libXt: Changes to 'master'
GitLab Mirror
gitlab-mirror at kemper.freedesktop.org
Mon Apr 22 00:17:15 UTC 2019
src/Event.c | 17 +++++------------
src/Intrinsic.c | 12 ++++++++----
src/ResConfig.c | 1 +
src/TMgrab.c | 10 ++++++++--
src/TMparse.c | 6 +++++-
5 files changed, 27 insertions(+), 19 deletions(-)
New commits:
commit ba4ec937680ee72f2fcd463752766340a4b3729d
Author: Benjamin Tissoires <benjamin.tissoires at gmail.com>
Date: Thu Apr 11 17:21:17 2019 +0200
Fix covscan complain
covscan gets confused by the test before the XtFree.
Error: RESOURCE_LEAK (CWE-772):
libXt-20190411/src/Event.c:743: alloc_fn: Storage is returned from allocation function "__XtMalloc".
libXt-20190411/src/Event.c:743: var_assign: Assigning: "proc" = storage returned from "__XtMalloc((Cardinal)((size_t)numprocs * 16UL))".
libXt-20190411/src/Event.c:745: var_assign: Assigning: "closure" = "proc".
libXt-20190411/src/Event.c:776: leaked_storage: Variable "closure" going out of scope leaks the storage it points to.
libXt-20190411/src/Event.c:776: leaked_storage: Variable "proc" going out of scope leaks the storage it points to.
Mixing static arrays and dynamic ones was a good idea
in the 90s when malloc was expensive, but now, we should
probably make the code clearer by just allocating the
memory when needed.
Signed-off-by: Benjamin Tissoires <benjamin.tissoires at gmail.com>
commit 6a7584e0337bb5cfec7f786231597f46c6d5fb16
Author: Benjamin Tissoires <benjamin.tissoires at gmail.com>
Date: Thu Apr 11 17:27:12 2019 +0200
dummy fix for covscan
covscan seems lost here:
Error: RESOURCE_LEAK (CWE-772):
libXt-20190411/src/Intrinsic.c:1074: alloc_fn: Storage is returned from allocation function "__XtMalloc".
libXt-20190411/src/Intrinsic.c:1074: var_assign: Assigning: "buf2" = storage returned from "__XtMalloc(4096U)".
libXt-20190411/src/Intrinsic.c:1110: leaked_storage: Variable "buf2" going out of scope leaks the storage it points to.
Error: USE_AFTER_FREE (CWE-416):
libXt-20190411/src/Intrinsic.c:1113: alias: Assigning: "buf" = "buf2". Now both point to the same storage.
libXt-20190411/src/Intrinsic.c:1108: freed_arg: "XtFree" frees "buf2".
libXt-20190411/src/Intrinsic.c:1110: use_after_free: Using freed pointer "buf".
Both are false positive, but we can make it understand where it
is wrong.
Signed-off-by: Benjamin Tissoires <benjamin.tissoires at gmail.com>
commit bca67f981dd3bcf730ac3816836b66049dd09f33
Author: Benjamin Tissoires <benjamin.tissoires at gmail.com>
Date: Thu Apr 11 17:26:58 2019 +0200
Fix leaks detected by covscan
The following leaks are reported by covscan:
Error: RESOURCE_LEAK (CWE-772):
libXt-20190411/src/ResConfig.c:542: alloc_arg: "_get_part" allocates memory that is stored into "part".
libXt-20190411/src/ResConfig.c:544: noescape: Resource "part" is not freed or pointed-to in "_match_resource_to_widget".
libXt-20190411/src/ResConfig.c:560: leaked_storage: Variable "part" going out of scope leaks the storage it points to.
Error: RESOURCE_LEAK (CWE-772):
libXt-20190411/src/TMgrab.c:108: alloc_arg: "XtKeysymToKeycodeList" allocates memory that is stored into "keycodes".
libXt-20190411/src/TMgrab.c:115: var_assign: Assigning: "keycodeP" = "keycodes".
libXt-20190411/src/TMgrab.c:124: leaked_storage: Variable "keycodeP" going out of scope leaks the storage it points to.
libXt-20190411/src/TMgrab.c:124: leaked_storage: Variable "keycodes" going out of scope leaks the storage it points to.
Error: RESOURCE_LEAK (CWE-772):
libXt-20190411/src/TMparse.c:1544: alloc_fn: Storage is returned from allocation function "XtMalloc".
libXt-20190411/src/TMparse.c:1544: var_assign: Assigning: "event" = storage returned from "XtMalloc(88U)".
libXt-20190411/src/TMparse.c:1549: noescape: Resource "event" is not freed or pointed-to in "ParseQuotedStringEvent".
libXt-20190411/src/TMparse.c:1555: leaked_storage: Variable "event" going out of scope leaks the storage it points to.
Error: RESOURCE_LEAK (CWE-772):
libXt-20190411/src/TMparse.c:1779: alloc_fn: Storage is returned from allocation function "XtMalloc".
libXt-20190411/src/TMparse.c:1779: var_assign: Assigning: "action" = storage returned from "XtMalloc(32U)".
libXt-20190411/src/TMparse.c:1784: noescape: Resource "action" is not freed or pointed-to in "ParseAction".
libXt-20190411/src/TMparse.c:1785: leaked_storage: Variable "action" going out of scope leaks the storage it points to.
In addition to this legitimate leaks, covscan can get confused by
the allocated memory in XtKeysymToKeycodeList:
Error: RESOURCE_LEAK (CWE-772):
libXt-20190411/src/TMgrab.c:108: alloc_arg: "XtKeysymToKeycodeList" allocates memory that is stored into "keycodes".
libXt-20190411/src/TMgrab.c:114: leaked_storage: Variable "keycodes" going out of scope leaks the storage it points to.
Signed-off-by: Benjamin Tissoires <benjamin.tissoires at gmail.com>
More information about the xorg-commit
mailing list