Fix "Resource leak" issues reported by static analysis in Stx-ha
Bug #1791880 reported by
haitao wang
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| StarlingX |
Fix Released
|
High
|
Austin Sun | ||
Bug Description
Title
-----
Fix "Resource leak" issues reported by static analysis in Stx-ha
Brief Description
-----------------
After triaging a scan report for C/C++ static code analysis, we found that there are high impact issues which need a fix. This meta bug will cover the resource leak" category in c/c++ code in Stx-ha.
Severity
--------
Provide the severity of the defect.
Major
Steps to Reproduce
------------------
Run a static analysis tool
| Changed in starlingx: | |
| assignee: | nobody → haitao wang (hwang85) |
| tags: | added: stx.security |
| description: | updated |
| Changed in starlingx: | |
| status: | New → Confirmed |
| importance: | Undecided → High |
| Changed in starlingx: | |
| assignee: | haitao wang (hwang85) → Austin Sun (sunausti) |
Revision history for this message
| Austin Sun (sunausti) wrote | #1 |
| Changed in starlingx: | |
| status: | Confirmed → Invalid |
| Changed in starlingx: | |
| status: | Invalid → Confirmed |
Revision history for this message
| Bruce Jones (brucej) wrote | #2 |
Revision history for this message
| Austin Sun (sunausti) wrote | #3 |
| Changed in starlingx: | |
| status: | Confirmed → Fix Released |
| tags: | added: stx.2019.03 |
| information type: | Private Security → Public Security |
| tags: |
added: stx.2019.05 removed: stx.2019.03 |
| tags: |
added: stx.2.0 removed: stx.2019.05 |
To post a comment you must log in.
as aligned , we don't need fix by now.
https:/
These code changes are incorrect.
I intemperate that the goal for these open function calls are to open device /dev/null as fd=0,1,2 (or stdin, stdout and stderr). of which, stdin is rdonly and stdout and stderr are wronly.
The FDs are meant to open for the full life cycle of the thread. It may be better to close them at the exit of the thread if it needs to, but it wouldn't become resource leak unless the thread is to restart, which is not the case.