODETYPE_UNKNOWN */

 		struct oval_criteria_node *node = oval_criteria_node_new(context->definition_model, type);

+		if (node == NULL) {

+			free(tagname);

+			free(namespace);

+			return 1;

+		}

 		node->type = type;

 		char *comm = (char *)xmlTextReaderGetAttribute(reader, BAD_CAST "comment");

 		if (comm != NULL) {

From 832cba38133f59dc27b0e9f6d2d6eddb7604577a Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>

Date: Fri, 2 Jul 2021 11:02:51 +0200

Subject: [PATCH 8/9] Fix possible NULL dereference

Addressing:

openscap-1.3.5/src/OVAL/oval_component.c:2371:83: warning[-Wanalyzer-null-dereference]: dereference of NULL 'vcl_root

---

 src/OVAL/oval_component.c | 3 +++

 1 file changed, 3 insertions(+)

diff --git a/src/OVAL/oval_component.c b/src/OVAL/oval_component.c

index 96788a471..95004bd80 100644

--- a/src/OVAL/oval_component.c

+++ b/src/OVAL/oval_component.c

@@ -2368,6 +2368,9 @@ static oval_syschar_collection_flag_t _oval_component_evaluate_ARITHMETIC(oval_a

 	}

 	oval_component_iterator_free(subcomps);

+	if (vcl_root == NULL) {

+		return SYSCHAR_FLAG_ERROR;

+	}

 	val_itr = (struct oval_value_iterator *) oval_collection_iterator(vcl_root->val_col);

 	while (oval_value_iterator_has_more(val_itr)) {

 		struct oval_value *ov;

From 3fb63f51f45af8edf2b8044445bfc5cb7092b7a5 Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>

Date: Fri, 2 Jul 2021 11:10:03 +0200

Subject: [PATCH 9/9] Fix possible NULL dereference

Addressing:

openscap-1.3.5/src/DS/rds_index.c:124:21: warning[-Wanalyzer-null-argument]: use of NULL 'id' where non-null expected

---

 src/DS/rds_index.c | 3 +++

 1 file changed, 3 insertions(+)

diff --git a/src/DS/rds_index.c b/src/DS/rds_index.c

index 374b55d64..cc0e2bbed 100644

--- a/src/DS/rds_index.c

+++ b/src/DS/rds_index.c

@@ -117,6 +117,9 @@ struct rds_asset_index* rds_index_get_asset(struct rds_index *rds, const char *i

 {

 	struct rds_asset_index *ret = NULL;

+	if (id == NULL)

+		return ret;

+

 	struct rds_asset_index_iterator *it = rds_index_get_assets(rds);

 	while (rds_asset_index_iterator_has_more(it))

 	{