From f56d975793cfd26c2a3f8fb9d849e54fd9c2d150 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= Date: Fri, 10 Jan 2025 12:02:37 +0100 Subject: [PATCH 1/2] Plug a memory leak Addressing this OpenScanHub issue: 1. Defect type: RESOURCE_LEAK 5. openscap-1.4.1/src/XCCDF_POLICY/xccdf_policy_remediate.c:726:3: alloc_arg: "oscap_pcre_compile" allocates memory that is stored into "err". 19. openscap-1.4.1/src/XCCDF_POLICY/xccdf_policy_remediate.c:774:2: leaked_storage: Variable "err" going out of scope leaks the storage it points to. 772| oscap_pcre_free(tab[i].re); 773| 774|-> return ret; 775| } 776| --- src/XCCDF_POLICY/xccdf_policy_remediate.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/XCCDF_POLICY/xccdf_policy_remediate.c b/src/XCCDF_POLICY/xccdf_policy_remediate.c index 1dc30720d1..b435f89e5a 100644 --- a/src/XCCDF_POLICY/xccdf_policy_remediate.c +++ b/src/XCCDF_POLICY/xccdf_policy_remediate.c @@ -707,7 +707,7 @@ struct blueprint_customizations { static inline int _parse_blueprint_fix(const char *fix_text, struct blueprint_customizations *customizations) { - char *err; + char *err = NULL; int errofs; int ret = 0; @@ -768,6 +768,7 @@ static inline int _parse_blueprint_fix(const char *fix_text, struct blueprint_cu } exit: + oscap_pcre_err_free(err); for (int i = 0; tab[i].pattern != NULL; i++) oscap_pcre_free(tab[i].re); From b8d638bd37144dd0d477c9f6ed935a4e6c72c419 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= Date: Fri, 10 Jan 2025 12:03:57 +0100 Subject: [PATCH 2/2] Plug a memory leak Addressing this OpenScanHub issue: 2. Defect type: RESOURCE_LEAK 15. openscap-1.4.1/src/OVAL/probes/independent/textfilecontent_probe.c:203:3: alloc_arg: "oscap_pcre_get_substrings" allocates memory that is stored into "substrs". 17. openscap-1.4.1/src/OVAL/probes/independent/textfilecontent_probe.c:209:4: noescape: Resource "substrs" is not freed or pointed-to in "create_item". 28. openscap-1.4.1/src/OVAL/probes/independent/textfilecontent_probe.c:228:2: leaked_storage: Variable "substrs" going out of scope leaks the storage it points to. 226| free(whole_path_with_prefix); 227| 228|-> return ret; 229| } 230| --- src/OVAL/probes/independent/textfilecontent_probe.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/OVAL/probes/independent/textfilecontent_probe.c b/src/OVAL/probes/independent/textfilecontent_probe.c index bbea95d837..8689114001 100644 --- a/src/OVAL/probes/independent/textfilecontent_probe.c +++ b/src/OVAL/probes/independent/textfilecontent_probe.c @@ -213,6 +213,7 @@ static int process_file(const char *prefix, const char *path, const char *filena for (k = 0; k < substr_cnt; ++k) free(substrs[k]); + free(substrs); } }