You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
34 lines
1.3 KiB
34 lines
1.3 KiB
2 years ago
|
commit d5ccb00e52f5b0c66533f085cda36f63f7583d44
|
||
|
Author: Ingo Franzki <ifranzki@linux.ibm.com>
|
||
|
Date: Tue Jul 19 16:16:55 2022 +0200
|
||
|
|
||
|
common: fix memory leak in save_private_token_object
|
||
|
|
||
|
Reported by coverty scan:
|
||
|
|
||
|
Error: RESOURCE_LEAK (CWE-772):
|
||
|
opencryptoki-3.18.0/usr/lib/common/loadsave.c:2311: alloc_fn:
|
||
|
Storage is returned from allocation function "fopen".
|
||
|
opencryptoki-3.18.0/usr/lib/common/loadsave.c:2311: var_assign:
|
||
|
Assigning: "fp" = storage returned from "fopen(fname, "r")".
|
||
|
opencryptoki-3.18.0/usr/lib/common/loadsave.c:2316: noescape:
|
||
|
Resource "fp" is not freed or pointed-to in "fileno".
|
||
|
opencryptoki-3.18.0/usr/lib/common/loadsave.c:2407: overwrite_var:
|
||
|
Overwriting "fp" in "fp = fopen(fname, "w")" leaks the storage that "fp" points to.
|
||
|
|
||
|
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
|
||
|
|
||
|
diff --git a/usr/lib/common/loadsave.c b/usr/lib/common/loadsave.c
|
||
|
index bbd691c0..91955f47 100644
|
||
|
--- a/usr/lib/common/loadsave.c
|
||
|
+++ b/usr/lib/common/loadsave.c
|
||
|
@@ -2344,6 +2344,8 @@ CK_RV save_private_token_object(STDLL_TokData_t *tokdata, OBJECT *obj)
|
||
|
/* New token objects files created by mkstemp have a size of zero */
|
||
|
if (sb.st_size == 0) {
|
||
|
new = 1;
|
||
|
+ fclose(fp);
|
||
|
+ fp = NULL;
|
||
|
goto do_work;
|
||
|
}
|
||
|
|