classification
Title: [2.7] Coverity scan: Modules/_io/bufferedio.c leaked_storage: Variable "data" going out of scope leaks the storage it points to.
Type: Stage: resolved
Components: Extension Modules Versions: Python 2.7
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: Nosy List: cstratak, vstinner
Priority: normal Keywords: patch

Created on 2019-03-14 14:39 by cstratak, last changed 2019-03-14 15:37 by vstinner. This issue is now closed.

Pull Requests
URL Status Linked Edit
PR 12329 merged cstratak, 2019-03-14 14:45
Messages (3)
msg337923 - (view) Author: Charalampos Stratakis (cstratak) * Date: 2019-03-14 14:39
Coverity scan reports this for bufferedio.c :

Error: RESOURCE_LEAK (CWE-772): [#def23]
Python-2.7.15/Modules/_io/bufferedio.c:1353: alloc_fn: Storage is returned from allocation function "PyString_FromStringAndSize".
Python-2.7.15/Objects/stringobject.c:88:5: alloc_fn: Storage is returned from allocation function "PyObject_Malloc".
Python-2.7.15/Objects/obmalloc.c:982:5: alloc_fn: Storage is returned from allocation function "malloc".
Python-2.7.15/Objects/obmalloc.c:982:5: return_alloc_fn: Directly returning storage allocated by "malloc".
Python-2.7.15/Objects/stringobject.c:88:5: var_assign: Assigning: "op" = "PyObject_Malloc(37UL + size)".
Python-2.7.15/Objects/stringobject.c:111:5: return_alloc: Returning allocated memory "op".
Python-2.7.15/Modules/_io/bufferedio.c:1353: var_assign: Assigning: "data" = storage returned from "PyString_FromStringAndSize(self->buffer + self->pos, current_size)".
Python-2.7.15/Modules/_io/bufferedio.c:1366: leaked_storage: Variable "data" going out of scope leaks the storage it points to.
 1364|           if (res == NULL) {
 1365|               Py_DECREF(chunks);
 1366|->             return NULL;
 1367|           }
 1368|           Py_CLEAR(res);
msg337938 - (view) Author: STINNER Victor (vstinner) * (Python committer) Date: 2019-03-14 15:35
New changeset 2dd6e079ae71f3723fbea2582ac080be06a6968f by Victor Stinner (stratakis) in branch '2.7':
[2.7] bpo-36289: Fix a possible reference leak in the io module (GH-12329)
https://github.com/python/cpython/commit/2dd6e079ae71f3723fbea2582ac080be06a6968f
msg337939 - (view) Author: STINNER Victor (vstinner) * (Python committer) Date: 2019-03-14 15:37
Thanks Charalampos, I merged your PR.

Python 3.7 and master are not affected: _bufferedreader_read_all() has been refactored to add a "cleanup" label which clears all local data including the 'data' variable.
History
Date User Action Args
2019-03-14 15:37:29vstinnersetstatus: open -> closed
resolution: fixed
messages: + msg337939

stage: patch review -> resolved
2019-03-14 15:35:44vstinnersetnosy: + vstinner
messages: + msg337938
2019-03-14 14:45:00cstrataksetkeywords: + patch
stage: patch review
pull_requests: + pull_request12300
2019-03-14 14:39:35cstratakcreate