| Summary: | Coverity issues | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | Jakub Jelen <jjelen> | ||||||
| Component: | ssh | Assignee: | Damien Miller <djm> | ||||||
| Status: | CLOSED FIXED | ||||||||
| Severity: | enhancement | CC: | djm, dtucker | ||||||
| Priority: | P5 | ||||||||
| Version: | 7.7p1 | ||||||||
| Hardware: | Other | ||||||||
| OS: | Linux | ||||||||
| Bug Depends on: | |||||||||
| Bug Blocks: | 2852 | ||||||||
| Attachments: |
|
||||||||
Created attachment 3166 [details]
tweaked diff
Here's a revised diff. Most of the changes are just stylistic and refactoring, but I think the original sftp-client.c upload_dir_internal() change had a bug: it was checking sb before the lstat() call that filled it.
Comment on attachment 3166 [details] tweaked diff >- struct addrinfo hints, *ai; >+ struct addrinfo hints, *ai = NULL; [...] >+ out: > freeaddrinfo(ai); I don't think there's any guarantee freeaddrinfo(NULL) is safe. I don't see it in the man page for openbsd or linux and I don't see it in rfc3493 Darren, you are right. There should be NULL check before calling the freeaddrinfo() or just return before the addrinfo is allocated, splitting the conditions. Damien, you are right about the sftp. You solution looks more elegant. Thanks. This has been committed in 74287f5df99 and will be in openssh-7.8; thanks! closing resolved bugs as of 8.6p1 release |
Created attachment 3164 [details] resolve memory leaks Hello, we ran the coverity scan on openssh-7.7p1 I noticed few memory leaks (see attached patch-set). This is nothing urgent, but it would be nice to have clean memory footprint.