StarlingX

static analysis reports "Resource leak" issues in stx-nfv

Bug #1794898 reported by Ran An
278
This bug affects 2 people
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
High
Ran An

Bug Description

Brief Description
-----------------
  there are some memory and file handle leak

Severity
--------
 Major

Steps to Reproduce
------------------
  free memory or file handle before function return

Expected Behavior
------------------
  static analysis do not report this issue

Actual Behavior
----------------
  static analysis report this issue

Reproducibility
---------------
Reproducible

System Configuration
--------------------
all

Static Analysis Reports
--------------------

in file guest_scale_agent.c:
""""""
237 void cpu_scale_down(json_object *jobj_request,
238 json_object *jobj_response)
239 {
240 ...

279 pick_cpu:

    1. alloc_fn: Storage is returned from allocation function range_to_array. [show details]
    2. var_assign: Assigning: current_online_cpus = storage returned from range_to_array(get_online_cpu_range()).
302 struct online_cpus *current_online_cpus = range_to_array(get_online_cpu_range());
303
304 // no need to release jobj_array as its ownership is transferred to jobj_response
    3. noescape: Resource current_online_cpus is not freed or pointed-to in new_json_obj_from_array. [show details]
305 struct json_object *jobj_array = new_json_obj_from_array(current_online_cpus);
306 json_object_object_add(jobj_response, ONLINE_CPUS, jobj_array);

    Resource leak (RESOURCE_LEAK)
    4. leaked_storage: Variable current_online_cpus going out of scope leaks the storage it points to.
307 return;
       ....
313 }
""""""

similar cases in

parser.c:131
leaked_storage: Variable token going out of scope leaks the storage it points to.
leaked_storage: Variable tmp going out of scope leaks the storage it points to.

guest_scale_agent.c:378
leaked_storage: Variable current_online_cpus going out of scope leaks the storage it points to.

in file guest_scale_agent.c
""""""
148 int offline_cpu(unsigned cpu)
149 {
        ...
   1. open_fn: Returning handle opened by open.
   2. var_assign: Assigning: fd = handle returned from open(buf, 2).
155 fd = open(buf, O_RDWR);
       ...

    Resource leak (RESOURCE_LEAK)
    9. leaked_handle: Handle variable fd going out of scope leaks the handle.
175 return 0;
176}
""""""

similar cases in guest_scale_agent.c:145, guest_scale_agent.c:215

See original description
Ran An (an.ran)
Changed in starlingx:
assignee: nobody → Ran An (an.ran)
Ran An (an.ran)
tags: added: stx.security
Ran An (an.ran)
description: updated
Ken Young (kenyis)
Changed in starlingx:
status: New → Triaged
importance: Undecided → High
Revision history for this message
Bruce Jones (brucej) wrote :

Please update this bug with specific file and line number information for the static analysis issue. Make sure the bug has enough information for someone to find the problem in the code without access to the tool or the report.

Ran An (an.ran)
description: updated
description: updated
Ken Young (kenyis)
tags: added: stx.2019.03
Revision history for this message
Ran An (an.ran) wrote :

associated reviews addr: https://review.openstack.org/#/c/613202/

Ran An (an.ran)
Changed in starlingx:
status: Triaged → Fix Released
Ken Young (kenyis)
information type: Private Security → Public Security
Ken Young (kenyis)
tags: added: stx.2019.05
removed: stx.2019.03
Ken Young (kenyis)
tags: added: stx.2.0
removed: stx.2019.05
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.