[PATCH v2 05/10] raop: Fix resource leaks

crisp.fujita@xxxxxxxxx (Hajime Fujita) · Mon, 6 Mar 2017 22:26:54 -0600

> On Mar 6, 2017, at 1:43 AM, Peter Meerwald-Stadler <pmeerw at pmeerw.net> wrote:
> 
> Coverity ID: #1398158, #1398159
> 
> Signed-off-by: Peter Meerwald-Stadler <pmeerw at pmeerw.net>
> ---
> src/modules/raop/raop-client.c | 14 ++++++--------
> 1 file changed, 6 insertions(+), 8 deletions(-)
> 
> diff --git a/src/modules/raop/raop-client.c b/src/modules/raop/raop-client.c
> index 4c3083e..03558f6 100644
> --- a/src/modules/raop/raop-client.c
> +++ b/src/modules/raop/raop-client.c
> @@ -1223,7 +1223,7 @@ static void rtsp_auth_cb(pa_rtsp_client *rtsp, pa_rtsp_state_t state, pa_rtsp_st
>             static bool waiting = false;
>             const char *current = NULL;
>             char space[] = " ";
> -            char *token,*ath = NULL;
> +            char *token, *ath = NULL;
>             char *publ, *wath, *mth, *val;

Should we initialize mth to NULL here to prevent freeing a random address later?
This could happen when `wath = pa_xstrdup(pa_headerlist_gets(headers, "WWW-Authenticate"));` becomes NULL.

>             char *realm = NULL, *nonce = NULL, *response = NULL;
>             char comma[] = ",";
> @@ -1260,9 +1260,6 @@ static void rtsp_auth_cb(pa_rtsp_client *rtsp, pa_rtsp_state_t state, pa_rtsp_st
>                     pa_raop_basic_response(DEFAULT_USER_NAME, c->password, &response);
>                     ath = pa_sprintf_malloc("Basic %s",
>                         response);
> -
> -                    pa_xfree(response);
> -                    pa_xfree(realm);
>                 } else if (pa_safe_streq(mth, "Digest")) {
>                     rtrim_char(realm, '\"');
>                     rtrim_char(nonce, '\"');
> @@ -1271,17 +1268,18 @@ static void rtsp_auth_cb(pa_rtsp_client *rtsp, pa_rtsp_state_t state, pa_rtsp_st
>                     ath = pa_sprintf_malloc("Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"*\", response=\"%s\"",
>                         DEFAULT_USER_NAME, realm, nonce,
>                         response);
> -
> -                    pa_xfree(response);
> -                    pa_xfree(realm);
> -                    pa_xfree(nonce);
>                 } else {
>                     pa_log_error("unsupported authentication method: %s", mth);
> +                    pa_xfree(realm);
> +                    pa_xfree(nonce);
>                     pa_xfree(wath);
>                     pa_xfree(mth);
>                     goto error;
>                 }
> 
> +                pa_xfree(response);
> +                pa_xfree(realm);
> +                pa_xfree(nonce);
>                 pa_xfree(wath);
>                 pa_xfree(mth);
> 
> -- 
> 2.7.4
> 
> _______________________________________________
> pulseaudio-discuss mailing list
> pulseaudio-discuss at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/pulseaudio-discuss