[PATCH uclient 04/12] uclient-http: fix freeing of stack allocated memory

Petr Štetiar ynezz at true.cz
Thu Dec 10 10:47:51 EST 2020


Fixes following issue reported by clang-12 static analyzer:

 uclient-http.c:568:2: warning: Memory allocated by alloca() should not be deallocated [unix.Malloc]
         free(buf_orig);
         ^~~~~~~~~~~~~~

Signed-off-by: Petr Štetiar <ynezz at true.cz>
---
 uclient-http.c | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/uclient-http.c b/uclient-http.c
index 279669620ebe..7eb469221d7f 100644
--- a/uclient-http.c
+++ b/uclient-http.c
@@ -441,7 +441,7 @@ uclient_http_add_auth_digest(struct uclient_http *uh)
 	struct uclient_url *url = uh->uc.url;
 	const char *realm = NULL, *opaque = NULL;
 	const char *user, *password;
-	char *buf, *next, *buf_orig;
+	char *buf, *next;
 	int len, ofs;
 	int err = 0;
 
@@ -471,7 +471,7 @@ uclient_http_add_auth_digest(struct uclient_http *uh)
 	strcpy(buf, uh->auth_str);
 
 	/* skip auth type */
-	buf_orig = strsep(&buf, " ");
+	strsep(&buf, " ");
 
 	next = buf;
 	while (*next) {
@@ -507,7 +507,7 @@ uclient_http_add_auth_digest(struct uclient_http *uh)
 
 	if (!realm || !data.qop || !data.nonce) {
 		err = -EINVAL;
-		goto fail_buf;
+		goto fail;
 	}
 
 	sprintf(nc_str, "%08x", uh->nc++);
@@ -524,13 +524,13 @@ uclient_http_add_auth_digest(struct uclient_http *uh)
 		len = password - url->auth;
 		if (len > 256) {
 			err = -EINVAL;
-			goto fail_buf;
+			goto fail;
 		}
 
 		user_buf = alloca(len + 1);
 		if (!user_buf) {
 			err = -ENOMEM;
-			goto fail_buf;
+			goto fail;
 		}
 
 		strncpy(user_buf, url->auth, len);
@@ -564,8 +564,6 @@ uclient_http_add_auth_digest(struct uclient_http *uh)
 
 	return 0;
 
-fail_buf:
-	free(buf_orig);
 fail:
 	return err;
 }



More information about the openwrt-devel mailing list