Fix "Resource leak" issues reported by static analysis in Stx-ha
Bug #1791880 reported by
haitao wang
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
High
|
Austin Sun |
Bug Description
Title
-----
Fix "Resource leak" issues reported by static analysis in Stx-ha
Brief Description
-----------------
After triaging a scan report for C/C++ static code analysis, we found that there are high impact issues which need a fix. This meta bug will cover the resource leak" category in c/c++ code in Stx-ha.
Severity
--------
Provide the severity of the defect.
Major
Steps to Reproduce
------------------
Run a static analysis tool
Changed in starlingx: | |
assignee: | nobody → haitao wang (hwang85) |
tags: | added: stx.security |
description: | updated |
Changed in starlingx: | |
status: | New → Confirmed |
importance: | Undecided → High |
Changed in starlingx: | |
assignee: | haitao wang (hwang85) → Austin Sun (sunausti) |
Changed in starlingx: | |
status: | Invalid → Confirmed |
tags: | added: stx.2019.03 |
information type: | Private Security → Public Security |
tags: |
added: stx.2019.05 removed: stx.2019.03 |
tags: |
added: stx.2.0 removed: stx.2019.05 |
To post a comment you must log in.
as aligned , we don't need fix by now.
https:/ /review. openstack. org/#/c/ 611323/
These code changes are incorrect.
I intemperate that the goal for these open function calls are to open device /dev/null as fd=0,1,2 (or stdin, stdout and stderr). of which, stdin is rdonly and stdout and stderr are wronly.
The FDs are meant to open for the full life cycle of the thread. It may be better to close them at the exit of the thread if it needs to, but it wouldn't become resource leak unless the thread is to restart, which is not the case.