Hi,
On Thu, Aug 14, 2014 at 08:00:38AM +, Lev Stipakov wrote:
> I have analyzed OpenVPN code with Coverity and I could not explain
> some resource leaks Coverity has found.
>
> 1) https://github.com/OpenVPN/openvpn/blob/master/src/openvpn/options.c#L4378
>
> char * ipv6_local;
> VERIFY_PERMISSION (OPT_P_UP);
> if ( get_ipv6_addr( p[1], NULL, , _local, msglevel ) &&
> ipv6_addr_safe( p[2] ) ) {
> if ( netbits < 64 || netbits > 124 ) {
> msg( msglevel, "ifconfig-ipv6: /netbits must be between 64 and
> 124, not '/%d'", netbits );
> goto err;
> }
>
> Coverity claims that "err" branch leaks "ipv6_local". I looked into
> "get_ipv6_addr" implementation and noticed that it does not pass any
> "gc" to subsequent string_alloc call. To my understanding, in this
> case caller is responsible for cleaning up, which is not the case for
> "err" branch.
This might well be true, but since "err" leads to "program ends, resources
reclaimed" under most conditions, it's not a fairly serious leak... I'll
still put it on my list for fixing.
> 2) https://github.com/OpenVPN/openvpn/blob/master/src/openvpn/proxy.c#L863
>
> char *pa = NULL;
> const int method = get_proxy_authenticate(sd, p->options.timeout, ,
> NULL, signal_received);
> if (method != HTTP_AUTH_NONE) {
> if (pa)
> msg (D_PROXY, "HTTP proxy authenticate '%s'", pa);
> if (p->options.auth_retry == PAR_NCT && method == HTTP_AUTH_BASIC) {
> msg (D_PROXY, "HTTP proxy: support for basic auth and other
> cleartext proxy auth methods is disabled");
> goto error;
> }
>
> Coverity claims that "error" branch leaks "pa". Same pattern as above,
> "get_proxy_authenticate" passes NULL (4th parameter) as "gc" to
> "string_alloc".
>
> Do those issues look like problems? Does it make sense to submit a
> patch fixing those?
Again, I don't think it's a serious issue - but still, not having leaks
is good practice, so a patch adding the appropriate free() calls would
be welcome :-)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025g...@net.informatik.tu-muenchen.de
pgpSXd7bjR9Bo.pgp
Description: PGP signature