From patchwork Tue May 9 21:21:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Stephen Hemminger X-Patchwork-Id: 13236164 X-Patchwork-Delegate: stephen@networkplumber.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 32D1D1993C for ; Tue, 9 May 2023 21:23:41 +0000 (UTC) Received: from mail-pf1-f170.google.com (mail-pf1-f170.google.com [209.85.210.170]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 42EAA106D6 for ; Tue, 9 May 2023 14:23:24 -0700 (PDT) Received: by mail-pf1-f170.google.com with SMTP id d2e1a72fcca58-64395e741fcso6509631b3a.2 for ; Tue, 09 May 2023 14:23:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=networkplumber-org.20221208.gappssmtp.com; s=20221208; t=1683667290; x=1686259290; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=/a1H5Uw7vjzJuOoJpULAG1rAFq0YE7GyjI2Q6kkpZiY=; b=WPMiEaRqTAWLmrn9/MHDHozgoWnJq3QeN0RuzFpcELM7oP+2AmJgYKkrNucsbT0BHt 6WHk0wenPlHtPX/RzaSsasJm812yBudcW+YxKQ458ld8LGkvqkrRff+xEp5o/pPYqxul +ydOuCPcvNPK+svBDSewW6EChDuArOxPfOSXBZ4P3JUT26Ma1GXrqqWffCMGAMrj1UkJ EV2+u6JtJLlk7xR7Ygn630I4TMoiyRHUNMYivr01ta/VbiC9Ob418c32RpDmFyicWiVj 9eDFxfwQuSR6TnQr4zUGXaGysxcK2LgZzyE37IwPmTjvAxDlbfiXDT5MXsW/WBOw3wtS uztg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683667290; x=1686259290; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/a1H5Uw7vjzJuOoJpULAG1rAFq0YE7GyjI2Q6kkpZiY=; b=Q94uEvh39jcj1wm6AlwQB4fCZADibms0HfZWjxBHfGiSAFjd6e8Iu7oUFL0/4Lfi19 O9O1FD/cCdtJ8oC9efLIBK7u5ZXY74xCR0yUhhNRGom1b/eS17RS7KkGAyWq7n+m5LcF kpEiC6F0o/WsU10ADjBg+6jlr0qjP3wXZf2dfnQxI0C+6ge+FOQUmxIiutTDdJRoAl8R 3ngGbzPW9IaEGkrEJnKZBKvI6BvN+z9anrXwkXuUu6tv6LAwcfZeyyFhB25mX6PJ2a78 L0tQt86d97y4Q8HBmDHHyp1e4m0DeU07dWlS5w44ZbiesaLJlgRv/2T5HEeXGGGAdfSX 0mzw== X-Gm-Message-State: AC+VfDxsEGpGzckto3Tc2F+YOPtk5PKN4ad+7iCXzElTpBmqOXg9EN46 LXZ4YafTsnj8MejKk2PkvBOk5wlnp9oID0IyYKHcvA== X-Google-Smtp-Source: ACHHUZ4K9ptLq49KvxM8/ijqM6fmIdsCbfJCm7eDShE7jYdpWAPQMMuR/OvxjcSUlAjmiH2hieoWAQ== X-Received: by 2002:a05:6a00:1406:b0:62a:c1fa:b253 with SMTP id l6-20020a056a00140600b0062ac1fab253mr19105494pfu.31.1683667289805; Tue, 09 May 2023 14:21:29 -0700 (PDT) Received: from hermes.local (204-195-120-218.wavecable.com. [204.195.120.218]) by smtp.gmail.com with ESMTPSA id d22-20020aa78e56000000b00646e7d2b5a7sm1932565pfr.112.2023.05.09.14.21.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 09 May 2023 14:21:29 -0700 (PDT) From: Stephen Hemminger To: netdev@vger.kernel.org Cc: Stephen Hemminger Subject: [PATCH iproute2 01/11] lib/fs: fix file leak in task_get_name Date: Tue, 9 May 2023 14:21:15 -0700 Message-Id: <20230509212125.15880-2-stephen@networkplumber.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230509212125.15880-1-stephen@networkplumber.org> References: <20230509212125.15880-1-stephen@networkplumber.org> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: dsahern@gmail.com Fixes the problem identified -fanalyzer. Why did rdma choose to reimplement the same function as exiting glibc pthread_getname(). fs.c: In function ‘get_task_name’: fs.c:355:12: warning: leak of FILE ‘f’ [CWE-775] [-Wanalyzer-file-leak] 355 | if (!fgets(name, len, f)) | ^ ‘get_task_name’: events 1-9 | | 345 | if (!pid) | | ^ | | | | | (1) following ‘false’ branch (when ‘pid != 0’)... |...... | 348 | if (snprintf(path, sizeof(path), "/proc/%d/comm", pid) >= sizeof(path)) | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | | || | | |(2) ...to here | | (3) following ‘false’ branch... |...... | 351 | f = fopen(path, "r"); | | ~~~~~~~~~~~~~~~~ | | | | | (4) ...to here | | (5) opened here | 352 | if (!f) | | ~ | | | | | (6) assuming ‘f’ is non-NULL | | (7) following ‘false’ branch (when ‘f’ is non-NULL)... |...... | 355 | if (!fgets(name, len, f)) | | ~ ~~~~~~~~~~~~~~~~~~~ | | | | | | | (8) ...to here | | (9) following ‘true’ branch... | ‘get_task_name’: event 10 | |cc1: | (10): ...to here | ‘get_task_name’: event 11 | | 355 | if (!fgets(name, len, f)) | | ^ | | | | | (11) ‘f’ leaks here; was opened at (5) | fs.c:355:12: warning: leak of ‘f’ [CWE-401] [-Wanalyzer-malloc-leak] ‘get_task_name’: events 1-9 | | 345 | if (!pid) | | ^ | | | | | (1) following ‘false’ branch (when ‘pid != 0’)... |...... | 348 | if (snprintf(path, sizeof(path), "/proc/%d/comm", pid) >= sizeof(path)) | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | | || | | |(2) ...to here | | (3) following ‘false’ branch... |...... | 351 | f = fopen(path, "r"); | | ~~~~~~~~~~~~~~~~ | | | | | (4) ...to here | | (5) allocated here | 352 | if (!f) | | ~ | | | | | (6) assuming ‘f’ is non-NULL | | (7) following ‘false’ branch (when ‘f’ is non-NULL)... |...... | 355 | if (!fgets(name, len, f)) | | ~ ~~~~~~~~~~~~~~~~~~~ | | | | | | | (8) ...to here | | (9) following ‘true’ branch... | ‘get_task_name’: event 10 | |cc1: | (10): ...to here | ‘get_task_name’: event 11 | | 355 | if (!fgets(name, len, f)) | | ^ | | | | | (11) ‘f’ leaks here; was allocated at (5) Fixes: 81bfd01a4c9e ("lib: move get_task_name() from rdma") Signed-off-by: Stephen Hemminger --- lib/fs.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/fs.c b/lib/fs.c index 22d4af7583dd..7f4b159ccb65 100644 --- a/lib/fs.c +++ b/lib/fs.c @@ -352,8 +352,10 @@ int get_task_name(pid_t pid, char *name, size_t len) if (!f) return -1; - if (!fgets(name, len, f)) + if (!fgets(name, len, f)) { + fclose(f); return -1; + } /* comm ends in \n, get rid of it */ name[strcspn(name, "\n")] = '\0';