________________________________________________________________________________________________________
*** CID 294222: Resource leaks (RESOURCE_LEAK)
/home/kgiusti/work/qpid-dispatch/src/policy.c: 293 in qd_policy_parse_tree()
287 if (!tree)
288 return NULL;
289
290 // make a writable, disposable copy of the csv string
291 char * dup = strdup(config_spec);
292 if (!dup)
>>> CID 294222: Resource leaks (RESOURCE_LEAK)
>>> Variable "tree" going out of scope leaks the storage it points to.
293 return NULL;
294 char * dupend = dup + strlen(dup);
295
296 char * pch = dup;
297 while (pch < dupend) {
298 // the tuple strings
** CID 294221: Resource leaks (RESOURCE_LEAK)
/home/kgiusti/work/qpid-dispatch/tests/policy_test.c: 101 in test_link_name_tree_lookup()
________________________________________________________________________________________________________
*** CID 294219: Resource leaks (RESOURCE_LEAK)
/home/kgiusti/work/qpid-dispatch/src/router_core/forwarder.c: 810 in qdr_forward_link_balanced_CT()
804
805 qdr_connection_enqueue_work_CT(core, conn, work);
806
807 return true;
808 }
809
>>> CID 294219: Resource leaks (RESOURCE_LEAK)
>>> Variable "insert" going out of scope leaks the storage it points to.
810 return false;
811 }
812
813
814 //==================================================================================
815 // In-Thread API Functions
** CID 294218: (RESOURCE_LEAK)
/home/kgiusti/work/qpid-dispatch/tests/parse_tree_tests.c: 77 in test_add_and_match_str()
/home/kgiusti/work/qpid-dispatch/tests/parse_tree_tests.c: 80 in test_add_and_match_str()
/home/kgiusti/work/qpid-dispatch/tests/parse_tree_tests.c: 83 in test_add_and_match_str()
________________________________________________________________________________________________________
*** CID 294217: Null pointer dereferences (REVERSE_INULL)
/home/kgiusti/work/qpid-dispatch/src/router_core/forwarder.c: 199 in qdr_forward_deliver_CT()
193
194 //
195 // We are dealing here only with link routed deliveries
196 // If the out_link has a connected link and if the out_link is an inter-router link, increment the global deliveries_transit
197 // If the out_link is a route container link, add to the global deliveries_egress
198 //
>>> CID 294217: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "out_link" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
199 if (out_link && out_link->connected_link) {
200 if (out_link->conn->role == QDR_ROLE_INTER_ROUTER) {
201 core->deliveries_transit++;
202 }
203 else {
204 core->deliveries_egress++;
** CID 294216: (USE_AFTER_FREE)
/home/kgiusti/work/qpid-dispatch/src/router_core/transfer.c: 1028 in qdr_link_deliver_CT()
________________________________________________________________________________________________________
*** CID 294216: (USE_AFTER_FREE)
/home/kgiusti/work/qpid-dispatch/src/router_core/transfer.c: 1028 in qdr_link_deliver_CT()
1022 //
1023 // Deal with any delivery restrictions for this address.
1024 //
1025 if (addr && addr->router_control_only && link->link_type != QD_LINK_CONTROL) {
1026 qdr_delivery_release_CT(core, dlv);
1027 qdr_link_issue_credit_CT(core, link, 1, false);
>>> CID 294216: (USE_AFTER_FREE)
>>> Calling "qdr_delivery_decref_CT" dereferences freed pointer "dlv".
1028 qdr_delivery_decref_CT(core, dlv, "qdr_link_deliver_CT - removed from action on restricted access");
1029 } else {
1030 //
1031 // Give the action reference to the qdr_link_forward function. Don't decref/incref.
1032 //
1033 qdr_link_forward_CT(core, link, dlv, addr, more);
/home/kgiusti/work/qpid-dispatch/src/router_core/transfer.c: 1028 in qdr_link_deliver_CT()
1022 //
1023 // Deal with any delivery restrictions for this address.
1024 //
1025 if (addr && addr->router_control_only && link->link_type != QD_LINK_CONTROL) {
1026 qdr_delivery_release_CT(core, dlv);
1027 qdr_link_issue_credit_CT(core, link, 1, false);
>>> CID 294216: (USE_AFTER_FREE)
>>> Passing freed pointer "dlv" as an argument to "qdr_delivery_decref_CT".
1028 qdr_delivery_decref_CT(core, dlv, "qdr_link_deliver_CT - removed from action on restricted access");
1029 } else {
1030 //
1031 // Give the action reference to the qdr_link_forward function. Don't decref/incref.
1032 //
1033 qdr_link_forward_CT(core, link, dlv, addr, more);
** CID 294215: Null pointer dereferences (REVERSE_INULL)
/home/kgiusti/work/qpid-dispatch/src/server.c: 925 in handle()
________________________________________________________________________________________________________
*** CID 294215: Null pointer dereferences (REVERSE_INULL)
/home/kgiusti/work/qpid-dispatch/src/server.c: 925 in handle()
919 case PN_TRANSPORT_ERROR:
920 {
921 qd_increment_conn_index(ctx);
922
923 pn_transport_t *transport = pn_event_transport(e);
924 pn_condition_t* condition = transport ? pn_transport_condition(transport) : NULL;
>>> CID 294215: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "ctx" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
925 if (ctx && ctx->connector) { /* Outgoing connection */
926 const qd_server_config_t *config = &ctx->connector->config;
927 if (condition && pn_condition_is_set(condition)) {
928 qd_log(qd_server->log_source, QD_LOG_INFO, "Connection to %s failed: %s %s", config->host_port,
929 pn_condition_get_name(condition), pn_condition_get_description(condition));
930 } else {
** CID 294214: (RESOURCE_LEAK)
/home/kgiusti/work/qpid-dispatch/tests/policy_test.c: 149 in test_link_name_csv_parser()
/home/kgiusti/work/qpid-dispatch/tests/policy_test.c: 154 in test_link_name_csv_parser()
/home/kgiusti/work/qpid-dispatch/tests/policy_test.c: 159 in test_link_name_csv_parser()
/home/kgiusti/work/qpid-dispatch/tests/policy_test.c: 164 in test_link_name_csv_parser()
/home/kgiusti/work/qpid-dispatch/tests/policy_test.c: 169 in test_link_name_csv_parser()
/home/kgiusti/work/qpid-dispatch/tests/policy_test.c: 174 in test_link_name_csv_parser()
________________________________________________________________________________________________________
*** CID 294213: Resource leaks (RESOURCE_LEAK)
/home/kgiusti/work/qpid-dispatch/src/router_core/forwarder.c: 810 in qdr_forward_link_balanced_CT()
804
805 qdr_connection_enqueue_work_CT(core, conn, work);
806
807 return true;
808 }
809
>>> CID 294213: Resource leaks (RESOURCE_LEAK)
>>> Variable "strip" going out of scope leaks the storage it points to.
810 return false;
811 }
812
813
814 //==================================================================================
815 // In-Thread API Functions
** CID 294212: Resource leaks (RESOURCE_LEAK)
/home/kgiusti/work/qpid-dispatch/tests/policy_test.c: 133 in test_link_name_tree_lookup()
________________________________________________________________________________________________________
*** CID 294211: Null pointer dereferences (FORWARD_NULL)
/home/kgiusti/work/qpid-dispatch/src/policy.c: 389 in qd_policy_open_lookup_user()
383 (PyObject *)policy->py_policy_manager,
384 username, hostip, vhost, conn_name, conn_id);
385 if (result) {
386 char *res_string = py_obj_2_c_string(result);
387 const size_t res_len = res_string ? strlen(res_string) : 0;
388 if (res_len < name_buf_size) {
>>> CID 294211: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "res_string" to "strcpy", which dereferences it.
389 strcpy(name_buf, res_string);
390 } else {
391 qd_log(policy->log_source, QD_LOG_ERROR,
392 "Internal: lookup_user: insufficient buffer for name");
393 }
394 Py_XDECREF(result);
________________________________________________________________________________________________________
Major