Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-30805

dnsmasq SAST: Error: RESOURCE_LEAK (CWE-772):dnsmasq-2.85/src/option.c:3274: alloc_fn: Storage is returned from allocation function "opt_malloc".

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • rhel-10.0
    • rhel-9.3.0
    • dnsmasq
    • None
    • None
    • None
    • sst_cs_infra_services
    • ssg_core_services
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None

      What were you trying to do that didn't work?

      Error: RESOURCE_LEAK (CWE-772):
      dnsmasq-2.85/src/option.c:3274: alloc_fn: Storage is returned from allocation function "opt_malloc".
      dnsmasq-2.85/src/option.c:3274: var_assign: Assigning: "new" = storage returned from "opt_malloc(96UL)".
      dnsmasq-2.85/src/option.c:3413: leaked_storage: Variable "new" going out of scope leaks the storage it points to.
      # 3411|                       {
      # 3412|                         sprintf(errstr, _("duplicate dhcp-host IP address %s"),  inet_ntoa(in));
      # 3413|->                       return 0;
      # 3414|                       }              
      # 3415|                 }
      

      Please provide the package NVR for which bug is seen:

      dnsmasq-2.85-14.el9

      How reproducible:

      Steps to reproduce

      Expected results

      Actual results

      Fix. this can happen repeatedly on configuration file reload. It means there is configuration error, but it should not leak new structure anyway.

            pemensik@redhat.com Petr Mensik
            pemensik@redhat.com Petr Mensik
            Petr Mensik Petr Mensik
            Petr Sklenar Petr Sklenar
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: