colin/NetworkManager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cli: fix leak of text for libreadline

Browse Source 
Coverity warns about this:

    Error: RESOURCE_LEAK (CWE-772):
    NetworkManager-1.32.4/src/nmcli/agent.c:87: alloc_fn: Storage is returned from allocation function "g_strdup".
    NetworkManager-1.32.4/src/nmcli/agent.c:87: var_assign: Assigning: "pre_input_deftext" = storage returned from "g_strdup(secret->value)".
    NetworkManager-1.32.4/src/nmcli/agent.c:87: overwrite_var: Overwriting "pre_input_deftext" in "pre_input_deftext = g_strdup(secret->value)" leaks the storage that "pre_input_deftext" points to.
    #   85|               /* Prefill the password if we have it. */
    #   86|               rl_startup_hook   = set_deftext;
    #   87|->             pre_input_deftext = g_strdup(secret->value);
    #   88|           }
    #   89|           if (secret->no_prompt_entry_id)

    Error: RESOURCE_LEAK (CWE-772):
    NetworkManager-1.32.4/src/nmcli/common.c:712: alloc_fn: Storage is returned from allocation function "g_strdup".
    NetworkManager-1.32.4/src/nmcli/common.c:712: var_assign: Assigning: "nmc_rl_pre_input_deftext" = storage returned from "g_strdup(secret->value)".
    NetworkManager-1.32.4/src/nmcli/common.c:712: overwrite_var: Overwriting "nmc_rl_pre_input_deftext" in "nmc_rl_pre_input_deftext = g_strdup(secret->value)" leaks the storage that "nmc_rl_pre_input_deftext" points to.
    #  710|                           /* Prefill the password if we have it. */
    #  711|                           rl_startup_hook          = nmc_rl_set_deftext;
    #  712|->                         nmc_rl_pre_input_deftext = g_strdup(secret->value);
    #  713|                       }
    #  714|                   }
This commit is contained in:
Thomas Haller
2021-07-29 14:31:38 +02:00
parent 56707a09ae
commit 72433a10f4
3 changed files with 13 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/nmcli/agent.c
View File

@@ -54,14 +54,13 @@ usage_agent_all(void)
"Runs nmcli as both NetworkManager secret and a polkit agent.\n\n")); "Runs nmcli as both NetworkManager secret and a polkit agent.\n\n"));
} }
/* for pre-filling a string to readline prompt */
static char *pre_input_deftext; static char *pre_input_deftext;
static int set_deftext(_NMC_RL_STARTUPHOOK_ARGS) static int set_deftext(_NMC_RL_STARTUPHOOK_ARGS)
{ {
if (pre_input_deftext && rl_startup_hook) { if (pre_input_deftext && rl_startup_hook) {
rl_insert_text(pre_input_deftext); rl_insert_text(pre_input_deftext);
g_free(pre_input_deftext); nm_clear_g_free(&pre_input_deftext);
pre_input_deftext = NULL;
rl_startup_hook = NULL; rl_startup_hook = NULL;
} }
return 0; return 0;
@@ -86,7 +85,7 @@ get_secrets_from_user(const NmcConfig *nmc_config,
if (secret->value) { if (secret->value) {
/* Prefill the password if we have it. */ /* Prefill the password if we have it. */
rl_startup_hook = set_deftext; rl_startup_hook = set_deftext;
pre_input_deftext = g_strdup(secret->value); nm_utils_strdup_reset(&pre_input_deftext, secret->value);
} }
if (secret->no_prompt_entry_id) if (secret->no_prompt_entry_id)
pwd = nmc_readline(nmc_config, "%s: ", secret->pretty_name); pwd = nmc_readline(nmc_config, "%s: ", secret->pretty_name);

6
src/nmcli/common.c
View File

@@ -712,7 +712,7 @@ get_secrets_from_user(const NmcConfig *nmc_config,
} else { } else {
/* Prefill the password if we have it. */ /* Prefill the password if we have it. */
rl_startup_hook = nmc_rl_set_deftext; rl_startup_hook = nmc_rl_set_deftext;
nmc_rl_pre_input_deftext = g_strdup(secret->value); nm_utils_strdup_reset(&nmc_rl_pre_input_deftext, secret->value);
} }
} }
if (msg) if (msg)
@@ -1150,15 +1150,13 @@ nmc_rl_gen_func_ifnames(const char *text, int state)
return ret; return ret;
} }
/* for pre-filling a string to readline prompt */
char *nmc_rl_pre_input_deftext; char *nmc_rl_pre_input_deftext;
int nmc_rl_set_deftext(_NMC_RL_STARTUPHOOK_ARGS) int nmc_rl_set_deftext(_NMC_RL_STARTUPHOOK_ARGS)
{ {
if (nmc_rl_pre_input_deftext && rl_startup_hook) { if (nmc_rl_pre_input_deftext && rl_startup_hook) {
rl_insert_text(nmc_rl_pre_input_deftext); rl_insert_text(nmc_rl_pre_input_deftext);
g_free(nmc_rl_pre_input_deftext); nm_clear_g_free(&nmc_rl_pre_input_deftext);
nmc_rl_pre_input_deftext = NULL;
rl_startup_hook = NULL; rl_startup_hook = NULL;
} }
return 0; return 0;

5
src/nmcli/connections.c
View File

@@ -7377,8 +7377,9 @@ property_edit_submenu(NmCli * nmc,
case NMC_EDITOR_SUB_CMD_CHANGE: case NMC_EDITOR_SUB_CMD_CHANGE:
rl_startup_hook = nmc_rl_set_deftext; rl_startup_hook = nmc_rl_set_deftext;
nmc_rl_pre_input_deftext = nm_utils_strdup_reset_take(
nmc_setting_get_property_parsable(curr_setting, prop_name, NULL); &nmc_rl_pre_input_deftext,
nmc_setting_get_property_parsable(curr_setting, prop_name, NULL));
prop_val_user = nmc_readline(&nmc->nmc_config, _("Edit '%s' value: "), prop_name); prop_val_user = nmc_readline(&nmc->nmc_config, _("Edit '%s' value: "), prop_name);
if (!nmc_setting_set_property(nmc->client, if (!nmc_setting_set_property(nmc->client,