Avoid memory leaks in error paths in do_generate

Reported by Oracle Parfait: Error: Memory leak Memory leak [memory-leak] (CWE 401): Memory leak of pointer authdata allocated with malloc((authdatalen - 1)) at line 1955 of process.c in function 'do_generate'. authdata allocated at line 1946 with malloc((authdatalen - 1)) Memory leak of pointer authdata allocated with malloc((authdatalen - 1)) at line 1971 of process.c in function 'do_generate'. authdata allocated at line 1946 with malloc((authdatalen - 1)) authdata leaks when (i + 1) >= argc at line 1910. at line 1980 of process.c in function 'do_generate'. authdata allocated at line 1946 with malloc((authdatalen - 1)) authdata leaks when (i + 1) >= argc at line 1910. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
author: Alan Coopersmith <alan.coopersmith@oracle.com> 2020-05-10 13:21:50 -0700
committer: Alan Coopersmith <alan.coopersmith@oracle.com> 2020-05-10 13:21:50 -0700
commit: aaf037ec5c576e46318935feaf6e2b7407ff11a0 (patch)
tree: ddd070d0e878d58a1a164e340acb055b3f05d232
parent: 4faf0f63f0563513252967a2da1c51de6f5f7b0c (diff)
download: xorg-app-xauth-aaf037ec5c576e46318935feaf6e2b7407ff11a0.tar.gz
1 files changed, 23 insertions, 13 deletions
diff --git a/process.c b/process.c
index 7d2a9e7..5d4f22b 100644
--- a/process.c
+++ b/process.c
@@ -1882,10 +1882,10 @@ do_generate(const char *inputfilename, int lineno, int argc, const char **argv)
     const char *displayname;
     int major_version, minor_version;
     XSecurityAuthorization id_return;
-    Xauth *auth_in, *auth_return;
+    Xauth *auth_in = NULL, *auth_return = NULL;
     XSecurityAuthorizationAttributes attributes;
     unsigned long attrmask = 0;
-    Display *dpy;
+    Display *dpy = NULL;
     int status;
     const char *args[4];
     const char *protoname = ".";
@@ -1893,7 +1893,7 @@ do_generate(const char *inputfilename, int lineno, int argc, const char **argv)
     int authdatalen = 0;
     const char *hexdata;
     char *authdata = NULL;
-    char *hex;
+    char *hex = NULL;
 
     if (argc < 2 || !argv[1]) {
 	prefix (inputfilename, lineno);
@@ -1912,7 +1912,8 @@ do_generate(const char *inputfilename, int lineno, int argc, const char **argv)
 	    if (++i == argc) {
 		prefix (inputfilename, lineno);
 		badcommandline (argv[i-1]);
-		return 1;
+		status = 1;
+		goto exit_generate;
 	    }
 	    attributes.timeout = atoi(argv[i]);
 	    attrmask |= XSecurityTimeout;
@@ -1929,7 +1930,8 @@ do_generate(const char *inputfilename, int lineno, int argc, const char **argv)
 	    if (++i == argc) {
 		prefix (inputfilename, lineno);
 		badcommandline (argv[i-1]);
-		return 1;
+		status = 1;
+		goto exit_generate;
 	    }
 	    attributes.group = atoi(argv[i]);
 	    attrmask |= XSecurityGroup;
@@ -1938,7 +1940,8 @@ do_generate(const char *inputfilename, int lineno, int argc, const char **argv)
 	    if (++i == argc) {
 		prefix (inputfilename, lineno);
 		badcommandline (argv[i-1]);
-		return 1;
+		status = 1;
+		goto exit_generate;
 	    }
 	    hexdata = argv[i];
 	    authdatalen = strlen(hexdata);
@@ -1952,13 +1955,15 @@ do_generate(const char *inputfilename, int lineno, int argc, const char **argv)
 		    prefix (inputfilename, lineno);
 		    fprintf (stderr,
 			     "data contains odd number of or non-hex characters\n");
-		    return 1;
+		    status = 1;
+		    goto exit_generate;
 		}
 	    }
 	} else {
 	    prefix (inputfilename, lineno);
 	    badcommandline (argv[i]);
-	    return 1;
+	    status = 1;
+	    goto exit_generate;
 	}
     }
 
@@ -1968,7 +1973,8 @@ do_generate(const char *inputfilename, int lineno, int argc, const char **argv)
     if (!dpy) {
 	prefix (inputfilename, lineno);
 	fprintf (stderr, "unable to open display \"%s\".\n", displayname);
-	return 1;
+	status = 1;
+	goto exit_generate;
     }
 
     status = XSecurityQueryExtension(dpy, &major_version, &minor_version);
@@ -1977,7 +1983,8 @@ do_generate(const char *inputfilename, int lineno, int argc, const char **argv)
 	prefix (inputfilename, lineno);
 	fprintf (stderr, "couldn't query Security extension on display \"%s\"\n",
 		 displayname);
-        return 1;
+	status = 1;
+	goto exit_generate;
     }
 
     /* fill in input Xauth struct */
@@ -2002,7 +2009,8 @@ do_generate(const char *inputfilename, int lineno, int argc, const char **argv)
     {
 	prefix (inputfilename, lineno);
 	fprintf (stderr, "couldn't generate authorization\n");
-	return 1;
+	status = 1;
+	goto exit_generate;
     }
 
     if (verbose)
@@ -2017,10 +2025,12 @@ do_generate(const char *inputfilename, int lineno, int argc, const char **argv)
 
     status = do_add(inputfilename, lineno, 4, args);
 
-    if (authdata) free(authdata);
+  exit_generate:
+    free(authdata);
     XSecurityFreeXauth(auth_in);
     XSecurityFreeXauth(auth_return);
     free(hex);
-    XCloseDisplay(dpy);
+    if (dpy != NULL)
+	XCloseDisplay(dpy);
     return status;
 }
author	Alan Coopersmith <alan.coopersmith@oracle.com>	2020-05-10 13:21:50 -0700
committer	Alan Coopersmith <alan.coopersmith@oracle.com>	2020-05-10 13:21:50 -0700
commit	aaf037ec5c576e46318935feaf6e2b7407ff11a0 (patch)
tree	ddd070d0e878d58a1a164e340acb055b3f05d232
parent	4faf0f63f0563513252967a2da1c51de6f5f7b0c (diff)
download	xorg-app-xauth-aaf037ec5c576e46318935feaf6e2b7407ff11a0.tar.gz