useradd.c: fix covscan RESOURCE_LEAK

Error: RESOURCE_LEAK (CWE-772): [#def28]
shadow-4.8.1/src/useradd.c:1905: open_fn: Returning handle opened by "open". [Note: The source code implementation of the function has been overridden by a user model.]
shadow-4.8.1/src/useradd.c:1905: var_assign: Assigning: "fd" = handle returned from "open("/var/log/faillog", 2)".
shadow-4.8.1/src/useradd.c:1906: noescape: Resource "fd" is not freed or pointed-to in "lseek".
shadow-4.8.1/src/useradd.c:1917: leaked_handle: Handle variable "fd" going out of scope leaks the handle.
 1915|   		/* continue */
 1916|   	}
 1917|-> }
 1918|
 1919|   static void lastlog_reset (uid_t uid)

Error: RESOURCE_LEAK (CWE-772): [#def29]
shadow-4.8.1/src/useradd.c:1938: open_fn: Returning handle opened by "open". [Note: The source code implementation of the function has been overridden by a user model.]
shadow-4.8.1/src/useradd.c:1938: var_assign: Assigning: "fd" = handle returned from "open("/var/log/lastlog", 2)".
shadow-4.8.1/src/useradd.c:1939: noescape: Resource "fd" is not freed or pointed-to in "lseek".
shadow-4.8.1/src/useradd.c:1950: leaked_handle: Handle variable "fd" going out of scope leaks the handle.
 1948|   		/* continue */
 1949|   	}
 1950|-> }
 1951|
 1952|   static void tallylog_reset (const char *user_name)

Error: RESOURCE_LEAK (CWE-772): [#def30]
shadow-4.8.1/src/useradd.c:2109: alloc_fn: Storage is returned from allocation function "strdup".
shadow-4.8.1/src/useradd.c:2109: var_assign: Assigning: "bhome" = storage returned from "strdup(prefix_user_home)".
shadow-4.8.1/src/useradd.c:2131: noescape: Resource "bhome" is not freed or pointed-to in "strtok".
shadow-4.8.1/src/useradd.c:2207: leaked_storage: Variable "bhome" going out of scope leaks the storage it points to.
 2205|   		}
 2206|   #endif
 2207|-> 	}
 2208|   }
 2209|
This commit is contained in:
Iker Pedrosa 2021-06-10 13:05:03 +02:00
parent a6154b8572
commit 1aed7ae945

View File

@ -1964,16 +1964,26 @@ static void faillog_reset (uid_t uid)
memzero (&fl, sizeof (fl)); memzero (&fl, sizeof (fl));
fd = open (FAILLOG_FILE, O_RDWR); fd = open (FAILLOG_FILE, O_RDWR);
if ( (-1 == fd) if (-1 == fd) {
|| (lseek (fd, offset_uid, SEEK_SET) != offset_uid) fprintf (stderr,
_("%s: failed to open the faillog file for UID %lu: %s\n"),
Prog, (unsigned long) uid, strerror (errno));
SYSLOG ((LOG_WARN, "failed to open the faillog file for UID %lu", (unsigned long) uid));
return;
}
if ( (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
|| (write (fd, &fl, sizeof (fl)) != (ssize_t) sizeof (fl)) || (write (fd, &fl, sizeof (fl)) != (ssize_t) sizeof (fl))
|| (fsync (fd) != 0) || (fsync (fd) != 0)) {
|| (close (fd) != 0)) {
fprintf (stderr, fprintf (stderr,
_("%s: failed to reset the faillog entry of UID %lu: %s\n"), _("%s: failed to reset the faillog entry of UID %lu: %s\n"),
Prog, (unsigned long) uid, strerror (errno)); Prog, (unsigned long) uid, strerror (errno));
SYSLOG ((LOG_WARN, "failed to reset the faillog entry of UID %lu", (unsigned long) uid)); SYSLOG ((LOG_WARN, "failed to reset the faillog entry of UID %lu", (unsigned long) uid));
/* continue */ }
if (close (fd) != 0) {
fprintf (stderr,
_("%s: failed to close the faillog file for UID %lu: %s\n"),
Prog, (unsigned long) uid, strerror (errno));
SYSLOG ((LOG_WARN, "failed to close the faillog file for UID %lu", (unsigned long) uid));
} }
} }
@ -1997,17 +2007,29 @@ static void lastlog_reset (uid_t uid)
memzero (&ll, sizeof (ll)); memzero (&ll, sizeof (ll));
fd = open (LASTLOG_FILE, O_RDWR); fd = open (LASTLOG_FILE, O_RDWR);
if ( (-1 == fd) if (-1 == fd) {
|| (lseek (fd, offset_uid, SEEK_SET) != offset_uid) fprintf (stderr,
_("%s: failed to open the lastlog file for UID %lu: %s\n"),
Prog, (unsigned long) uid, strerror (errno));
SYSLOG ((LOG_WARN, "failed to open the lastlog file for UID %lu", (unsigned long) uid));
return;
}
if ( (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
|| (write (fd, &ll, sizeof (ll)) != (ssize_t) sizeof (ll)) || (write (fd, &ll, sizeof (ll)) != (ssize_t) sizeof (ll))
|| (fsync (fd) != 0) || (fsync (fd) != 0)) {
|| (close (fd) != 0)) {
fprintf (stderr, fprintf (stderr,
_("%s: failed to reset the lastlog entry of UID %lu: %s\n"), _("%s: failed to reset the lastlog entry of UID %lu: %s\n"),
Prog, (unsigned long) uid, strerror (errno)); Prog, (unsigned long) uid, strerror (errno));
SYSLOG ((LOG_WARN, "failed to reset the lastlog entry of UID %lu", (unsigned long) uid)); SYSLOG ((LOG_WARN, "failed to reset the lastlog entry of UID %lu", (unsigned long) uid));
/* continue */ /* continue */
} }
if (close (fd) != 0) {
fprintf (stderr,
_("%s: failed to close the lastlog file for UID %lu: %s\n"),
Prog, (unsigned long) uid, strerror (errno));
SYSLOG ((LOG_WARN, "failed to close the lastlog file for UID %lu", (unsigned long) uid));
/* continue */
}
} }
static void tallylog_reset (const char *user_name) static void tallylog_reset (const char *user_name)
@ -2254,6 +2276,7 @@ static void create_home (void)
} }
cp = strtok (NULL, "/"); cp = strtok (NULL, "/");
} }
free (bhome);
(void) chown (prefix_user_home, user_id, user_gid); (void) chown (prefix_user_home, user_id, user_gid);
mode_t mode = getdef_num ("HOME_MODE", mode_t mode = getdef_num ("HOME_MODE",