search

rsyslog / liblognorm

a fast samples-based log normalization library
http://www.liblognorm.com
GNU Lesser General Public License v2.1
99 stars 64 forks source link

Fix warnings reported by covscan #357

Open Cropi opened 2 years ago

Cropi commented 2 years ago

I've executed covscan analysis on the liblognorm component, which detected a list of potential defects. The second and fourth seem like false positives to me. Let me know if there is a way to make such a warning disappear.

Error: USE_AFTER_FREE (CWE-416): [#def1]

liblognorm-2.0.6/src/liblognorm.c:167: freed_arg: "ln_sampLoad" frees "ctx".
liblognorm-2.0.6/src/liblognorm.c:168: deref_after_free: Dereferencing freed pointer "ctx".
#  166|     ++ctx->include_level;
#  167|     r = ln_sampLoad(ctx, file);
#  168|->   --ctx->include_level;
#  169|     free((void*)tofree);
#  170|     ctx->conf_file = NULL;

Error: RESOURCE_LEAK (CWE-772): [#def2]

liblognorm-2.0.6/src/samp.c:812: alloc_fn: Storage is returned from allocation function "ln_newAnnot".
liblognorm-2.0.6/src/samp.c:812: var_assign: Assigning: "annot" = storage returned from "ln_newAnnot(tag)".
liblognorm-2.0.6/src/samp.c:815: noescape: Resource "annot" is not freed or pointed-to in "getAnnotationOp".
liblognorm-2.0.6/src/samp.c:820: leaked_storage: Variable "annot" going out of scope leaks the storage it points to.
#  818|     r = ln_addAnnotToSet(ctx->pas, annot);
#  819|   
#  820|-> done: return r;
#  821|   }
#  822|

Error: RESOURCE_LEAK (CWE-772): [#def3]

liblognorm-2.0.6/src/samp.c:1136: alloc_fn: Storage is returned from allocation function "tryOpenRBFile".
liblognorm-2.0.6/src/samp.c:1136: var_assign: Assigning: "repo" = storage returned from "tryOpenRBFile(ctx, file)".
liblognorm-2.0.6/src/samp.c:1138: noescape: Resource "repo" is not freed or pointed-to in "checkVersion".
liblognorm-2.0.6/src/samp.c:1167: leaked_storage: Variable "repo" going out of scope leaks the storage it points to.
# 1165|         ln_pdagOptimize(ctx);
# 1166|   done:
# 1167|->   return r;
# 1168|   }
# 1169|

Error: RESOURCE_LEAK (CWE-772): [#def4]

liblognorm-2.0.6/src/v1_samp.c:747: alloc_fn: Storage is returned from allocation function "ln_newAnnot".
liblognorm-2.0.6/src/v1_samp.c:747: var_assign: Assigning: "annot" = storage returned from "ln_newAnnot(tag)".
liblognorm-2.0.6/src/v1_samp.c:750: noescape: Resource "annot" is not freed or pointed-to in "getAnnotationOp".
liblognorm-2.0.6/src/v1_samp.c:755: leaked_storage: Variable "annot" going out of scope leaks the storage it points to.
#  753|     r = ln_addAnnotToSet(ctx->pas, annot);
#  754|   
#  755|-> done: return r;
#  756|   }
#  757|