Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-35381

xmlsec1: Fix findings from static application security testing (SAST)

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Undefined Undefined
    • rhel-9.5
    • rhel-8.0.0, CentOS Stream 8, CentOS Stream 9, rhel-9.0.0
    • xmlsec1
    • None
    • xmlsec1-1.2.29-10.el9
    • None
    • Low
    • rhel-sst-idm-sssd
    • ssg_idm
    • 0
    • QE ack, Dev ack
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None

      Fix followin findings from SAST

      1.

      "Error: RESOURCE_LEAK (CWE-772):
xmlsec1-1.2.29/src/c14n.c:225: alloc_fn: Storage is returned from allocation function ""xmlSecBufferCreateOutputBuffer"".
xmlsec1-1.2.29/src/c14n.c:225: var_assign: Assigning: ""buf"" = storage returned from ""xmlSecBufferCreateOutputBuffer(&transform->outBuf)"".
xmlsec1-1.2.29/src/c14n.c:236: leaked_storage: Variable ""buf"" going out of scope leaks the storage it points to.
#  234|        * all pointers in the big array */
#  235|       nsList = xmlSecTransfor
mC14NGetNsList(transform);
#  236|->     xmlSecAssert2(xmlSecPtrListCheckId(nsList, xmlSecStringListId), -1);
#  237|   
#  238|       ret = xmlSecTransformC14NExecute(transform->id, nodes, (xmlChar**)(nsList->data), buf);"

      2.

      "Error: RESOURCE_LEAK (CWE-772):
xmlsec1-1.2.29/src/parser.c:389: alloc_fn: Storage is returned from allocation function ""xmlParserGetDirectory"".
xmlsec1-1.2.29/src/parser.c:389: var_assign: Assigning: ""directory"" = storage returned from ""xmlParserGetDirectory(filename)"".
xmlsec1-1.2.29/src/parser.c:398: noescape: Resource ""(xmlChar *)directory"" is not freed or pointed-to in ""xmlStrdup"".
xmlsec1-1.2.29/src/parser.c:420: leaked_storage: Variable ""directory"" going out of scope leaks the storage it points to.
#  418|           }
#  419|           xmlFreeParserCtxt(ctxt);
#  420|->         return(NULL);
#  421|       }
#  422|   "

      3.

      "Error: RESOURCE_LEAK (CWE-772):
xmlsec1-1.2.29/src/gcrypt/asymkeys.c:288: alloc_arg: ""gcry_pk_genkey"" allocates memory that is stored into ""key_pair"".
xmlsec1-1.2.29/src/gcrypt/asymkeys.c:294: noescape: Resource ""key_pair"" is not freed or pointed-to in ""xmlSecGCryptAsymKeyDataAdoptKey"".
xmlsec1-1.2.29/src/gcrypt/asymkeys.c:299: overwrite_var: Overwriting ""key_pair"" in ""key_pair = NULL"" leaks the storage that ""key_pair"" points to.
#  297|           goto done;
#  298|       }
#  299|->     key_pair = NULL; /* now owned by data */
#  300|   
#  301|       /* success */"

      4.

      "Error: RESOURCE_LEAK (CWE-772):
xmlsec1-1.2.29/src/parser.c:389: alloc_fn: Storage is returned from allocation function ""xmlParserGetDirectory"".
xmlsec1-1.2.29/src/parser.c:389: var_assign: Assigning: ""directory"" = storage returned from ""xmlParserGetDirectory(filename)"".
xmlsec1-1.2.29/src/parser.c:398: noescape: Resource ""(xmlChar *)directory"" is not freed or pointed-to in ""xmlStrdup"".
xmlsec1-1.2.29/src/parser.c:400: noescape: Resource ""(xmlChar *)directory"" is not freed or pointed-to in ""xmlStrlen"".
xmlsec1-1.2.29/src/parser.c:402: leaked_storage: Variable ""directory"" going out of scope leaks the storage it points to.
#  400|               xmlSecStrdupError(BAD_CAST directory, NULL);
#  401|               xmlFreeParserCtxt(ctxt);
#  402|->             return(NULL);
#  403|           }
#  404|       }"

      5.

      "Error: RESOURCE_LEAK (CWE-772):
xmlsec1-1.2.29/src/parser.c:389: alloc_fn: Storage is returned from allocation function ""xmlParserGetDirectory"".
xmlsec1-1.2.29/src/parser.c:389: var_assign: Assigning: ""directory"" = storage returned from ""xmlParserGetDirectory(filename)"".
xmlsec1-1.2.29/src/parser.c:398: noescape: Resource ""(xmlChar *)directory"" is not freed or pointed-to in ""xmlStrdup"".
xmlsec1-1.2.29/src/parser.c:430: leaked_storage: Variable ""directory"" going out of scope leaks the storage it points to.
#  428|          }
#  429|          xmlFreeParserCtxt(ctxt);
#  430|->        return(NULL);
#  431|       }
#  432|   "

      6.

      "Error: RESOURCE_LEAK (CWE-772):
xmlsec1-1.2.29/src/parser.c:389: alloc_fn: Storage is returned from allocation function ""xmlParserGetDirectory"".
xmlsec1-1.2.29/src/parser.c:389: var_assign: Assigning: ""directory"" = storage returned from ""xmlParserGetDirectory(filename)"".
xmlsec1-1.2.29/src/parser.c:398: noescape: Resource ""(xmlChar *)directory"" is not freed or pointed-to in ""xmlStrdup"".
xmlsec1-1.2.29/src/parser.c:437: leaked_storage: Variable ""directory"" going out of scope leaks the storage it points to.
#  435|       ctxt->myDoc = NULL;
#  436|       xmlFreeParserCtxt(ctxt);
#  437|->     return(res);
#  438|   
#  439|   }"

      7.

      "Error: RESOURCE_LEAK (CWE-772):
xmlsec1-1.2.29/src/c14n.c:290: alloc_fn: Storage is returned from allocation function ""xmlSecBufferCreateOutputBuffer"".
xmlsec1-1.2.29/src/c14n.c:290: var_assign: Assigning: ""buf"" = storage returned from ""xmlSecBufferCreateOutputBuffer(out)"".
xmlsec1-1.2.29/src/c14n.c:300: leaked_storage: Variable ""buf"" going out of scope leaks the storage it points to.
#  298|            * all pointers in the big array */
#  299|           nsList = xmlSecTransformC14NGetNsList(transform);
#  300|->         xmlSecAssert2(xmlSecPtrListCheckId(nsList, xmlSecStringListId), -1);
#  301|   
#  302|           ret = xmlSecTransformC14NExecute(transform->id, transform->inNodes, (xmlChar**)(nsList->data), buf);"

              thalman@redhat.com Tomas Halman
              thalman@redhat.com Tomas Halman
              Tomas Halman Tomas Halman
              Scott Poore Scott Poore
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: