diff mbox series

[BlueZ,v2,03/11] shared/shell: Fix fd leak if -s is passed multiple times

Message ID 20240705085935.1255725-4-hadess@hadess.net (mailing list archive)
State New, archived
Headers show
Series Fix a number of static analysis issues #5 | expand

Checks

Context Check Description
tedd_an/pre-ci_am success Success
tedd_an/CheckPatch warning WARNING:LONG_LINE: line length of 86 exceeds 80 columns #78: FILE: src/shared/shell.c:1318: + printf("Unable to open %s: %s (%d)\n", optarg, /github/workspace/src/src/13724597.patch total: 0 errors, 1 warnings, 15 lines checked NOTE: For some of the reported defects, checkpatch may be able to mechanically convert to the typical style using --fix or --fix-inplace. /github/workspace/src/src/13724597.patch has style problems, please review. NOTE: Ignored message types: COMMIT_MESSAGE COMPLEX_MACRO CONST_STRUCT FILE_PATH_CHANGES MISSING_SIGN_OFF PREFER_PACKED SPDX_LICENSE_TAG SPLIT_STRING SSCANF_TO_KSTRTO NOTE: If any of the errors are false positives, please report them to the maintainer, see CHECKPATCH in MAINTAINERS.
tedd_an/GitLint fail WARNING: I3 - ignore-body-lines: gitlint will be switching from using Python regex 'match' (match beginning) to 'search' (match anywhere) semantics. Please review your ignore-body-lines.regex option accordingly. To remove this warning, set general.regex-style-search=True. More details: https://jorisroovers.github.io/gitlint/configuration/#regex-style-search 4: B1 Line exceeds max length (173>80): "bluez-5.76/src/shared/shell.c:1305:5: open_fn: Returning handle opened by "open". [Note: The source code implementation of the function has been overridden by a user model.]" 5: B1 Line exceeds max length (117>80): "bluez-5.76/src/shared/shell.c:1305:5: var_assign: Assigning: "data.init_fd" = handle returned from "open(optarg, 0)"." 6: B1 Line exceeds max length (140>80): "bluez-5.76/src/shared/shell.c:1305:5: overwrite_var: Overwriting handle "data.init_fd" in "data.init_fd = open(optarg, 0)" leaks the handle." 7: B3 Line contains hard tab characters (\t): "1303| case 's':" 8: B3 Line contains hard tab characters (\t): "1304| if (optarg)" 9: B3 Line contains hard tab characters (\t): "1305|-> data.init_fd = open(optarg, O_RDONLY);" 10: B3 Line contains hard tab characters (\t): "1306| if (data.init_fd < 0)" 11: B3 Line contains hard tab characters (\t): "1307| printf("Unable to open %s: %s (%d)\n", optarg,"
tedd_an/IncrementalBuild success Incremental Build PASS

Commit Message

Bastien Nocera July 5, 2024, 8:57 a.m. UTC
Error: RESOURCE_LEAK (CWE-772): [#def37] [important]
bluez-5.76/src/shared/shell.c:1305:5: open_fn: Returning handle opened by "open". [Note: The source code implementation of the function has been overridden by a user model.]
bluez-5.76/src/shared/shell.c:1305:5: var_assign: Assigning: "data.init_fd" = handle returned from "open(optarg, 0)".
bluez-5.76/src/shared/shell.c:1305:5: overwrite_var: Overwriting handle "data.init_fd" in "data.init_fd = open(optarg, 0)" leaks the handle.
1303|			case 's':
1304|				if (optarg)
1305|->					data.init_fd = open(optarg, O_RDONLY);
1306|				if (data.init_fd < 0)
1307|					printf("Unable to open %s: %s (%d)\n", optarg,
---
 src/shared/shell.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)
diff mbox series

Patch

diff --git a/src/shared/shell.c b/src/shared/shell.c
index e8f75124f167..f3dc5e55b9ec 100644
--- a/src/shared/shell.c
+++ b/src/shared/shell.c
@@ -1312,11 +1312,12 @@  void bt_shell_init(int argc, char **argv, const struct bt_shell_opt *opt)
 			data.mode = 1;
 			goto done;
 		case 's':
-			if (optarg)
+			if (optarg && data.init_fd < 0) {
 				data.init_fd = open(optarg, O_RDONLY);
-			if (data.init_fd < 0)
-				printf("Unable to open %s: %s (%d)\n", optarg,
+				if (data.init_fd < 0)
+					printf("Unable to open %s: %s (%d)\n", optarg,
 						strerror(errno), errno);
+			}
 			break;
 		case 't':
 			if (optarg)