Blame SOURCES/0006-boot-server-free-the-argument-and-triggers.patch

a802d9
From ebb1c642cd62592afc1ece9e0cf5d2ec9dfb84c0 Mon Sep 17 00:00:00 2001
a802d9
From: Ray Strode <rstrode@redhat.com>
a802d9
Date: Mon, 15 Oct 2018 21:56:03 -0400
a802d9
Subject: [PATCH 6/6] boot-server: free the argument and triggers
a802d9
a802d9
coverity found some pervasive leaking of the argument
a802d9
and triggers.
a802d9
a802d9
This commit mops them up.
a802d9
---
a802d9
 src/ply-boot-server.c | 17 +++++++++++++++++
a802d9
 1 file changed, 17 insertions(+)
a802d9
a802d9
diff --git a/src/ply-boot-server.c b/src/ply-boot-server.c
a802d9
index 3c1a268..ff0e6fd 100644
a802d9
--- a/src/ply-boot-server.c
a802d9
+++ b/src/ply-boot-server.c
a802d9
@@ -359,60 +359,61 @@ print_connection_process_identity (ply_boot_connection_t *connection)
a802d9
 
a802d9
 static void
a802d9
 ply_boot_connection_on_request (ply_boot_connection_t *connection)
a802d9
 {
a802d9
         ply_boot_server_t *server;
a802d9
         char *command, *argument;
a802d9
 
a802d9
         assert (connection != NULL);
a802d9
         assert (connection->fd >= 0);
a802d9
 
a802d9
         server = connection->server;
a802d9
         assert (server != NULL);
a802d9
 
a802d9
         if (!ply_boot_connection_read_request (connection,
a802d9
                                                &command, &argument)) {
a802d9
                 ply_trace ("could not read connection request");
a802d9
                 return;
a802d9
         }
a802d9
 
a802d9
         if (ply_is_tracing ())
a802d9
                 print_connection_process_identity (connection);
a802d9
 
a802d9
         if (!ply_boot_connection_is_from_root (connection)) {
a802d9
                 ply_error ("request came from non-root user");
a802d9
 
a802d9
                 if (!ply_write (connection->fd,
a802d9
                                 PLY_BOOT_PROTOCOL_RESPONSE_TYPE_NAK,
a802d9
                                 strlen (PLY_BOOT_PROTOCOL_RESPONSE_TYPE_NAK)))
a802d9
                         ply_trace ("could not finish writing is-not-root nak: %m");
a802d9
 
a802d9
+                free (argument);
a802d9
                 free (command);
a802d9
                 return;
a802d9
         }
a802d9
 
a802d9
         if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_UPDATE) == 0) {
a802d9
                 if (!ply_write (connection->fd,
a802d9
                                 PLY_BOOT_PROTOCOL_RESPONSE_TYPE_ACK,
a802d9
                                 strlen (PLY_BOOT_PROTOCOL_RESPONSE_TYPE_ACK)) &&
a802d9
                     errno != EPIPE)
a802d9
                         ply_trace ("could not finish writing update reply: %m");
a802d9
 
a802d9
                 ply_trace ("got update request");
a802d9
                 if (server->update_handler != NULL)
a802d9
                         server->update_handler (server->user_data, argument, server);
a802d9
                 free (argument);
a802d9
                 free (command);
a802d9
                 return;
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_CHANGE_MODE) == 0) {
a802d9
                 if (!ply_write (connection->fd,
a802d9
                                 PLY_BOOT_PROTOCOL_RESPONSE_TYPE_ACK,
a802d9
                                 strlen (PLY_BOOT_PROTOCOL_RESPONSE_TYPE_ACK)))
a802d9
                         ply_trace ("could not finish writing update reply: %m");
a802d9
 
a802d9
                 ply_trace ("got change mode notification");
a802d9
                 if (server->change_mode_handler != NULL)
a802d9
                         server->change_mode_handler (server->user_data, argument, server);
a802d9
                 free (argument);
a802d9
                 free (command);
a802d9
                 return;
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_SYSTEM_UPDATE) == 0) {
a802d9
@@ -439,105 +440,112 @@ ply_boot_connection_on_request (ply_boot_connection_t *connection)
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_SYSTEM_INITIALIZED) == 0) {
a802d9
                 ply_trace ("got system initialized notification");
a802d9
                 if (server->system_initialized_handler != NULL)
a802d9
                         server->system_initialized_handler (server->user_data, server);
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_ERROR) == 0) {
a802d9
                 ply_trace ("got error notification");
a802d9
                 if (server->error_handler != NULL)
a802d9
                         server->error_handler (server->user_data, server);
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_SHOW_SPLASH) == 0) {
a802d9
                 ply_trace ("got show splash request");
a802d9
                 if (server->show_splash_handler != NULL)
a802d9
                         server->show_splash_handler (server->user_data, server);
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_HIDE_SPLASH) == 0) {
a802d9
                 ply_trace ("got hide splash request");
a802d9
                 if (server->hide_splash_handler != NULL)
a802d9
                         server->hide_splash_handler (server->user_data, server);
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_DEACTIVATE) == 0) {
a802d9
                 ply_trigger_t *deactivate_trigger;
a802d9
 
a802d9
                 ply_trace ("got deactivate request");
a802d9
 
a802d9
                 deactivate_trigger = ply_trigger_new (NULL);
a802d9
 
a802d9
                 ply_trigger_add_handler (deactivate_trigger,
a802d9
                                          (ply_trigger_handler_t)
a802d9
                                          ply_boot_connection_on_deactivated,
a802d9
                                          connection);
a802d9
 
a802d9
                 if (server->deactivate_handler != NULL)
a802d9
                         server->deactivate_handler (server->user_data, deactivate_trigger, server);
a802d9
+                else
a802d9
+                        ply_trigger_free (deactivate_trigger);
a802d9
 
a802d9
                 free (argument);
a802d9
                 free (command);
a802d9
                 return;
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_REACTIVATE) == 0) {
a802d9
                 ply_trace ("got reactivate request");
a802d9
                 if (server->reactivate_handler != NULL)
a802d9
                         server->reactivate_handler (server->user_data, server);
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_QUIT) == 0) {
a802d9
                 bool retain_splash;
a802d9
                 ply_trigger_t *quit_trigger;
a802d9
 
a802d9
                 retain_splash = (bool) argument[0];
a802d9
 
a802d9
                 ply_trace ("got quit %srequest", retain_splash ? "--retain-splash " : "");
a802d9
 
a802d9
                 quit_trigger = ply_trigger_new (NULL);
a802d9
 
a802d9
                 ply_trigger_add_handler (quit_trigger,
a802d9
                                          (ply_trigger_handler_t)
a802d9
                                          ply_boot_connection_on_quit_complete,
a802d9
                                          connection);
a802d9
 
a802d9
                 if (server->quit_handler != NULL)
a802d9
                         server->quit_handler (server->user_data, retain_splash, quit_trigger, server);
a802d9
+                else
a802d9
+                        ply_trigger_free (quit_trigger);
a802d9
 
a802d9
                 free (argument);
a802d9
                 free (command);
a802d9
                 return;
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_PASSWORD) == 0) {
a802d9
                 ply_trigger_t *answer;
a802d9
 
a802d9
                 ply_trace ("got password request");
a802d9
 
a802d9
                 answer = ply_trigger_new (NULL);
a802d9
                 ply_trigger_add_handler (answer,
a802d9
                                          (ply_trigger_handler_t)
a802d9
                                          ply_boot_connection_on_password_answer,
a802d9
                                          connection);
a802d9
 
a802d9
                 if (server->ask_for_password_handler != NULL) {
a802d9
                         server->ask_for_password_handler (server->user_data,
a802d9
                                                           argument,
a802d9
                                                           answer,
a802d9
                                                           server);
a802d9
+                } else {
a802d9
+                        ply_trigger_free (answer);
a802d9
+                        free (argument);
a802d9
                 }
a802d9
                 /* will reply later
a802d9
                  */
a802d9
                 free (command);
a802d9
                 return;
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_CACHED_PASSWORD) == 0) {
a802d9
                 ply_list_node_t *node;
a802d9
                 ply_buffer_t *buffer;
a802d9
                 size_t buffer_size;
a802d9
                 uint32_t size;
a802d9
 
a802d9
                 ply_trace ("got cached password request");
a802d9
 
a802d9
                 buffer = ply_buffer_new ();
a802d9
 
a802d9
                 node = ply_list_get_first_node (server->cached_passwords);
a802d9
 
a802d9
                 ply_trace ("There are %d cached passwords",
a802d9
                            ply_list_get_length (server->cached_passwords));
a802d9
 
a802d9
                 /* Add each answer separated by their NUL terminators into
a802d9
                  * a buffer that we write out to the client
a802d9
                  */
a802d9
                 while (node != NULL) {
a802d9
                         ply_list_node_t *next_node;
a802d9
                         const char *password;
a802d9
 
a802d9
                         next_node = ply_list_get_next_node (server->cached_passwords, node);
a802d9
                         password = (const char *) ply_list_node_get_data (node);
a802d9
 
a802d9
@@ -565,146 +573,155 @@ ply_boot_connection_on_request (ply_boot_connection_t *connection)
a802d9
                                    ply_list_get_length (server->cached_passwords));
a802d9
                         if (!ply_write (connection->fd,
a802d9
                                         PLY_BOOT_PROTOCOL_RESPONSE_TYPE_MULTIPLE_ANSWERS,
a802d9
                                         strlen (PLY_BOOT_PROTOCOL_RESPONSE_TYPE_MULTIPLE_ANSWERS)) ||
a802d9
                             !ply_write_uint32 (connection->fd,
a802d9
                                                size) ||
a802d9
                             !ply_write (connection->fd,
a802d9
                                         ply_buffer_get_bytes (buffer), size))
a802d9
                                 ply_trace ("could not finish writing cached answer reply: %m");
a802d9
                 }
a802d9
 
a802d9
                 ply_buffer_free (buffer);
a802d9
                 free (command);
a802d9
                 return;
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_QUESTION) == 0) {
a802d9
                 ply_trigger_t *answer;
a802d9
 
a802d9
                 ply_trace ("got question request");
a802d9
 
a802d9
                 answer = ply_trigger_new (NULL);
a802d9
                 ply_trigger_add_handler (answer,
a802d9
                                          (ply_trigger_handler_t)
a802d9
                                          ply_boot_connection_on_question_answer,
a802d9
                                          connection);
a802d9
 
a802d9
                 if (server->ask_question_handler != NULL) {
a802d9
                         server->ask_question_handler (server->user_data,
a802d9
                                                       argument,
a802d9
                                                       answer,
a802d9
                                                       server);
a802d9
+                } else {
a802d9
+                        ply_trigger_free (answer);
a802d9
+                        free (argument);
a802d9
                 }
a802d9
                 /* will reply later
a802d9
                  */
a802d9
                 free (command);
a802d9
                 return;
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_SHOW_MESSAGE) == 0) {
a802d9
                 ply_trace ("got show message request");
a802d9
                 if (server->display_message_handler != NULL)
a802d9
                         server->display_message_handler (server->user_data, argument, server);
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_HIDE_MESSAGE) == 0) {
a802d9
                 ply_trace ("got hide message request");
a802d9
                 if (server->hide_message_handler != NULL)
a802d9
                         server->hide_message_handler (server->user_data, argument, server);
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_KEYSTROKE) == 0) {
a802d9
                 ply_trigger_t *answer;
a802d9
 
a802d9
                 ply_trace ("got keystroke request");
a802d9
 
a802d9
                 answer = ply_trigger_new (NULL);
a802d9
                 ply_trigger_add_handler (answer,
a802d9
                                          (ply_trigger_handler_t)
a802d9
                                          ply_boot_connection_on_keystroke_answer,
a802d9
                                          connection);
a802d9
 
a802d9
                 if (server->watch_for_keystroke_handler != NULL) {
a802d9
                         server->watch_for_keystroke_handler (server->user_data,
a802d9
                                                              argument,
a802d9
                                                              answer,
a802d9
                                                              server);
a802d9
+                } else {
a802d9
+                        ply_trigger_free (answer);
a802d9
+                        free (argument);
a802d9
                 }
a802d9
                 /* will reply later
a802d9
                  */
a802d9
                 free (command);
a802d9
                 return;
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_KEYSTROKE_REMOVE) == 0) {
a802d9
                 ply_trace ("got keystroke remove request");
a802d9
                 if (server->ignore_keystroke_handler != NULL)
a802d9
                         server->ignore_keystroke_handler (server->user_data,
a802d9
                                                           argument,
a802d9
                                                           server);
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_PROGRESS_PAUSE) == 0) {
a802d9
                 ply_trace ("got progress pause request");
a802d9
                 if (server->progress_pause_handler != NULL)
a802d9
                         server->progress_pause_handler (server->user_data,
a802d9
                                                         server);
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_PROGRESS_UNPAUSE) == 0) {
a802d9
                 ply_trace ("got progress unpause request");
a802d9
                 if (server->progress_unpause_handler != NULL)
a802d9
                         server->progress_unpause_handler (server->user_data,
a802d9
                                                           server);
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_NEWROOT) == 0) {
a802d9
                 ply_trace ("got newroot request");
a802d9
                 if (server->newroot_handler != NULL)
a802d9
                         server->newroot_handler (server->user_data, argument, server);
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_HAS_ACTIVE_VT) == 0) {
a802d9
                 bool answer = false;
a802d9
 
a802d9
                 ply_trace ("got has_active vt? request");
a802d9
                 if (server->has_active_vt_handler != NULL)
a802d9
                         answer = server->has_active_vt_handler (server->user_data, server);
a802d9
 
a802d9
                 if (!answer) {
a802d9
                         if (!ply_write (connection->fd,
a802d9
                                         PLY_BOOT_PROTOCOL_RESPONSE_TYPE_NAK,
a802d9
                                         strlen (PLY_BOOT_PROTOCOL_RESPONSE_TYPE_NAK)))
a802d9
                                 ply_trace ("could not finish writing nak: %m");
a802d9
 
a802d9
+                        free (argument);
a802d9
                         free (command);
a802d9
                         return;
a802d9
                 }
a802d9
         } else if (strcmp (command, PLY_BOOT_PROTOCOL_REQUEST_TYPE_PING) != 0) {
a802d9
                 ply_error ("received unknown command '%s' from client", command);
a802d9
 
a802d9
                 if (!ply_write (connection->fd,
a802d9
                                 PLY_BOOT_PROTOCOL_RESPONSE_TYPE_NAK,
a802d9
                                 strlen (PLY_BOOT_PROTOCOL_RESPONSE_TYPE_NAK)))
a802d9
                         ply_trace ("could not finish writing ping reply: %m");
a802d9
 
a802d9
+                free (argument);
a802d9
                 free (command);
a802d9
                 return;
a802d9
         }
a802d9
 
a802d9
         if (!ply_write (connection->fd,
a802d9
                         PLY_BOOT_PROTOCOL_RESPONSE_TYPE_ACK,
a802d9
                         strlen (PLY_BOOT_PROTOCOL_RESPONSE_TYPE_ACK)))
a802d9
                 ply_trace ("could not finish writing ack: %m");
a802d9
+        free (argument);
a802d9
         free (command);
a802d9
 }
a802d9
 
a802d9
 static void
a802d9
 ply_boot_connection_on_hangup (ply_boot_connection_t *connection)
a802d9
 {
a802d9
         ply_list_node_t *node;
a802d9
         ply_boot_server_t *server;
a802d9
 
a802d9
         assert (connection != NULL);
a802d9
         assert (connection->server != NULL);
a802d9
 
a802d9
         server = connection->server;
a802d9
 
a802d9
         node = ply_list_find_node (server->connections, connection);
a802d9
 
a802d9
         assert (node != NULL);
a802d9
 
a802d9
         ply_boot_connection_free (connection);
a802d9
         ply_list_remove_node (server->connections, node);
a802d9
 }
a802d9
 
a802d9
 static void
a802d9
 ply_boot_server_on_new_connection (ply_boot_server_t *server)
a802d9
 {
a802d9
         ply_boot_connection_t *connection;
a802d9
         int fd;
a802d9
 
a802d9
         assert (server != NULL);
a802d9
 
a802d9
-- 
a802d9
2.17.1
a802d9