From 46c0e376fe134aba1d0876a7a50e524dfdf7175d Mon Sep 17 00:00:00 2001 From: Bastien Nocera Date: Thu, 16 May 2024 15:40:48 +0200 Subject: [PATCH] obexd: Fix memory leak To not leak "buf", we need object->buffer to take ownership of it using g_string_new_take() (but it's only available in 2.78 and newer), or we need to actually free "buf". Error: RESOURCE_LEAK (CWE-772): [#def66] [important] obexd/plugins/filesystem.c:411:3: alloc_arg: "g_file_get_contents" allocates memory that is stored into "buf". obexd/plugins/filesystem.c:418:3: noescape: Resource "buf" is not freed or pointed-to in "g_string_new". obexd/plugins/filesystem.c:440:2: leaked_storage: Variable "buf" going out of scope leaks the storage it points to. 438| *err = 0; 439| 440|-> return object; 441| 442| fail: --- obexd/plugins/filesystem.c | 1 + 1 file changed, 1 insertion(+) diff --git a/obexd/plugins/filesystem.c b/obexd/plugins/filesystem.c index f52927541..4887a0b8a 100644 --- a/obexd/plugins/filesystem.c +++ b/obexd/plugins/filesystem.c @@ -416,6 +416,7 @@ static void *capability_open(const char *name, int oflag, mode_t mode, } object->buffer = g_string_new(buf); + g_free(buf); if (size) *size = object->buffer->len; -- 2.47.3