Uploaded image for project: 'Guacamole'
  1. Guacamole
  2. GUACAMOLE-398

guac_common_ssh_create_session() potentially leaks address info

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • 0.9.13-incubating
    • 0.9.14
    • guacamole-server
    • None

    Description

      Coverity identified a memory leak in some recently-changed SSH code in the Guacamole server component.

      *** CID 1311788:  Resource leaks  (RESOURCE_LEAK)
      /src/common-ssh/ssh.c: 460 in guac_common_ssh_create_session()
      454    
      455            /* Get socket */
      456            fd = socket(current_address->ai_family, SOCK_STREAM, 0);
      457            if (fd < 0) {
      458                guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR,
      459                        "Unable to create socket: %s", strerror(errno));
      >>>    CID 1311788:  Resource leaks  (RESOURCE_LEAK)
      >>>    Variable "addresses" going out of scope leaks the storage it points to.
      460                return NULL;
      461            }
      462    
      463            /* Connect */
      464            if (connect(fd, current_address->ai_addr,
      465                            current_address->ai_addrlen) == 0) {
      

      Attachments

        Activity

          People

            vnick Nick Couchman
            vnick Nick Couchman
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: