Loading...

Type: Bug
Resolution: Won't Do
Priority: Normal
Fix Version/s: None
Affects Version/s: rhel-8.10.z
Component/s: nftables
Labels:
None

Regression:
No
Severity:
Low
sprint_count:
1

AssignedTeam:
rhel-net-firewall
Sub-System Group:

ssg_networking

Story Points:
7
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
None
Sprint:
NST-firewall-25W16-19

Preliminary Testing:
None
Test Coverage:
None

Experience:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

Coverity tool noticed how error path in JSON parser does not free allocated memory at all times. All cases should be fixed by:

47e18c0eba51a ("parser_json: fix handle memleak from error path")

For it to apply cleanly, one could backport the following dependencies (all more or less fixes to the JSON parser):

8efab5527cbcb ("parser_json: fix device parsing in netdev family")
bd976ab13b4d5 ("json: allow to specify comment on chain")
4dfb5b2010917 ("json: deal appropriately with multidevice in chain")
34c1337296807 ("parser_json: Proper ct expectation attribute parsing")
d73e269f7bffc ("parser_json: Fix synproxy object mss/wscale parsing")

Full log here:

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:2812:3: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:2812:3: var_assign: Assigning: "h.chain.name" = storage returned from "xstrdup(h.chain.name)".
nftables-1.0.4/src/parser_json.c:2832:3: leaked_storage: Variable "h" going out of scope leaks the storage "h.chain.name" points to.
# 2830|   		json_error(ctx, "Invalid chain hook '%s'.", hookstr);
# 2831|   		chain_free(chain);
# 2832|-> 		return NULL;
# 2833|   	}
# 2834|   

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:2810:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:2810:2: var_assign: Assigning: "h.table.name" = storage returned from "xstrdup(h.table.name)".
nftables-1.0.4/src/parser_json.c:2832:3: leaked_storage: Variable "h" going out of scope leaks the storage "h.table.name" points to.
# 2830|   		json_error(ctx, "Invalid chain hook '%s'.", hookstr);
# 2831|   		chain_free(chain);
# 2832|-> 		return NULL;
# 2833|   	}
# 2834|   

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:2812:3: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:2812:3: var_assign: Assigning: "h.chain.name" = storage returned from "xstrdup(h.chain.name)".
nftables-1.0.4/src/parser_json.c:2852:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.chain.name" points to.
# 2850|   			json_error(ctx, "Unknown policy '%s'.", policy);
# 2851|   			chain_free(chain);
# 2852|-> 			return NULL;
# 2853|   		}
# 2854|   	}

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:2810:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:2810:2: var_assign: Assigning: "h.table.name" = storage returned from "xstrdup(h.table.name)".
nftables-1.0.4/src/parser_json.c:2852:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.table.name" points to.
# 2850|   			json_error(ctx, "Unknown policy '%s'.", policy);
# 2851|   			chain_free(chain);
# 2852|-> 			return NULL;
# 2853|   		}
# 2854|   	}

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:2893:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:2893:2: var_assign: Assigning: "h.chain.name" = storage returned from "xstrdup(h.chain.name)".
nftables-1.0.4/src/parser_json.c:2900:3: leaked_storage: Variable "h" going out of scope leaks the storage "h.chain.name" points to.
# 2898|   	if (!json_is_array(tmp)) {
# 2899|   		json_error(ctx, "Value of property \"expr\" must be an array.");
# 2900|-> 		return NULL;
# 2901|   	}
# 2902|   

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:2892:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:2892:2: var_assign: Assigning: "h.table.name" = storage returned from "xstrdup(h.table.name)".
nftables-1.0.4/src/parser_json.c:2900:3: leaked_storage: Variable "h" going out of scope leaks the storage "h.table.name" points to.
# 2898|   	if (!json_is_array(tmp)) {
# 2899|   		json_error(ctx, "Value of property \"expr\" must be an array.");
# 2900|-> 		return NULL;
# 2901|   	}
# 2902|   

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:2893:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:2893:2: var_assign: Assigning: "h.chain.name" = storage returned from "xstrdup(h.chain.name)".
nftables-1.0.4/src/parser_json.c:2920:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.chain.name" points to.
# 2918|   				   json_typename(value));
# 2919|   			rule_free(rule);
# 2920|-> 			return NULL;
# 2921|   		}
# 2922|   

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:2892:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:2892:2: var_assign: Assigning: "h.table.name" = storage returned from "xstrdup(h.table.name)".
nftables-1.0.4/src/parser_json.c:2920:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.table.name" points to.
# 2918|   				   json_typename(value));
# 2919|   			rule_free(rule);
# 2920|-> 			return NULL;
# 2921|   		}
# 2922|   

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:2893:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:2893:2: var_assign: Assigning: "h.chain.name" = storage returned from "xstrdup(h.chain.name)".
nftables-1.0.4/src/parser_json.c:2928:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.chain.name" points to.
# 2926|   			json_error(ctx, "Parsing expr array at index %zd failed.", index);
# 2927|   			rule_free(rule);
# 2928|-> 			return NULL;
# 2929|   		}
# 2930|   

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:2892:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:2892:2: var_assign: Assigning: "h.table.name" = storage returned from "xstrdup(h.table.name)".
nftables-1.0.4/src/parser_json.c:2928:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.table.name" points to.
# 2926|   			json_error(ctx, "Parsing expr array at index %zd failed.", index);
# 2927|   			rule_free(rule);
# 2928|-> 			return NULL;
# 2929|   		}
# 2930|   

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3304:3: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3304:3: var_assign: Assigning: "h.obj.name" = storage returned from "xstrdup(h.obj.name)".
nftables-1.0.4/src/parser_json.c:3338:5: leaked_storage: Variable "h" going out of scope leaks the storage "h.obj.name" points to.
# 3336|   					   tmp, sizeof(obj->secmark.ctx));
# 3337|   				obj_free(obj);
# 3338|-> 				return NULL;
# 3339|   			}
# 3340|   		}

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3302:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3302:2: var_assign: Assigning: "h.table.name" = storage returned from "xstrdup(h.table.name)".
nftables-1.0.4/src/parser_json.c:3338:5: leaked_storage: Variable "h" going out of scope leaks the storage "h.table.name" points to.
# 3336|   					   tmp, sizeof(obj->secmark.ctx));
# 3337|   				obj_free(obj);
# 3338|-> 				return NULL;
# 3339|   			}
# 3340|   		}

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3304:3: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3304:3: var_assign: Assigning: "h.obj.name" = storage returned from "xstrdup(h.obj.name)".
nftables-1.0.4/src/parser_json.c:3355:5: leaked_storage: Variable "h" going out of scope leaks the storage "h.obj.name" points to.
# 3353|   					   tmp, sizeof(obj->ct_helper.name));
# 3354|   				obj_free(obj);
# 3355|-> 				return NULL;
# 3356|   			}
# 3357|   		}

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3302:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3302:2: var_assign: Assigning: "h.table.name" = storage returned from "xstrdup(h.table.name)".
nftables-1.0.4/src/parser_json.c:3355:5: leaked_storage: Variable "h" going out of scope leaks the storage "h.table.name" points to.
# 3353|   					   tmp, sizeof(obj->ct_helper.name));
# 3354|   				obj_free(obj);
# 3355|-> 				return NULL;
# 3356|   			}
# 3357|   		}

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3304:3: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3304:3: var_assign: Assigning: "h.obj.name" = storage returned from "xstrdup(h.obj.name)".
nftables-1.0.4/src/parser_json.c:3366:5: leaked_storage: Variable "h" going out of scope leaks the storage "h.obj.name" points to.
# 3364|   				json_error(ctx, "Invalid ct helper protocol '%s'.", tmp);
# 3365|   				obj_free(obj);
# 3366|-> 				return NULL;
# 3367|   			}
# 3368|   		}

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3302:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3302:2: var_assign: Assigning: "h.table.name" = storage returned from "xstrdup(h.table.name)".
nftables-1.0.4/src/parser_json.c:3366:5: leaked_storage: Variable "h" going out of scope leaks the storage "h.table.name" points to.
# 3364|   				json_error(ctx, "Invalid ct helper protocol '%s'.", tmp);
# 3365|   				obj_free(obj);
# 3366|-> 				return NULL;
# 3367|   			}
# 3368|   		}

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3304:3: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3304:3: var_assign: Assigning: "h.obj.name" = storage returned from "xstrdup(h.obj.name)".
nftables-1.0.4/src/parser_json.c:3373:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.obj.name" points to.
# 3371|   			json_error(ctx, "Invalid ct helper l3proto '%s'.", tmp);
# 3372|   			obj_free(obj);
# 3373|-> 			return NULL;
# 3374|   		}
# 3375|   		obj->ct_helper.l3proto = l3proto;

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3302:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3302:2: var_assign: Assigning: "h.table.name" = storage returned from "xstrdup(h.table.name)".
nftables-1.0.4/src/parser_json.c:3373:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.table.name" points to.
# 3371|   			json_error(ctx, "Invalid ct helper l3proto '%s'.", tmp);
# 3372|   			obj_free(obj);
# 3373|-> 			return NULL;
# 3374|   		}
# 3375|   		obj->ct_helper.l3proto = l3proto;

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3304:3: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3304:3: var_assign: Assigning: "h.obj.name" = storage returned from "xstrdup(h.obj.name)".
nftables-1.0.4/src/parser_json.c:3388:5: leaked_storage: Variable "h" going out of scope leaks the storage "h.obj.name" points to.
# 3386|   				json_error(ctx, "Invalid ct timeout protocol '%s'.", tmp);
# 3387|   				obj_free(obj);
# 3388|-> 				return NULL;
# 3389|   			}
# 3390|   		}

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3302:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3302:2: var_assign: Assigning: "h.table.name" = storage returned from "xstrdup(h.table.name)".
nftables-1.0.4/src/parser_json.c:3388:5: leaked_storage: Variable "h" going out of scope leaks the storage "h.table.name" points to.
# 3386|   				json_error(ctx, "Invalid ct timeout protocol '%s'.", tmp);
# 3387|   				obj_free(obj);
# 3388|-> 				return NULL;
# 3389|   			}
# 3390|   		}

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3304:3: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3304:3: var_assign: Assigning: "h.obj.name" = storage returned from "xstrdup(h.obj.name)".
nftables-1.0.4/src/parser_json.c:3395:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.obj.name" points to.
# 3393|   			json_error(ctx, "Invalid ct timeout l3proto '%s'.", tmp);
# 3394|   			obj_free(obj);
# 3395|-> 			return NULL;
# 3396|   		}
# 3397|   		obj->ct_helper.l3proto = l3proto;

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3302:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3302:2: var_assign: Assigning: "h.table.name" = storage returned from "xstrdup(h.table.name)".
nftables-1.0.4/src/parser_json.c:3395:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.table.name" points to.
# 3393|   			json_error(ctx, "Invalid ct timeout l3proto '%s'.", tmp);
# 3394|   			obj_free(obj);
# 3395|-> 			return NULL;
# 3396|   		}
# 3397|   		obj->ct_helper.l3proto = l3proto;

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3304:3: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3304:3: var_assign: Assigning: "h.obj.name" = storage returned from "xstrdup(h.obj.name)".
nftables-1.0.4/src/parser_json.c:3402:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.obj.name" points to.
# 3400|   		if (json_parse_ct_timeout_policy(ctx, root, obj)) {
# 3401|   			obj_free(obj);
# 3402|-> 			return NULL;
# 3403|   		}
# 3404|   		break;

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3302:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3302:2: var_assign: Assigning: "h.table.name" = storage returned from "xstrdup(h.table.name)".
nftables-1.0.4/src/parser_json.c:3402:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.table.name" points to.
# 3400|   		if (json_parse_ct_timeout_policy(ctx, root, obj)) {
# 3401|   			obj_free(obj);
# 3402|-> 			return NULL;
# 3403|   		}
# 3404|   		break;

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3304:3: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3304:3: var_assign: Assigning: "h.obj.name" = storage returned from "xstrdup(h.obj.name)".
nftables-1.0.4/src/parser_json.c:3412:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.obj.name" points to.
# 3410|   			json_error(ctx, "Invalid ct expectation l3proto '%s'.", tmp);
# 3411|   			obj_free(obj);
# 3412|-> 			return NULL;
# 3413|   		}
# 3414|   		obj->ct_expect.l3proto = l3proto;

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3302:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3302:2: var_assign: Assigning: "h.table.name" = storage returned from "xstrdup(h.table.name)".
nftables-1.0.4/src/parser_json.c:3412:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.table.name" points to.
# 3410|   			json_error(ctx, "Invalid ct expectation l3proto '%s'.", tmp);
# 3411|   			obj_free(obj);
# 3412|-> 			return NULL;
# 3413|   		}
# 3414|   		obj->ct_expect.l3proto = l3proto;

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3304:3: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3304:3: var_assign: Assigning: "h.obj.name" = storage returned from "xstrdup(h.obj.name)".
nftables-1.0.4/src/parser_json.c:3423:5: leaked_storage: Variable "h" going out of scope leaks the storage "h.obj.name" points to.
# 3421|   				json_error(ctx, "Invalid ct expectation protocol '%s'.", tmp);
# 3422|   				obj_free(obj);
# 3423|-> 				return NULL;
# 3424|   			}
# 3425|   		}

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3302:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3302:2: var_assign: Assigning: "h.table.name" = storage returned from "xstrdup(h.table.name)".
nftables-1.0.4/src/parser_json.c:3423:5: leaked_storage: Variable "h" going out of scope leaks the storage "h.table.name" points to.
# 3421|   				json_error(ctx, "Invalid ct expectation protocol '%s'.", tmp);
# 3422|   				obj_free(obj);
# 3423|-> 				return NULL;
# 3424|   			}
# 3425|   		}

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3304:3: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3304:3: var_assign: Assigning: "h.obj.name" = storage returned from "xstrdup(h.obj.name)".
nftables-1.0.4/src/parser_json.c:3438:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.obj.name" points to.
# 3436|   				    "per", &tmp)) {
# 3437|   			obj_free(obj);
# 3438|-> 			return NULL;
# 3439|   		}
# 3440|   		json_unpack(root, "{s:s}", "rate_unit", &rate_unit);

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3302:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3302:2: var_assign: Assigning: "h.table.name" = storage returned from "xstrdup(h.table.name)".
nftables-1.0.4/src/parser_json.c:3438:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.table.name" points to.
# 3436|   				    "per", &tmp)) {
# 3437|   			obj_free(obj);
# 3438|-> 			return NULL;
# 3439|   		}
# 3440|   		json_unpack(root, "{s:s}", "rate_unit", &rate_unit);

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3304:3: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3304:3: var_assign: Assigning: "h.obj.name" = storage returned from "xstrdup(h.obj.name)".
nftables-1.0.4/src/parser_json.c:3463:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.obj.name" points to.
# 3461|   				    "wscale", &obj->synproxy.wscale)) {
# 3462|   			obj_free(obj);
# 3463|-> 			return NULL;
# 3464|   		}
# 3465|   		obj->synproxy.flags |= NF_SYNPROXY_OPT_MSS;

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3302:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3302:2: var_assign: Assigning: "h.table.name" = storage returned from "xstrdup(h.table.name)".
nftables-1.0.4/src/parser_json.c:3463:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.table.name" points to.
# 3461|   				    "wscale", &obj->synproxy.wscale)) {
# 3462|   			obj_free(obj);
# 3463|-> 			return NULL;
# 3464|   		}
# 3465|   		obj->synproxy.flags |= NF_SYNPROXY_OPT_MSS;

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3304:3: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3304:3: var_assign: Assigning: "h.obj.name" = storage returned from "xstrdup(h.obj.name)".
nftables-1.0.4/src/parser_json.c:3471:5: leaked_storage: Variable "h" going out of scope leaks the storage "h.obj.name" points to.
# 3469|   			if (flags < 0) {
# 3470|   				obj_free(obj);
# 3471|-> 				return NULL;
# 3472|   			}
# 3473|   			obj->synproxy.flags |= flags;

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3302:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3302:2: var_assign: Assigning: "h.table.name" = storage returned from "xstrdup(h.table.name)".
nftables-1.0.4/src/parser_json.c:3471:5: leaked_storage: Variable "h" going out of scope leaks the storage "h.table.name" points to.
# 3469|   			if (flags < 0) {
# 3470|   				obj_free(obj);
# 3471|-> 				return NULL;
# 3472|   			}
# 3473|   			obj->synproxy.flags |= flags;

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3584:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3584:2: var_assign: Assigning: "h.chain.name" = storage returned from "xstrdup(h.chain.name)".
nftables-1.0.4/src/parser_json.c:3598:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.chain.name" points to.
# 3596|   				   json_typename(value));
# 3597|   			rule_free(rule);
# 3598|-> 			return NULL;
# 3599|   		}
# 3600|   

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3583:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3583:2: var_assign: Assigning: "h.table.name" = storage returned from "xstrdup(h.table.name)".
nftables-1.0.4/src/parser_json.c:3598:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.table.name" points to.
# 3596|   				   json_typename(value));
# 3597|   			rule_free(rule);
# 3598|-> 			return NULL;
# 3599|   		}
# 3600|   

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3584:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3584:2: var_assign: Assigning: "h.chain.name" = storage returned from "xstrdup(h.chain.name)".
nftables-1.0.4/src/parser_json.c:3607:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.chain.name" points to.
# 3605|   				   index);
# 3606|   			rule_free(rule);
# 3607|-> 			return NULL;
# 3608|   		}
# 3609|   

Error: RESOURCE_LEAK (CWE-772):
nftables-1.0.4/src/parser_json.c:3583:2: alloc_fn: Storage is returned from allocation function "xstrdup".
nftables-1.0.4/src/parser_json.c:3583:2: var_assign: Assigning: "h.table.name" = storage returned from "xstrdup(h.table.name)".
nftables-1.0.4/src/parser_json.c:3607:4: leaked_storage: Variable "h" going out of scope leaks the storage "h.table.name" points to.
# 3605|   				   index);
# 3606|   			rule_free(rule);
# 3607|-> 			return NULL;
# 3608|   		}
# 3609|

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates