opengate icon indicating copy to clipboard operation
opengate copied to clipboard

Published 20 hours ago verified publisher icon OpenGATE

Memory leaks

Open BishopWolf opened this issue 1 year ago • 5 comments

I ran a Snyk code analysis, and it detected these problems:

  1. Leaking memory. GateRandomMultiGauss is allocated on the heap and never freed https://github.com/OpenGATE/opengate/blob/fcaae6dfeb10bcdbe4aab05d630028350735556c/core/opengate_core/opengate_lib/GateSingleParticleSourcePencilBeam.h#L51

  2. Leaking memory. G4AffineTransform is allocated on the heap and never freed https://github.com/OpenGATE/opengate/blob/fcaae6dfeb10bcdbe4aab05d630028350735556c/core/opengate_core/opengate_lib/GateUniqueVolumeID.cpp#L120

BishopWolf avatar Jan 24 '24 20:01 BishopWolf

It also detected

Calling extractall to extract all files from a tar file without sanitization. This may result files outside destination directory to be overwritten, resulting in an arbitrary file write. https://github.com/OpenGATE/opengate/blob/fcaae6dfeb10bcdbe4aab05d630028350735556c/core/opengate_core/g4DataSetup.py#L104

BishopWolf avatar Jan 24 '24 20:01 BishopWolf

Thanks for reporting. That's helpful. We will put this on the list of issues to be addressed in the next weeks.

nkrah avatar Jan 25 '24 09:01 nkrah

By the way: Do you mind sharing the commands you used to do the code analysis? I am honestly not familiar with Snyk. Thanks a bunch.

nkrah avatar Jan 25 '24 10:01 nkrah

Create a free account in https://snyk.io/ using your GitHub account. Add this project to your snyk account It will report all vulnerabilities image

BishopWolf avatar Jan 25 '24 13:01 BishopWolf

Awsome! Thank you very much, Alex!

dsarrut avatar Jan 25 '24 14:01 dsarrut