Uploaded image for project: 'Guacamole'
  1. Guacamole
  2. GUACAMOLE-398

guac_common_ssh_create_session() potentially leaks address info

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 0.9.13-incubating
    • Fix Version/s: 0.9.14
    • Component/s: guacamole-server
    • Labels:
      None

      Description

      Coverity identified a memory leak in some recently-changed SSH code in the Guacamole server component.

      *** CID 1311788:  Resource leaks  (RESOURCE_LEAK)
      /src/common-ssh/ssh.c: 460 in guac_common_ssh_create_session()
      454    
      455            /* Get socket */
      456            fd = socket(current_address->ai_family, SOCK_STREAM, 0);
      457            if (fd < 0) {
      458                guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR,
      459                        "Unable to create socket: %s", strerror(errno));
      >>>    CID 1311788:  Resource leaks  (RESOURCE_LEAK)
      >>>    Variable "addresses" going out of scope leaks the storage it points to.
      460                return NULL;
      461            }
      462    
      463            /* Connect */
      464            if (connect(fd, current_address->ai_addr,
      465                            current_address->ai_addrlen) == 0) {
      

        Attachments

          Activity

            People

            • Assignee:
              nick.couchman@yahoo.com Nick Couchman
              Reporter:
              nick.couchman@yahoo.com Nick Couchman
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: