RE: New Defect(s) reported by Coverity Scan
From: Scan Subscription
Date: Wed Feb 13 2013 - 13:55:20 EST
Hi Boris
There is no fclose(file) call in parse_zoffset() function
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=blob_plain;f=arch/x86/boot/tools/build.c;hb=HEAD
There is only one flcose call in this file and it is in the main() function
Let us know if I am missing anything
Thanks
Dakshesh Vyas
Coverity SCAN-ADMIN
scan-admin at coverity.com
http://scan.coverity.com
________________________________________
From: Borislav Petkov [bp@xxxxxxxxx]
Sent: Wednesday, February 13, 2013 10:38 AM
To: Scan Subscription
Cc: linux-kernel@xxxxxxxxxxxxxxx; hpa@xxxxxxxxx
Subject: Re: New Defect(s) reported by Coverity Scan
On Wed, Feb 13, 2013 at 05:40:11PM +0000, Scan Subscription wrote:
> Hi,
>
> Please find the latest report on new defect(s) that have been introduced to the Linux Kernel found with Coverity SCAN.
>
>
> Defect(s) Reported-by: Coverity Scan:
> ___________________________________________________________________________
> ** CID 971353: Resource leak (RESOURCE_LEAK)
> /arch/x86/boot/tools/build.c: 259
> http://scan5.coverity.com:8080/sourcebrowser.htm?projectId=10063#mergedDefectId=971353
>
>
> ###########################################################################
> Defect Details:
> ___________________________________________________________________________
> CID 971353: Resource leak (RESOURCE_LEAK)
> http://scan5.coverity.com:8080/sourcebrowser.htm?projectId=10063#mergedDefectId=971353
>
> /arch/x86/boot/tools/build.c: 240 ( alloc_fn)
>
> 234 static void parse_zoffset(char *fname)
> 235 {
> 236 FILE *file;
> 237 char *p;
> 238 int c;
> 239
> >>> Storage is returned from allocation function "fopen(char const * restrict, char const * restrict)".
> >>> Assigning: "file" = storage returned from "fopen(fname, "r")".
> 240 file = fopen(fname, "r");
> 241 if (!file)
> 242 die("Unable to open `%s': %m", fname);
> >>> Resource "file" is not freed or pointed-to in function "fread(void * restrict, size_t, size_t, FILE * restrict)".
> 243 c = fread(buf, 1, sizeof(buf) - 1, file);
> >>> Resource "file" is not freed or pointed-to in function "ferror(FILE *)".
> 244 if (ferror(file))
> 245 die("read-error on `zoffset.h'");
> 246 buf[c] = 0;
> 247
>
>
> /arch/x86/boot/tools/build.c: 259 ( leaked_storage)
> 256 while (p && (*p == '\r' || *p == '\n'))
> 257 p++;
> 258 }
> >>> CID 971353: Resource leak (RESOURCE_LEAK) Variable "file" going out
> >>> of scope leaks the storage it points to.
Well, we do
fclose(file)
a couple of lines later in the same function.
The only problem I can see is that we don't fclose the file when ferror
returns non-NULL but that shouldn't matter because we die() then and all
resources are automatically freed.
--
Regards/Gruss,
Boris.
Sent from a fat crate under my desk. Formatting is fine.
--
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/