1. 19 May, 2019 1 commit
  2. 18 May, 2019 8 commits
  3. 08 May, 2019 6 commits
  4. 06 May, 2019 10 commits
  5. 05 May, 2019 2 commits
  6. 04 May, 2019 2 commits
  7. 03 May, 2019 1 commit
  8. 29 Apr, 2019 2 commits
  9. 28 Apr, 2019 2 commits
  10. 22 Apr, 2019 3 commits
    • Benjamin Tissoires's avatar
      Fix covscan complain · ba4ec937
      Benjamin Tissoires authored
      covscan gets confused by the test before the XtFree.
      
      Error: RESOURCE_LEAK (CWE-772):
      libXt-20190411/src/Event.c:743: alloc_fn: Storage is returned from allocation function "__XtMalloc".
      libXt-20190411/src/Event.c:743: var_assign: Assigning: "proc" = storage returned from "__XtMalloc((Cardinal)((size_t)numprocs * 16UL))".
      libXt-20190411/src/Event.c:745: var_assign: Assigning: "closure" = "proc".
      libXt-20190411/src/Event.c:776: leaked_storage: Variable "closure" going out of scope leaks the storage it points to.
      libXt-20190411/src/Event.c:776: leaked_storage: Variable "proc" going out of scope leaks the storage it points to.
      
      Mixing static arrays and dynamic ones was a good idea
      in the 90s when malloc was expensive, but now, we should
      probably make the code clearer by just allocating the
      memory when needed.
      Signed-off-by: Benjamin Tissoires's avatarBenjamin Tissoires <benjamin.tissoires@gmail.com>
      ba4ec937
    • Benjamin Tissoires's avatar
      dummy fix for covscan · 6a7584e0
      Benjamin Tissoires authored
      covscan seems lost here:
      
      Error: RESOURCE_LEAK (CWE-772):
      libXt-20190411/src/Intrinsic.c:1074: alloc_fn: Storage is returned from allocation function "__XtMalloc".
      libXt-20190411/src/Intrinsic.c:1074: var_assign: Assigning: "buf2" = storage returned from "__XtMalloc(4096U)".
      libXt-20190411/src/Intrinsic.c:1110: leaked_storage: Variable "buf2" going out of scope leaks the storage it points to.
      
      Error: USE_AFTER_FREE (CWE-416):
      libXt-20190411/src/Intrinsic.c:1113: alias: Assigning: "buf" = "buf2". Now both point to the same storage.
      libXt-20190411/src/Intrinsic.c:1108: freed_arg: "XtFree" frees "buf2".
      libXt-20190411/src/Intrinsic.c:1110: use_after_free: Using freed pointer "buf".
      
      Both are false positive, but we can make it understand where it
      is wrong.
      Signed-off-by: Benjamin Tissoires's avatarBenjamin Tissoires <benjamin.tissoires@gmail.com>
      6a7584e0
    • Benjamin Tissoires's avatar
      Fix leaks detected by covscan · bca67f98
      Benjamin Tissoires authored
      The following leaks are reported by covscan:
      
      Error: RESOURCE_LEAK (CWE-772):
      libXt-20190411/src/ResConfig.c:542: alloc_arg: "_get_part" allocates memory that is stored into "part".
      libXt-20190411/src/ResConfig.c:544: noescape: Resource "part" is not freed or pointed-to in "_match_resource_to_widget".
      libXt-20190411/src/ResConfig.c:560: leaked_storage: Variable "part" going out of scope leaks the storage it points to.
      
      Error: RESOURCE_LEAK (CWE-772):
      libXt-20190411/src/TMgrab.c:108: alloc_arg: "XtKeysymToKeycodeList" allocates memory that is stored into "keycodes".
      libXt-20190411/src/TMgrab.c:115: var_assign: Assigning: "keycodeP" = "keycodes".
      libXt-20190411/src/TMgrab.c:124: leaked_storage: Variable "keycodeP" going out of scope leaks the storage it points to.
      libXt-20190411/src/TMgrab.c:124: leaked_storage: Variable "keycodes" going out of scope leaks the storage it points to.
      
      Error: RESOURCE_LEAK (CWE-772):
      libXt-20190411/src/TMparse.c:1544: alloc_fn: Storage is returned from allocation function "XtMalloc".
      libXt-20190411/src/TMparse.c:1544: var_assign: Assigning: "event" = storage returned from "XtMalloc(88U)".
      libXt-20190411/src/TMparse.c:1549: noescape: Resource "event" is not freed or pointed-to in "ParseQuotedStringEvent".
      libXt-20190411/src/TMparse.c:1555: leaked_storage: Variable "event" going out of scope leaks the storage it points to.
      
      Error: RESOURCE_LEAK (CWE-772):
      libXt-20190411/src/TMparse.c:1779: alloc_fn: Storage is returned from allocation function "XtMalloc".
      libXt-20190411/src/TMparse.c:1779: var_assign: Assigning: "action" = storage returned from "XtMalloc(32U)".
      libXt-20190411/src/TMparse.c:1784: noescape: Resource "action" is not freed or pointed-to in "ParseAction".
      libXt-20190411/src/TMparse.c:1785: leaked_storage: Variable "action" going out of scope leaks the storage it points to.
      
      In addition to this legitimate leaks, covscan can get confused by
      the allocated memory in XtKeysymToKeycodeList:
      
      Error: RESOURCE_LEAK (CWE-772):
      libXt-20190411/src/TMgrab.c:108: alloc_arg: "XtKeysymToKeycodeList" allocates memory that is stored into "keycodes".
      libXt-20190411/src/TMgrab.c:114: leaked_storage: Variable "keycodes" going out of scope leaks the storage it points to.
      Signed-off-by: Benjamin Tissoires's avatarBenjamin Tissoires <benjamin.tissoires@gmail.com>
      bca67f98
  11. 21 Apr, 2019 3 commits