classification
Title: Coverity scan: Resource leaks in longobject.c
Type: Stage: resolved
Components: Interpreter Core Versions: Python 3.8
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: Nosy List: cstratak, mark.dickinson, vstinner
Priority: normal Keywords: patch

Created on 2019-03-14 15:16 by cstratak, last changed 2019-03-18 18:00 by vstinner. This issue is now closed.

Pull Requests
URL Status Linked Edit
PR 12333 merged cstratak, 2019-03-14 15:48
Messages (4)
msg337933 - (view) Author: Charalampos Stratakis (cstratak) * Date: 2019-03-14 15:16
The coverity scan was run on python2, however the same defect seems to exist in python3 as well.

Error: RESOURCE_LEAK (CWE-772): [#def69]
Python-2.7.15/Objects/longobject.c:3793: alloc_fn: Storage is returned from allocation function "_PyLong_New".
Python-2.7.15/Objects/longobject.c:76:5: alloc_fn: Storage is returned from allocation function "PyObject_Malloc".
Python-2.7.15/Objects/obmalloc.c:982:5: alloc_fn: Storage is returned from allocation function "malloc".
Python-2.7.15/Objects/obmalloc.c:982:5: return_alloc_fn: Directly returning storage allocated by "malloc".
Python-2.7.15/Objects/longobject.c:76:5: identity_transfer: Passing "(PyVarObject *)PyObject_Malloc((size_t)(PyLong_Type.tp_basicsize + size * PyLong_Type.tp_itemsize + 7L & 0xfffffffffffffff8L))" as argument 1 to function "PyObject_InitVar", which returns that argument.
Python-2.7.15/Objects/object.c:237:5: return_parm: Returning parameter "op".
Python-2.7.15/Objects/longobject.c:76:5: return_alloc_fn: Directly returning storage allocated by "PyObject_InitVar".
Python-2.7.15/Objects/longobject.c:3793: var_assign: Assigning: "z" = storage returned from "_PyLong_New(size_a)".
Python-2.7.15/Objects/longobject.c:3797: var_assign: Assigning: "a" = "z".
Python-2.7.15/Objects/longobject.c:3847: leaked_storage: Variable "z" going out of scope leaks the storage it points to.
Python-2.7.15/Objects/longobject.c:3847: leaked_storage: Returning without freeing "a" leaks the storage that it points to.
 3845|       default:
 3846|           PyErr_BadArgument();
 3847|->         return NULL;
 3848|       }
 3849|   

Error: RESOURCE_LEAK (CWE-772): [#def70]
Python-2.7.15/Objects/longobject.c:3793: alloc_fn: Storage is returned from allocation function "_PyLong_New".
Python-2.7.15/Objects/longobject.c:76:5: alloc_fn: Storage is returned from allocation function "PyObject_Malloc".
Python-2.7.15/Objects/obmalloc.c:982:5: alloc_fn: Storage is returned from allocation function "malloc".
Python-2.7.15/Objects/obmalloc.c:982:5: return_alloc_fn: Directly returning storage allocated by "malloc".
Python-2.7.15/Objects/longobject.c:76:5: identity_transfer: Passing "(PyVarObject *)PyObject_Malloc((size_t)(PyLong_Type.tp_basicsize + size * PyLong_Type.tp_itemsize + 7L & 0xfffffffffffffff8L))" as argument 1 to function "PyObject_InitVar", which returns that argument.
Python-2.7.15/Objects/object.c:237:5: return_parm: Returning parameter "op".
Python-2.7.15/Objects/longobject.c:76:5: return_alloc_fn: Directly returning storage allocated by "PyObject_InitVar".
Python-2.7.15/Objects/longobject.c:3793: var_assign: Assigning: "z" = storage returned from "_PyLong_New(size_a)".
Python-2.7.15/Objects/longobject.c:3797: var_assign: Assigning: "a" = "z".
Python-2.7.15/Objects/longobject.c:3820: var_assign: Assigning: "z" = "a".
Python-2.7.15/Objects/longobject.c:3820: var_assign: Assigning: "b" = "z".
Python-2.7.15/Objects/longobject.c:3847: leaked_storage: Variable "z" going out of scope leaks the storage it points to.
Python-2.7.15/Objects/longobject.c:3847: leaked_storage: Returning without freeing "b" leaks the storage that it points to.
 3845|       default:
 3846|           PyErr_BadArgument();
 3847|->         return NULL;
 3848|       }
 3849|
msg337944 - (view) Author: Charalampos Stratakis (cstratak) * Date: 2019-03-14 16:13
This code is unreachable. Will mark it as such.
msg338273 - (view) Author: STINNER Victor (vstinner) * (Python committer) Date: 2019-03-18 17:59
New changeset a10d426bab66a4e1f20d5e1b9aee3dbb435cf309 by Victor Stinner (stratakis) in branch 'master':
bpo-36292:  Mark unreachable code as such in long bitwise ops (GH-12333)
https://github.com/python/cpython/commit/a10d426bab66a4e1f20d5e1b9aee3dbb435cf309
msg338274 - (view) Author: STINNER Victor (vstinner) * (Python committer) Date: 2019-03-18 18:00
I hope that the change will satisfy the god of static analyzers :-)

I discussed with Charalampos and we agreed to not backport this change, since it's a false alarm and not a real bug. I close the issue.
History
Date User Action Args
2019-03-18 18:00:25vstinnersetstatus: open -> closed
resolution: fixed
messages: + msg338274

stage: patch review -> resolved
2019-03-18 17:59:34vstinnersetmessages: + msg338273
2019-03-14 16:13:14cstrataksetversions: - Python 2.7, Python 3.7
2019-03-14 16:13:09cstrataksetmessages: + msg337944
2019-03-14 15:48:51cstrataksetkeywords: + patch
stage: patch review
pull_requests: + pull_request12304
2019-03-14 15:24:02vstinnersetnosy: + vstinner
2019-03-14 15:17:42mark.dickinsonsetnosy: + mark.dickinson
2019-03-14 15:16:32cstratakcreate