Project Name | CID | Checker | Category | Developer Description |
---|---|---|---|---|
wazuh/ossec-wazuh | 117766 | USE_AFTER_FREE | Memory - illegal accesses | This pointer was the resaon of a memory leak |
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
for (j = wmodules; j != i; j = j->next) { if (i->context->name == j->context->name) { if (j == wmodules) wmodules = j->next; else prev->next = j->next; j->context->destroy(j->data); free(j); j = prev; } else prev = j; } } } // Destroy configuration data void wm_destroy() { wmodule *cur_module; wmodule *next_module; |
< 1. Condition "cur_module", taking true branch
< 4. Condition "cur_module", taking true branch
57 |
for (cur_module = wmodules; cur_module; wmodules = next_module) { |
<<< CID 117766: Memory - illegal accesses USE_AFTER_FREE <<< 5. Dereferencing freed pointer "cur_module".
58 59 |
next_module = cur_module->next; cur_module->context->destroy(cur_module->data); |
<< 2. "free" frees "cur_module".
60 |
free(cur_module); |
< 3. Jumping back to the beginning of the loop
61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 |
} } // Concatenate strings with optional separator int wm_strcat(char **str1, const char *str2, char sep) { size_t len1; size_t len2; if (str2) { len2 = strlen(str2); if (*str1) { len1 = strlen(*str1); os_realloc(*str1, len1 + len2 + (sep ? 2 : 1), *str1); if (sep) memcpy(*str1 + (len1++), &sep, 1); } else { len1 = 0; os_malloc(len2 + 1, *str1); } memcpy(*str1 + len1, str2, len2 + 1); return 0; } else return -1; |
2. freed_arg | wmodules.c:60 | |
5. deref_after_free | wmodules.c:58 |