Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-30805

dnsmasq SAST: Error: RESOURCE_LEAK (CWE-772):dnsmasq-2.85/src/option.c:3274: alloc_fn: Storage is returned from allocation function "opt_malloc".

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • rhel-10.0
    • rhel-9.3.0
    • dnsmasq
    • None
    • None
    • None
    • rhel-sst-cs-net-perf-services
    • ssg_core_services
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None

      What were you trying to do that didn't work?

      Error: RESOURCE_LEAK (CWE-772):
      dnsmasq-2.85/src/option.c:3274: alloc_fn: Storage is returned from allocation function "opt_malloc".
      dnsmasq-2.85/src/option.c:3274: var_assign: Assigning: "new" = storage returned from "opt_malloc(96UL)".
      dnsmasq-2.85/src/option.c:3413: leaked_storage: Variable "new" going out of scope leaks the storage it points to.
      # 3411|                       {
      # 3412|                         sprintf(errstr, _("duplicate dhcp-host IP address %s"),  inet_ntoa(in));
      # 3413|->                       return 0;
      # 3414|                       }              
      # 3415|                 }
      

      Please provide the package NVR for which bug is seen:

      dnsmasq-2.85-14.el9

      How reproducible:

      Steps to reproduce

      Expected results

      Actual results

      Fix. this can happen repeatedly on configuration file reload. It means there is configuration error, but it should not leak new structure anyway.

              pemensik@redhat.com Petr Mensik
              pemensik@redhat.com Petr Mensik
              Petr Mensik Petr Mensik
              Petr Sklenar Petr Sklenar
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: