Bug #6527: cppcheck 2.11 errors - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #6527

closed

cppcheck 2.11 errors

Added by Victor Julien 6 months ago. Updated 2 months ago.

Status:

Closed

Priority:

Normal

Assignee:

Victor Julien

Target version:

8.0.0-beta1

Affected Versions:

Effort:

Difficulty:

Label:

Description

Cppcheck 2.11 (Ubuntu 23.10)

cppcheck --library=posix,gnu --platform=unix64 --enable=warning -q -j 56 -v -f -I . -Ilibhtp --std=c11 --report-progress --error-exitcode=2 -DPR_SET_NAME -USELF_TEST -DHAVE_LIBLZ4 -DHAVE_TPACKET_V3 -DPACKET_STATISTICS -D__BYTE_ORDER=1234 -D__LITTLE_ENDIAN=1234 -DCPPCHECK -DFBLOCK_MUTEX -UFBLOCK_SPIN -DFLOWLOCK_MUTEX -UFLOWLOCK_RWLOCK -DFQLOCK_MUTEX -UFQLOCK_SPIN -DHRLOCK_MUTEX -UHRLOCK_SPIN -DDQLOCK_MUTEX -UDQLOCK_SPIN -DDRLOCK_MUTEX -UDRLOCK_SPIN -DHQLOCK_MUTEX -UHQLOCK_SPIN -UUNITTESTS -UDEBUG -UDEBUG_VALIDATION -U__cplusplus -US_SPLINT_S -URELEASE -UFLOW_DEBUG_STATS -UFLOWBITS_STATS -UQUEUE_MACRO_DEBUG -UPROFILE_LOCKING -UPROFILING -UHAVE_MPIPE -U__tile__ -UHAVE_NAPATECH -UAFLFUZZ_DECODER -UAFLFUZZ_APPLAYER -UAFLFUZZ_RULES -UHELLGRIND -UHELGRIND -U__clang_analyzer__ src/alert-debuglog.c src/alert-fastlog.c src/alert-syslog.c src/app-layer-detect-proto.c src/app-layer-dnp3-objects.c src/app-layer-dnp3.c src/app-layer-enip-common.c src/app-layer-enip.c src/app-layer-events.c src/app-layer-expectation.c src/app-layer-frames.c src/app-layer-ftp.c src/app-layer-htp-body.c src/app-layer-htp-file.c src/app-layer-htp-libhtp.c src/app-layer-htp-mem.c src/app-layer-htp-range.c src/app-layer-htp-xff.c src/app-layer-htp.c src/app-layer-http2.c src/app-layer-ike.c src/app-layer-krb5.c src/app-layer-modbus.c src/app-layer-mqtt.c src/app-layer-nfs-tcp.c src/app-layer-nfs-udp.c src/app-layer-ntp.c src/app-layer-parser.c src/app-layer-protos.c src/app-layer-quic.c src/app-layer-rdp.c src/app-layer-register.c src/app-layer-rfb.c src/app-layer-sip.c src/app-layer-smb.c src/app-layer-smtp.c src/app-layer-snmp.c src/app-layer-ssh.c src/app-layer-ssl.c src/app-layer-tftp.c src/app-layer.c src/conf-yaml-loader.c src/conf.c src/counters.c src/datasets-ipv4.c src/datasets-ipv6.c src/datasets-md5.c src/datasets-sha256.c src/datasets-string.c src/datasets.c src/decode-chdlc.c src/decode-erspan.c src/decode-esp.c src/decode-ethernet.c src/decode-events.c src/decode-geneve.c src/decode-gre.c src/decode-icmpv4.c src/decode-icmpv6.c src/decode-ipv4.c src/decode-ipv6.c src/decode-mpls.c src/decode-nsh.c src/decode-null.c src/decode-ppp.c src/decode-pppoe.c src/decode-raw.c src/decode-sctp.c src/decode-sll.c src/decode-tcp.c src/decode-template.c src/decode-teredo.c src/decode-udp.c src/decode-vlan.c src/decode-vntag.c src/decode-vxlan.c src/decode.c src/defrag-config.c src/defrag-hash.c src/defrag-queue.c src/defrag-timeout.c src/defrag.c src/detect-app-layer-event.c src/detect-app-layer-protocol.c src/detect-asn1.c src/detect-base64-data.c src/detect-base64-decode.c src/detect-bsize.c src/detect-bypass.c src/detect-byte-extract.c src/detect-byte.c src/detect-bytejump.c src/detect-bytemath.c src/detect-bytetest.c src/detect-cipservice.c src/detect-classtype.c src/detect-config.c src/detect-content.c src/detect-csum.c src/detect-datarep.c src/detect-dataset.c src/detect-dce-iface.c src/detect-dce-opnum.c src/detect-dce-stub-data.c src/detect-depth.c src/detect-detection-filter.c src/detect-dhcp-leasetime.c src/detect-dhcp-rebinding-time.c src/detect-dhcp-renewal-time.c src/detect-distance.c src/detect-dnp3.c src/detect-dns-opcode.c src/detect-dns-query.c src/detect-dsize.c src/detect-engine-address-ipv4.c src/detect-engine-address-ipv6.c src/detect-engine-address.c src/detect-engine-alert.c src/detect-engine-analyzer.c src/detect-engine-build.c src/detect-engine-content-inspection.c src/detect-engine-dcepayload.c src/detect-engine-enip.c src/detect-engine-event.c src/detect-engine-file.c src/detect-engine-frame.c src/detect-engine-iponly.c src/detect-engine-loader.c src/detect-engine-mpm.c src/detect-engine-payload.c src/detect-engine-port.c src/detect-engine-prefilter-common.c src/detect-engine-prefilter.c src/detect-engine-profile.c src/detect-engine-proto.c src/detect-engine-register.c src/detect-engine-siggroup.c src/detect-engine-sigorder.c src/detect-engine-state.c src/detect-engine-tag.c src/detect-engine-threshold.c src/detect-engine-uint.c src/detect-engine.c src/detect-fast-pattern.c src/detect-file-data.c src/detect-file-hash-common.c src/detect-filemagic.c src/detect-filemd5.c src/detect-filename.c src/detect-filesha1.c src/detect-filesha256.c src/detect-filesize.c src/detect-filestore.c src/detect-flow-age.c src/detect-flow-pkts.c src/detect-flow.c src/detect-flowbits.c src/detect-flowint.c src/detect-flowvar.c src/detect-fragbits.c src/detect-fragoffset.c src/detect-frame.c src/detect-ftpbounce.c src/detect-ftpdata.c src/detect-geoip.c src/detect-gid.c src/detect-hostbits.c src/detect-http-accept-enc.c src/detect-http-accept-lang.c src/detect-http-accept.c src/detect-http-client-body.c src/detect-http-connection.c src/detect-http-content-len.c src/detect-http-content-type.c src/detect-http-cookie.c src/detect-http-header-common.c src/detect-http-header-names.c src/detect-http-header.c src/detect-http-headers.c src/detect-http-host.c src/detect-http-location.c src/detect-http-method.c src/detect-http-protocol.c src/detect-http-raw-header.c src/detect-http-referer.c src/detect-http-request-line.c src/detect-http-response-line.c src/detect-http-server-body.c src/detect-http-server.c src/detect-http-start.c src/detect-http-stat-code.c src/detect-http-stat-msg.c src/detect-http-ua.c src/detect-http-uri.c src/detect-http2.c src/detect-icmp-id.c src/detect-icmp-seq.c src/detect-icmpv4hdr.c src/detect-icmpv6-mtu.c src/detect-icmpv6hdr.c src/detect-icode.c src/detect-id.c src/detect-ike-chosen-sa.c src/detect-ike-exch-type.c src/detect-ike-key-exchange-payload-length.c src/detect-ike-key-exchange-payload.c src/detect-ike-nonce-payload-length.c src/detect-ike-nonce-payload.c src/detect-ike-spi.c src/detect-ike-vendor.c src/detect-ipaddr.c src/detect-ipopts.c src/detect-ipproto.c src/detect-iprep.c src/detect-ipv4hdr.c src/detect-ipv6hdr.c src/detect-isdataat.c src/detect-itype.c src/detect-krb5-cname.c src/detect-krb5-errcode.c src/detect-krb5-msgtype.c src/detect-krb5-sname.c src/detect-krb5-ticket-encryption.c src/detect-l3proto.c src/detect-lua-extensions.c src/detect-lua.c src/detect-mark.c src/detect-metadata.c src/detect-modbus.c src/detect-mqtt-connack-sessionpresent.c src/detect-mqtt-connect-clientid.c src/detect-mqtt-connect-flags.c src/detect-mqtt-connect-password.c src/detect-mqtt-connect-username.c src/detect-mqtt-connect-willmessage.c src/detect-mqtt-connect-willtopic.c src/detect-mqtt-flags.c src/detect-mqtt-protocol-version.c src/detect-mqtt-publish-message.c src/detect-mqtt-publish-topic.c src/detect-mqtt-qos.c src/detect-mqtt-reason-code.c src/detect-mqtt-subscribe-topic.c src/detect-mqtt-type.c src/detect-mqtt-unsubscribe-topic.c src/detect-msg.c src/detect-nfs-procedure.c src/detect-nfs-version.c src/detect-noalert.c src/detect-nocase.c src/detect-offset.c src/detect-parse.c src/detect-pcre.c src/detect-pkt-data.c src/detect-pktvar.c src/detect-prefilter.c src/detect-priority.c src/detect-quic-cyu-hash.c src/detect-quic-cyu-string.c src/detect-quic-sni.c src/detect-quic-ua.c src/detect-quic-version.c src/detect-rawbytes.c src/detect-reference.c src/detect-replace.c src/detect-rev.c src/detect-rfb-name.c src/detect-rfb-secresult.c src/detect-rfb-sectype.c src/detect-rpc.c src/detect-sameip.c src/detect-sid.c src/detect-sip-method.c src/detect-sip-protocol.c src/detect-sip-request-line.c src/detect-sip-response-line.c src/detect-sip-stat-code.c src/detect-sip-stat-msg.c src/detect-sip-uri.c src/detect-smb-ntlmssp.c src/detect-smb-share.c src/detect-snmp-community.c src/detect-snmp-pdu_type.c src/detect-snmp-usm.c src/detect-snmp-version.c src/detect-ssh-hassh-server-string.c src/detect-ssh-hassh-server.c src/detect-ssh-hassh-string.c src/detect-ssh-hassh.c src/detect-ssh-proto-version.c src/detect-ssh-proto.c src/detect-ssh-software-version.c src/detect-ssh-software.c src/detect-ssl-state.c src/detect-ssl-version.c src/detect-stream_size.c src/detect-tag.c src/detect-target.c src/detect-tcp-ack.c src/detect-tcp-flags.c src/detect-tcp-seq.c src/detect-tcp-window.c src/detect-tcphdr.c src/detect-tcpmss.c src/detect-template-rust-buffer.c src/detect-template.c src/detect-template2.c src/detect-threshold.c src/detect-tls-cert-fingerprint.c src/detect-tls-cert-issuer.c src/detect-tls-cert-serial.c src/detect-tls-cert-subject.c src/detect-tls-cert-validity.c src/detect-tls-certs.c src/detect-tls-ja3-hash.c src/detect-tls-ja3-string.c src/detect-tls-ja3s-hash.c src/detect-tls-ja3s-string.c src/detect-tls-random.c src/detect-tls-sni.c src/detect-tls-version.c src/detect-tls.c src/detect-tos.c src/detect-transform-casechange.c src/detect-transform-compress-whitespace.c src/detect-transform-dotprefix.c src/detect-transform-md5.c src/detect-transform-pcrexform.c src/detect-transform-sha1.c src/detect-transform-sha256.c src/detect-transform-strip-whitespace.c src/detect-transform-urldecode.c src/detect-transform-xor.c src/detect-ttl.c src/detect-udphdr.c src/detect-uricontent.c src/detect-urilen.c src/detect-within.c src/detect-xbits.c src/detect.c src/device-storage.c src/feature.c src/flow-bit.c src/flow-bypass.c src/flow-hash.c src/flow-manager.c src/flow-queue.c src/flow-spare-pool.c src/flow-storage.c src/flow-timeout.c src/flow-util.c src/flow-var.c src/flow-worker.c src/flow.c src/host-bit.c src/host-queue.c src/host-storage.c src/host-timeout.c src/host.c src/ippair-bit.c src/ippair-queue.c src/ippair-storage.c src/ippair-timeout.c src/ippair.c src/log-cf-common.c src/log-httplog.c src/log-pcap.c src/log-stats.c src/log-tcp-data.c src/log-tlslog.c src/log-tlsstore.c src/main.c src/output-eve-null.c src/output-eve-stream.c src/output-eve-syslog.c src/output-file.c src/output-filedata.c src/output-filestore.c src/output-flow.c src/output-json-alert.c src/output-json-anomaly.c src/output-json-bittorrent-dht.c src/output-json-common.c src/output-json-dcerpc.c src/output-json-dhcp.c src/output-json-dnp3-objects.c src/output-json-dnp3.c src/output-json-dns.c src/output-json-drop.c src/output-json-email-common.c src/output-json-file.c src/output-json-flow.c src/output-json-frame.c src/output-json-ftp.c src/output-json-http.c src/output-json-http2.c src/output-json-ike.c src/output-json-krb5.c src/output-json-metadata.c src/output-json-modbus.c src/output-json-mqtt.c src/output-json-netflow.c src/output-json-nfs.c src/output-json-pgsql.c src/output-json-quic.c src/output-json-rdp.c src/output-json-rfb.c src/output-json-sip.c src/output-json-smb.c src/output-json-smtp.c src/output-json-snmp.c src/output-json-ssh.c src/output-json-stats.c src/output-json-template.c src/output-json-tftp.c src/output-json-tls.c src/output-json.c src/output-lua.c src/output-packet.c src/output-stats.c src/output-streaming.c src/output-tx.c src/output.c src/packet-queue.c src/packet.c src/pkt-var.c src/reputation.c src/respond-reject-libnet11.c src/respond-reject.c src/runmode-af-packet.c src/runmode-af-xdp.c src/runmode-dpdk.c src/runmode-erf-dag.c src/runmode-erf-file.c src/runmode-ipfw.c src/runmode-napatech.c src/runmode-netmap.c src/runmode-nflog.c src/runmode-nfq.c src/runmode-pcap-file.c src/runmode-pcap.c src/runmode-pfring.c src/runmode-unittests.c src/runmode-unix-socket.c src/runmode-windivert.c src/runmodes.c src/rust-context.c src/source-af-packet.c src/source-af-xdp.c src/source-dpdk.c src/source-erf-dag.c src/source-erf-file.c src/source-ipfw.c src/source-napatech.c src/source-netmap.c src/source-nflog.c src/source-nfq.c src/source-pcap-file-directory-helper.c src/source-pcap-file-helper.c src/source-pcap-file.c src/source-pcap.c src/source-pfring.c src/source-windivert.c src/stream-tcp-cache.c src/stream-tcp-inline.c src/stream-tcp-list.c src/stream-tcp-reassemble.c src/stream-tcp-sack.c src/stream-tcp-util.c src/stream-tcp.c src/stream.c src/suricata.c src/threads.c src/tm-modules.c src/tm-queuehandlers.c src/tm-queues.c src/tm-threads.c src/tmqh-flow.c src/tmqh-packetpool.c src/tmqh-simple.c src/unix-manager.c src/util-action.c src/util-affinity.c src/util-atomic.c src/util-base64.c src/util-bloomfilter-counting.c src/util-bloomfilter.c src/util-bpf.c src/util-buffer.c src/util-byte.c src/util-checksum.c src/util-cidr.c src/util-classification-config.c src/util-conf.c src/util-coredump-config.c src/util-cpu.c src/util-daemon.c src/util-datalink.c src/util-debug-filters.c src/util-debug.c src/util-decode-mime.c src/util-detect.c src/util-device.c src/util-dpdk-bonding.c src/util-dpdk-i40e.c src/util-dpdk-ice.c src/util-dpdk-ixgbe.c src/util-dpdk.c src/util-ebpf.c src/util-enum.c src/util-error.c src/util-exception-policy.c src/util-file-decompression.c src/util-file-swf-decompression.c src/util-file.c src/util-fix_checksum.c src/util-fmemopen.c src/util-hash-lookup3.c src/util-hash-string.c src/util-hash.c src/util-hashlist.c src/util-host-info.c src/util-host-os-info.c src/util-hyperscan.c src/util-ioctl.c src/util-ip.c src/util-ja3.c src/util-landlock.c src/util-log-redis.c src/util-logopenfile.c src/util-lua-common.c src/util-lua-dnp3-objects.c src/util-lua-dnp3.c src/util-lua-dns.c src/util-lua-hassh.c src/util-lua-http.c src/util-lua-ja3.c src/util-lua-smtp.c src/util-lua-ssh.c src/util-lua-tls.c src/util-lua.c src/util-luajit.c src/util-macset.c src/util-magic.c src/util-mem.c src/util-memcmp.c src/util-memrchr.c src/util-misc.c src/util-mpm-ac-bs.c src/util-mpm-ac-ks-small.c src/util-mpm-ac-ks.c src/util-mpm-ac.c src/util-mpm-hs.c src/util-mpm.c src/util-napatech.c src/util-pages.c src/util-path.c src/util-pidfile.c src/util-plugin.c src/util-pool-thread.c src/util-pool.c src/util-prefilter.c src/util-print.c src/util-privs.c src/util-profiling-keywords.c src/util-profiling-locks.c src/util-profiling-prefilter.c src/util-profiling-rulegroups.c src/util-profiling-rules.c src/util-profiling.c src/util-proto-name.c src/util-radix-tree.c src/util-random.c src/util-reference-config.c src/util-rohash.c src/util-rule-vars.c src/util-runmodes.c src/util-running-modes.c src/util-signal.c src/util-spm-bm.c src/util-spm-bs.c src/util-spm-bs2bm.c src/util-spm-hs.c src/util-spm.c src/util-storage.c src/util-streaming-buffer.c src/util-strlcatu.c src/util-strlcpyu.c src/util-strptime.c src/util-sysfs.c src/util-syslog.c src/util-thash.c src/util-threshold-config.c src/util-time.c src/util-unittest-helper.c src/util-unittest.c src/util-var-name.c src/util-var.c src/win32-misc.c src/win32-service.c src/win32-syscall.c

Results:

src/detect-engine-address.c:1381:5: error: Memory leak: map.string [memleak]
    return 0;
    ^
src/util-streaming-buffer.c:863:13: error: The deallocation of an auto-variable (.) results in undefined behaviour. You should only free memory that has been allocated dynamically. [autovarInvalidDeallocation]
            FREE(cfg, to_shift, sizeof(*to_shift));
            ^
src/util-streaming-buffer.c:846:20: note: Address of variable taken here.
        to_shift = &sb->region;
                   ^
src/util-streaming-buffer.c:863:13: note: Deallocating memory that was not dynamically allocated
            FREE(cfg, to_shift, sizeof(*to_shift));
            ^
src/util-strptime.c:379:7: error: syntax error: 1 = [syntaxError]
    tm->TM_GMTOFF = 0;
      ^
src/util-strptime.c:382:7: error: syntax error: 1 = [syntaxError]
    tm->TM_ZONE = gmt;
      ^

Subtasks 1 (0 open — 1 closed)

Actions

Copy link

Updated by Victor Julien 6 months ago

        to_shift = &sb->region;
        SCLogDebug("shift start region %p", to_shift);
    }

    // this region is main, or will xfer its buffer to main
    if (to_shift) {
        SCLogDebug("main: offset %" PRIu64 " buf %p size %u offset %u", to_shift->stream_offset,
                to_shift->buf, to_shift->buf_size, to_shift->buf_offset);
        if (to_shift != &sb->region) {
            DEBUG_VALIDATE_BUG_ON(sb->region.buf != NULL);

            sb->region.buf = to_shift->buf;
            sb->region.stream_offset = to_shift->stream_offset;
            sb->region.buf_offset = to_shift->buf_offset;
            sb->region.buf_size = to_shift->buf_size;
            sb->region.next = to_shift->next;

            FREE(cfg, to_shift, sizeof(*to_shift));

Appears to be an FP as we explicitly check for to_shift != &sb->region.

Actions

Copy link

Updated by Jeff Lucovsky 6 months ago

Status changed from New to In Progress
Assignee changed from OISF Dev to Jeff Lucovsky

Actions

Copy link

Updated by Victor Julien 6 months ago

Quick and dirty workarounds

diff --git a/src/detect-engine-address.c b/src/detect-engine-address.c
index ac10e142d..8f0d2456c 100644
--- a/src/detect-engine-address.c
+++ b/src/detect-engine-address.c
@@ -1377,7 +1377,12 @@ static int DetectAddressMapAdd(DetectEngineCtx *de_ctx, const char *string,
     map->address = address;
     map->contains_negation = contains_negation;

-    BUG_ON(HashListTableAdd(de_ctx->address_table, (void *)map, 0) != 0);
+    int r = HashListTableAdd(de_ctx->address_table, map, 0);
+    if (r != 0) {
+       SCFree(map->string);
+       SCFree(map);
+       return -1;
+    }
     return 0;
 }

diff --git a/src/util-streaming-buffer.c b/src/util-streaming-buffer.c
index 7608b5082..7b9b7e700 100644
--- a/src/util-streaming-buffer.c
+++ b/src/util-streaming-buffer.c
@@ -842,6 +842,28 @@ static inline void StreamingBufferSlideToOffsetWithRegions(
             r = next;
         }
         SCLogDebug("to_shift %p", to_shift);
+
+       // this region is main, or will xfer its buffer to main
+       if (to_shift) {
+               SCLogDebug("main: offset %" PRIu64 " buf %p size %u offset %u", to_shift->stream_offset,
+                               to_shift->buf, to_shift->buf_size, to_shift->buf_offset);
+               if (to_shift != &sb->region) {
+                       DEBUG_VALIDATE_BUG_ON(sb->region.buf != NULL);
+
+                       sb->region.buf = to_shift->buf;
+                       sb->region.stream_offset = to_shift->stream_offset;
+                       sb->region.buf_offset = to_shift->buf_offset;
+                       sb->region.buf_size = to_shift->buf_size;
+                       sb->region.next = to_shift->next;
+
+                       assert(to_shift != &sb->region);
+                       FREE(cfg, to_shift, sizeof(*to_shift));
+                       to_shift = &sb->region;
+                       sb->regions--;
+                       DEBUG_VALIDATE_BUG_ON(sb->regions == 0);
+               }
+       }
+
     } else {
         to_shift = &sb->region;
         SCLogDebug("shift start region %p", to_shift);
@@ -849,23 +871,6 @@ static inline void StreamingBufferSlideToOffsetWithRegions(

     // this region is main, or will xfer its buffer to main
     if (to_shift) {
-        SCLogDebug("main: offset %" PRIu64 " buf %p size %u offset %u", to_shift->stream_offset,
-                to_shift->buf, to_shift->buf_size, to_shift->buf_offset);
-        if (to_shift != &sb->region) {
-            DEBUG_VALIDATE_BUG_ON(sb->region.buf != NULL);
-
-            sb->region.buf = to_shift->buf;
-            sb->region.stream_offset = to_shift->stream_offset;
-            sb->region.buf_offset = to_shift->buf_offset;
-            sb->region.buf_size = to_shift->buf_size;
-            sb->region.next = to_shift->next;
-
-            FREE(cfg, to_shift, sizeof(*to_shift));
-            to_shift = &sb->region;
-            sb->regions--;
-            DEBUG_VALIDATE_BUG_ON(sb->regions == 0);
-        }
-
         // Do the shift. If new region is exactly at the slide offset we can skip this.
         DEBUG_VALIDATE_BUG_ON(to_shift->stream_offset > slide_offset);
         const uint32_t s = slide_offset - to_shift->stream_offset;

Plus adding -UTM_GMTOFF -UTM_ZONE to the cppcheck commandline

cppcheck --library=posix,gnu --platform=unix64 --enable=warning     -q -j 16 -v -f     -I . -Ilibhtp     --std=c11 --report-progress --error-exitcode=2         -DPR_SET_NAME -USELF_TEST -DHAVE_LIBLZ4     -DHAVE_TPACKET_V3 -DPACKET_STATISTICS         -D__BYTE_ORDER=1234 -D__LITTLE_ENDIAN=1234     -DCPPCHECK     -DFBLOCK_MUTEX -UFBLOCK_SPIN     -DFLOWLOCK_MUTEX -UFLOWLOCK_RWLOCK     -DFQLOCK_MUTEX -UFQLOCK_SPIN     -DHRLOCK_MUTEX -UHRLOCK_SPIN     -DDQLOCK_MUTEX -UDQLOCK_SPIN     -DDRLOCK_MUTEX -UDRLOCK_SPIN     -DHQLOCK_MUTEX -UHQLOCK_SPIN     -UUNITTESTS -UDEBUG -UDEBUG_VALIDATION     -U__cplusplus -US_SPLINT_S -URELEASE     -UFLOW_DEBUG_STATS -UFLOWBITS_STATS -UQUEUE_MACRO_DEBUG     -UPROFILE_LOCKING -UPROFILING     -UHAVE_MPIPE -U__tile__ -UHAVE_NAPATECH     -UAFLFUZZ_DECODER -UAFLFUZZ_APPLAYER -UAFLFUZZ_RULES     -UHELLGRIND -UHELGRIND -U__clang_analyzer__ -UTM_GMTOFF -UTM_ZONE    src/*.c

Actions

Copy link

Updated by Jeff Lucovsky 6 months ago

Status changed from In Progress to In Review

https://github.com/OISF/suricata/pull/9849

Actions

Copy link

Updated by Jeff Lucovsky 3 months ago

Status changed from In Review to Closed

Merged in https://github.com/OISF/suricata/pull/10043

Actions

Copy link

Updated by Victor Julien 3 months ago

Status changed from Closed to Assigned

Still seeing a few issues:

# cppcheck --library=posix,gnu --platform=unix64 --enable=warning     -q -j 8 -v -f     -I . -Ilibhtp     --std=c11 --report-progress --error-exitcode=2         -DPR_SET_NAME -USELF_TEST -DHAVE_LIBLZ4     -DHAVE_TPACKET_V3 -DPACKET_STATISTICS         -D__BYTE_ORDER=1234 -D__LITTLE_ENDIAN=1234     -DCPPCHECK     -DFBLOCK_MUTEX -UFBLOCK_SPIN     -DFLOWLOCK_MUTEX -UFLOWLOCK_RWLOCK     -DFQLOCK_MUTEX -UFQLOCK_SPIN     -DHRLOCK_MUTEX -UHRLOCK_SPIN     -DDQLOCK_MUTEX -UDQLOCK_SPIN     -DDRLOCK_MUTEX -UDRLOCK_SPIN     -DHQLOCK_MUTEX -UHQLOCK_SPIN     -UUNITTESTS -UDEBUG -UDEBUG_VALIDATION     -U__cplusplus -US_SPLINT_S -URELEASE     -UFLOW_DEBUG_STATS -UFLOWBITS_STATS -UQUEUE_MACRO_DEBUG     -UPROFILE_LOCKING -UPROFILING     -UHAVE_MPIPE -U__tile__ -UHAVE_NAPATECH     -UAFLFUZZ_DECODER -UAFLFUZZ_APPLAYER -UAFLFUZZ_RULES     -UHELLGRIND -UHELGRIND -U__clang_analyzer__ -UTM_GMTOFF -UTM_ZONE    src/*.c
src/detect-engine-address.c:1386:5: error: Memory leak: map.string [memleak]
    return true;
    ^
src/detect-parse.c:1544:9: error: Memory leak: sig.init_data [memleak]
        SCFree(sig);
        ^

Actions

Copy link

Updated by Victor Julien 3 months ago

Assignee changed from Jeff Lucovsky to Victor Julien

Actions

Copy link

Updated by Victor Julien 3 months ago

Label Needs backport to 7.0 added

main-7.0.x

src/detect-engine-address.c:1381:5: error: Memory leak: map.string [memleak]
    return 0;
    ^
src/util-streaming-buffer.c:863:13: error: The deallocation of an auto-variable (.) results in undefined behaviour. You should only free memory that has been allocated dynamically. [autovarInvalidDeallocation]
            FREE(cfg, to_shift, sizeof(*to_shift));
            ^
src/util-streaming-buffer.c:846:20: note: Address of variable taken here.
        to_shift = &sb->region;
                   ^
src/util-streaming-buffer.c:863:13: note: Deallocating memory that was not dynamically allocated
            FREE(cfg, to_shift, sizeof(*to_shift));
            ^

Actions

Copy link