codeql icon indicating copy to clipboard operation
codeql copied to clipboard

Published 20 hours ago verified publisher icon github

C/C++ : memory may not be freed on loop

Open Yonah125 opened this issue 3 years ago • 3 comments
trafficstars

This query finds memory that might no be freed in a loop.

For exemple :

for(int i = 0; i < 10; i++){
     char* notfree = malloc(0x100);
     if(i == 5){
         break;
         }
      free(notfree)
 }

A resultat was found in netcdf-c : https://github.com/Unidata/netcdf-c/pull/2339

Supervised by @catenacyber

Yonah125 avatar May 07 '22 10:05 Yonah125

I've run the tests on this PR, and it looks like you need to autoformat the QL file. Let me know if you don't know how to do this.

Error: ql/cpp/ql/src/experimental/Critical/MemoryMayNotBeFreedOnLoop.ql would change by autoformatting.

I also started an LGTM run to see what kinds of real world results we get from this query: https://lgtm.com/query/7023328987326235286/ . It looks like there are some good results, but sometimes a very large number of locations are reported.

geoffw0 avatar May 12 '22 19:05 geoffw0

Hi @geoffw0, I think @Yonah125 is done with this after his latest push. How does this look ?

catenacyber avatar Jun 16 '22 07:06 catenacyber

I think @Yonah125 is done with this after his latest push. How does this look ?

Yes I think you're right. Its looks promising but a little unfinished to me. But for merging into experimental that's OK, it can potentially be built upon in future.

I've started the checks, will merge if they pass.

geoffw0 avatar Aug 08 '22 11:08 geoffw0