To not leak "buf", we need object->buffer to take ownership of it using g_string_new_take() (but it's only available in 2.78 and newer), or we need to actually free "buf". Error: RESOURCE_LEAK (CWE-772): [#def66] [important] bluez-5.75/obexd/plugins/filesystem.c:411:3: alloc_arg: "g_file_get_contents" allocates memory that is stored into "buf". bluez-5.75/obexd/plugins/filesystem.c:418:3: noescape: Resource "buf" is not freed or pointed-to in "g_string_new". bluez-5.75/obexd/plugins/filesystem.c:440:2: leaked_storage: Variable "buf" going out of scope leaks the storage it points to. 438| *err = 0; 439| 440|-> return object; 441| 442| fail: --- obexd/plugins/filesystem.c | 1 + 1 file changed, 1 insertion(+) diff --git a/obexd/plugins/filesystem.c b/obexd/plugins/filesystem.c index f52927541bab..4887a0b8ac81 100644 --- a/obexd/plugins/filesystem.c +++ b/obexd/plugins/filesystem.c @@ -416,6 +416,7 @@ static void *capability_open(const char *name, int oflag, mode_t mode, } object->buffer = g_string_new(buf); + g_free(buf); if (size) *size = object->buffer->len; -- 2.44.0
