Coverity: Resource leak

ejohnstown · ejohnstown · commit 1f7957bef868 · 2025-07-11T11:10:15.000-07:00
1. Fix some resource leaks during error conditions where a socket or a
   file descriptor doesn't get closed in all error cases.
Fixes CIDs:
  572856 572902 573012 573019 573021 573076
diff --git a/apps/wolfsshd/wolfsshd.c b/apps/wolfsshd/wolfsshd.c
@@ -245,6 +245,8 @@ static byte* getBufferFromFile(const char* fileName, word32* bufSz, void* heap)
     word32 fileSz;
     word32 readSz;
 
+    WOLFSSH_UNUSED(heap);
+
     if (fileName == NULL) return NULL;
 
     if (WFOPEN(NULL, &file, fileName, "rb") != 0)
@@ -263,10 +265,9 @@ static byte* getBufferFromFile(const char* fileName, word32* bufSz, void* heap)
         }
         if (bufSz)
             *bufSz = readSz;
-        WFCLOSE(NULL, file);
     }
+    WFCLOSE(NULL, file);
 
-    (void)heap;
     return buf;
 }
 #endif /* NO_FILESYSTEM */
diff --git a/src/wolfsftp.c b/src/wolfsftp.c
@@ -2111,29 +2111,37 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
             WLOG(WS_LOG_SFTP, "Unable to store handle");
             res = ier;
             if (wolfSSH_SFTP_CreateStatus(ssh, WOLFSSH_FTP_FAILURE, reqId, res,
-                "English", NULL, &outSz) != WS_SIZE_ONLY) {
+                    "English", NULL, &outSz) != WS_SIZE_ONLY) {
+                WCLOSE(ssh->fs, fd);
                 return WS_FATAL_ERROR;
             }
             ret = WS_FATAL_ERROR;
         }
     }
 #endif
 
-    /* create packet */
-    out = (byte*)WMALLOC(outSz, ssh->ctx->heap, DYNTYPE_BUFFER);
-    if (out == NULL) {
-        return WS_MEMORY_E;
+    if (ret == WS_SUCCESS) {
+        /* create packet */
+        out = (byte*)WMALLOC(outSz, ssh->ctx->heap, DYNTYPE_BUFFER);
+        if (out == NULL) {
+            WCLOSE(ssh->fs, fd);
+            return WS_MEMORY_E;
+        }
     }
     if (ret == WS_SUCCESS) {
         if (SFTP_CreatePacket(ssh, WOLFSSH_FTP_HANDLE, out, outSz,
             (byte*)&fd, sizeof(WFD)) != WS_SUCCESS) {
+            WCLOSE(ssh->fs, fd);
             return WS_FATAL_ERROR;
         }
     }
     else {
         if (wolfSSH_SFTP_CreateStatus(ssh, WOLFSSH_FTP_FAILURE, reqId, res,
                 "English", out, &outSz) != WS_SUCCESS) {
             WFREE(out, ssh->ctx->heap, DYNTYPE_BUFFER);
+            if (fd >= 0) {
+                WCLOSE(ssh->fs, fd);
+            }
             return WS_FATAL_ERROR;
         }
     }
diff --git a/tests/api.c b/tests/api.c
@@ -927,8 +927,17 @@ static void sftp_client_connect(WOLFSSH_CTX** ctx, WOLFSSH** ssh, int port)
 
     build_addr(&clientAddr, host, port);
     tcp_socket(&sockFd, ((struct sockaddr_in *)&clientAddr)->sin_family);
+    if (sockFd < 0) {
+        wolfSSH_free(*ssh);
+        wolfSSH_CTX_free(*ctx);
+        *ctx = NULL;
+        *ssh = NULL;
+        return;
+    }
+
     ret = connect(sockFd, (const struct sockaddr *)&clientAddr, clientAddrSz);
     if (ret != 0){
+        WCLOSESOCKET(sockFd);
         wolfSSH_free(*ssh);
         wolfSSH_CTX_free(*ctx);
         *ctx = NULL;
@@ -945,6 +954,7 @@ static void sftp_client_connect(WOLFSSH_CTX** ctx, WOLFSSH** ssh, int port)
         ret = wolfSSH_SFTP_connect(*ssh);
 
     if (ret != WS_SUCCESS){
+        WCLOSESOCKET(sockFd);
         wolfSSH_free(*ssh);
         wolfSSH_CTX_free(*ctx);
         *ctx = NULL;
@@ -1611,8 +1621,17 @@ static void keyboard_client_connect(WOLFSSH_CTX** ctx, WOLFSSH** ssh, int port)
 
     build_addr(&clientAddr, host, port);
     tcp_socket(&sockFd, ((struct sockaddr_in *)&clientAddr)->sin_family);
+    if (sockFd < 0) {
+        wolfSSH_free(*ssh);
+        wolfSSH_CTX_free(*ctx);
+        *ctx = NULL;
+        *ssh = NULL;
+        return;
+    }
+
     ret = connect(sockFd, (const struct sockaddr *)&clientAddr, clientAddrSz);
     if (ret != 0){
+        WCLOSESOCKET(sockFd);
         wolfSSH_free(*ssh);
         wolfSSH_CTX_free(*ctx);
         *ctx = NULL;
@@ -1628,6 +1647,7 @@ static void keyboard_client_connect(WOLFSSH_CTX** ctx, WOLFSSH** ssh, int port)
         ret = wolfSSH_connect(*ssh);
 
     if (ret != WS_SUCCESS){
+        WCLOSESOCKET(sockFd);
         wolfSSH_free(*ssh);
         wolfSSH_CTX_free(*ctx);
         *ctx = NULL;
diff --git a/tests/auth.c b/tests/auth.c
@@ -443,6 +443,7 @@ static int basic_client_connect(WOLFSSH_CTX** ctx, WOLFSSH** ssh, int port)
         wolfSSH_CTX_free(*ctx);
         *ctx = NULL;
         *ssh = NULL;
+        WCLOSESOCKET(sockFd);
         return ret;
     }
 

Original file line number	Diff line number	Diff line change
`@@ -245,6 +245,8 @@ static byte* getBufferFromFile(const char* fileName, word32* bufSz, void* heap)`
`245`	`245`	`word32 fileSz;`
`246`	`246`	`word32 readSz;`
`247`	`247`
	`248`	`+ WOLFSSH_UNUSED(heap);`
	`249`	`+`
`248`	`250`	`if (fileName == NULL) return NULL;`
`249`	`251`
`250`	`252`	`if (WFOPEN(NULL, &file, fileName, "rb") != 0)`
`@@ -263,10 +265,9 @@ static byte* getBufferFromFile(const char* fileName, word32* bufSz, void* heap)`
`263`	`265`	`}`
`264`	`266`	`if (bufSz)`
`265`	`267`	`*bufSz = readSz;`
`266`		`- WFCLOSE(NULL, file);`
`267`	`268`	`}`
	`269`	`+ WFCLOSE(NULL, file);`
`268`	`270`
`269`		`- (void)heap;`
`270`	`271`	`return buf;`
`271`	`272`	`}`
`272`	`273`	`#endif /* NO_FILESYSTEM */`
Original file line number	Diff line number	Diff line change
`@@ -2111,29 +2111,37 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)`
`2111`	`2111`	`WLOG(WS_LOG_SFTP, "Unable to store handle");`
`2112`	`2112`	`res = ier;`
`2113`	`2113`	`if (wolfSSH_SFTP_CreateStatus(ssh, WOLFSSH_FTP_FAILURE, reqId, res,`
`2114`		`- "English", NULL, &outSz) != WS_SIZE_ONLY) {`
	`2114`	`+ "English", NULL, &outSz) != WS_SIZE_ONLY) {`
	`2115`	`+ WCLOSE(ssh->fs, fd);`
`2115`	`2116`	`return WS_FATAL_ERROR;`
`2116`	`2117`	`}`
`2117`	`2118`	`ret = WS_FATAL_ERROR;`
`2118`	`2119`	`}`
`2119`	`2120`	`}`
`2120`	`2121`	`#endif`
`2121`	`2122`
`2122`		`- /* create packet */`
`2123`		`- out = (byte*)WMALLOC(outSz, ssh->ctx->heap, DYNTYPE_BUFFER);`
`2124`		`- if (out == NULL) {`
`2125`		`- return WS_MEMORY_E;`
	`2123`	`+ if (ret == WS_SUCCESS) {`
	`2124`	`+ /* create packet */`
	`2125`	`+ out = (byte*)WMALLOC(outSz, ssh->ctx->heap, DYNTYPE_BUFFER);`
	`2126`	`+ if (out == NULL) {`
	`2127`	`+ WCLOSE(ssh->fs, fd);`
	`2128`	`+ return WS_MEMORY_E;`
	`2129`	`+ }`
`2126`	`2130`	`}`
`2127`	`2131`	`if (ret == WS_SUCCESS) {`
`2128`	`2132`	`if (SFTP_CreatePacket(ssh, WOLFSSH_FTP_HANDLE, out, outSz,`
`2129`	`2133`	`(byte*)&fd, sizeof(WFD)) != WS_SUCCESS) {`
	`2134`	`+ WCLOSE(ssh->fs, fd);`
`2130`	`2135`	`return WS_FATAL_ERROR;`
`2131`	`2136`	`}`
`2132`	`2137`	`}`
`2133`	`2138`	`else {`
`2134`	`2139`	`if (wolfSSH_SFTP_CreateStatus(ssh, WOLFSSH_FTP_FAILURE, reqId, res,`
`2135`	`2140`	`"English", out, &outSz) != WS_SUCCESS) {`
`2136`	`2141`	`WFREE(out, ssh->ctx->heap, DYNTYPE_BUFFER);`
	`2142`	`+ if (fd >= 0) {`
	`2143`	`+ WCLOSE(ssh->fs, fd);`
	`2144`	`+ }`
`2137`	`2145`	`return WS_FATAL_ERROR;`
`2138`	`2146`	`}`
`2139`	`2147`	`}`
Original file line number	Diff line number	Diff line change
`@@ -443,6 +443,7 @@ static int basic_client_connect(WOLFSSH_CTX ctx, WOLFSSH ssh, int port)`
`443`	`443`	`wolfSSH_CTX_free(*ctx);`
`444`	`444`	`*ctx = NULL;`
`445`	`445`	`*ssh = NULL;`
	`446`	`+ WCLOSESOCKET(sockFd);`
`446`	`447`	`return ret;`
`447`	`448`	`}`
`448`	`449`