Coverity: Resource leak

1. Fix some resource leaks during error conditions where a socket or a
   file descriptor doesn't get closed in all error cases.
2. In wolfSSH_SFTP_RecvOpen(), initialize the file descriptor.
3. For 572902, the error case resource leaks are fixed. There's still an
   issue to resolve for storing the FD for use later.
Fixes CIDs:
  572856 572902* 573012 573019 573021 573076

Author: ejohnstown

apps/wolfsshd/wolfsshd.c

@@ -245,6 +245,8 @@ static byte* getBufferFromFile(const char* fileName, word32* bufSz, void* heap)
     word32 fileSz;
     word32 readSz;
 
+    WOLFSSH_UNUSED(heap);
+
     if (fileName == NULL) return NULL;
 
     if (WFOPEN(NULL, &file, fileName, "rb") != 0)
@@ -263,10 +265,9 @@ static byte* getBufferFromFile(const char* fileName, word32* bufSz, void* heap)
         }
         if (bufSz)
             *bufSz = readSz;
-        WFCLOSE(NULL, file);
     }
+    WFCLOSE(NULL, file);
 
-    (void)heap;
     return buf;
 }
 #endif /* NO_FILESYSTEM */

src/wolfsftp.c

@@ -1997,6 +1997,12 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
 
     WLOG(WS_LOG_SFTP, "Receiving WOLFSSH_FTP_OPEN");
 
+    #ifdef MICROCHIP_MPLAB_HARMONY
+        fd = WBADFILE;
+    #else
+        fd = -1;
+    #endif
+
     if (sizeof(WFD) > WOLFSSH_MAX_HANDLE) {
         WLOG(WS_LOG_SFTP, "Handle size is too large");
         return WS_FATAL_ERROR;
@@ -2083,7 +2089,6 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
         }
 
     #ifdef MICROCHIP_MPLAB_HARMONY
-        fd = WBADFILE;
         {
             WFILE* f = &fd;
             if (WFOPEN(ssh->fs, &f, dir, m) != WS_SUCCESS) {
@@ -2111,29 +2116,37 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
             WLOG(WS_LOG_SFTP, "Unable to store handle");
             res = ier;
             if (wolfSSH_SFTP_CreateStatus(ssh, WOLFSSH_FTP_FAILURE, reqId, res,
-                "English", NULL, &outSz) != WS_SIZE_ONLY) {
+                    "English", NULL, &outSz) != WS_SIZE_ONLY) {
+                WCLOSE(ssh->fs, fd);
                 return WS_FATAL_ERROR;
             }
             ret = WS_FATAL_ERROR;
         }
     }
 #endif
 
-    /* create packet */
-    out = (byte*)WMALLOC(outSz, ssh->ctx->heap, DYNTYPE_BUFFER);
-    if (out == NULL) {
-        return WS_MEMORY_E;
+    if (ret == WS_SUCCESS) {
+        /* create packet */
+        out = (byte*)WMALLOC(outSz, ssh->ctx->heap, DYNTYPE_BUFFER);
+        if (out == NULL) {
+            WCLOSE(ssh->fs, fd);
+            return WS_MEMORY_E;
+        }
     }
     if (ret == WS_SUCCESS) {
         if (SFTP_CreatePacket(ssh, WOLFSSH_FTP_HANDLE, out, outSz,
             (byte*)&fd, sizeof(WFD)) != WS_SUCCESS) {
+            WCLOSE(ssh->fs, fd);
             return WS_FATAL_ERROR;
         }
     }
     else {
         if (wolfSSH_SFTP_CreateStatus(ssh, WOLFSSH_FTP_FAILURE, reqId, res,
                 "English", out, &outSz) != WS_SUCCESS) {
             WFREE(out, ssh->ctx->heap, DYNTYPE_BUFFER);
+            if (fd >= 0) {
+                WCLOSE(ssh->fs, fd);
+            }
             return WS_FATAL_ERROR;
         }
     }

tests/api.c

@@ -927,8 +927,17 @@ static void sftp_client_connect(WOLFSSH_CTX** ctx, WOLFSSH** ssh, int port)
 
     build_addr(&clientAddr, host, port);
     tcp_socket(&sockFd, ((struct sockaddr_in *)&clientAddr)->sin_family);
+    if (sockFd < 0) {
+        wolfSSH_free(*ssh);
+        wolfSSH_CTX_free(*ctx);
+        *ctx = NULL;
+        *ssh = NULL;
+        return;
+    }
+
     ret = connect(sockFd, (const struct sockaddr *)&clientAddr, clientAddrSz);
     if (ret != 0){
+        WCLOSESOCKET(sockFd);
         wolfSSH_free(*ssh);
         wolfSSH_CTX_free(*ctx);
         *ctx = NULL;
@@ -945,6 +954,7 @@ static void sftp_client_connect(WOLFSSH_CTX** ctx, WOLFSSH** ssh, int port)
         ret = wolfSSH_SFTP_connect(*ssh);
 
     if (ret != WS_SUCCESS){
+        WCLOSESOCKET(sockFd);
         wolfSSH_free(*ssh);
         wolfSSH_CTX_free(*ctx);
         *ctx = NULL;
@@ -1611,8 +1621,17 @@ static void keyboard_client_connect(WOLFSSH_CTX** ctx, WOLFSSH** ssh, int port)
 
     build_addr(&clientAddr, host, port);
     tcp_socket(&sockFd, ((struct sockaddr_in *)&clientAddr)->sin_family);
+    if (sockFd < 0) {
+        wolfSSH_free(*ssh);
+        wolfSSH_CTX_free(*ctx);
+        *ctx = NULL;
+        *ssh = NULL;
+        return;
+    }
+
     ret = connect(sockFd, (const struct sockaddr *)&clientAddr, clientAddrSz);
     if (ret != 0){
+        WCLOSESOCKET(sockFd);
         wolfSSH_free(*ssh);
         wolfSSH_CTX_free(*ctx);
         *ctx = NULL;
@@ -1628,6 +1647,7 @@ static void keyboard_client_connect(WOLFSSH_CTX** ctx, WOLFSSH** ssh, int port)
         ret = wolfSSH_connect(*ssh);
 
     if (ret != WS_SUCCESS){
+        WCLOSESOCKET(sockFd);
         wolfSSH_free(*ssh);
         wolfSSH_CTX_free(*ctx);
         *ctx = NULL;

tests/auth.c

@@ -443,15 +443,33 @@ static int basic_client_connect(WOLFSSH_CTX** ctx, WOLFSSH** ssh, int port)
         wolfSSH_CTX_free(*ctx);
         *ctx = NULL;
         *ssh = NULL;
+        WCLOSESOCKET(sockFd);
         return ret;
     }
 
     ret = wolfSSH_SetUsername(*ssh, username);
-    if (ret == WS_SUCCESS)
-        ret = wolfSSH_set_fd(*ssh, (int)sockFd);
+    if (ret != WS_SUCCESS) {
+        wolfSSH_free(*ssh);
+        wolfSSH_CTX_free(*ctx);
+        *ctx = NULL;
+        *ssh = NULL;
+        WCLOSESOCKET(sockFd);
+        fprintf(stderr, "line= %d\n", __LINE__);
+        return ret;
+    }
+
+    ret = wolfSSH_set_fd(*ssh, (int)sockFd);
+    if (ret != WS_SUCCESS) {
+        fprintf(stderr, "line= %d\n", __LINE__);
+        wolfSSH_free(*ssh);
+        wolfSSH_CTX_free(*ctx);
+        *ctx = NULL;
+        *ssh = NULL;
+        WCLOSESOCKET(sockFd);
+        return ret;
+    }
 
-    if (ret == WS_SUCCESS)
-        ret = wolfSSH_connect(*ssh);
+    ret = wolfSSH_connect(*ssh);
 
     return ret;
 }