Bug Summary

File:s/cmd/pp/pp.c
Warning:line 71, column 12
Potential leak of memory pointed to by 'typeTag'

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name pp.c -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -analyzer-config-compatibility-mode=true -mrelocation-model pic -pic-level 2 -fhalf-no-semantic-interposition -mframe-pointer=all -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fdebug-compilation-dir=/var/lib/jenkins/workspace/nss-scan-build/nss/cmd/pp -ffunction-sections -fdata-sections -fcoverage-compilation-dir=/var/lib/jenkins/workspace/nss-scan-build/nss/cmd/pp -resource-dir /usr/lib/llvm-18/lib/clang/18 -D HAVE_STRERROR -D LINUX -D linux -D XP_UNIX -D XP_UNIX -D NSPR20 -D DEBUG -U NDEBUG -D _DEFAULT_SOURCE -D _BSD_SOURCE -D _POSIX_SOURCE -D SDB_MEASURE_USE_TEMP_DIR -D _REENTRANT -D DEBUG -U NDEBUG -D _DEFAULT_SOURCE -D _BSD_SOURCE -D _POSIX_SOURCE -D SDB_MEASURE_USE_TEMP_DIR -D _REENTRANT -D NSS_DISABLE_SSE3 -D NSS_NO_INIT_SUPPORT -D USE_UTIL_DIRECTLY -D NO_NSPR_10_SUPPORT -D SSL_DISABLE_DEPRECATED_CIPHER_SUITE_NAMES -I ../../../dist/Linux4.19_x86_64_gcc_glibc_PTH_64_DBG.OBJ/include -I ../../../dist/public/nss -I ../../../dist/private/nss -I ../../../dist/public/seccmd -I ../../../dist/public/dbm -internal-isystem /usr/lib/llvm-18/lib/clang/18/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -std=c99 -ferror-limit 19 -fgnuc-version=4.2.1 -analyzer-output=html -analyzer-config stable-report-filename=true -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/scan-build-2024-05-18-082241-28900-1 -x c pp.c
1/* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
5/*
6 * Pretty-print some well-known BER or DER encoded data (e.g. certificates,
7 * keys, pkcs7)
8 */
9
10#include "secutil.h"
11
12#if defined(__sun) && !defined(SVR4)
13extern int fprintf(FILE *, char *, ...);
14#endif
15
16#include "plgetopt.h"
17
18#include "pk11func.h"
19#include "nspr.h"
20#include "nss.h"
21
22static void
23Usage(char *progName)
24{
25 fprintf(stderrstderr,
26 "Usage: %s [-t type] [-a] [-i input] [-o output] [-w] [-u]\n",
27 progName);
28 fprintf(stderrstderr, "Pretty prints a file containing ASN.1 data in DER or ascii format.\n");
29 fprintf(stderrstderr, "%-14s Specify input and display type:", "-t type");
30 fprintf(stderrstderr, " %s (sk),", SEC_CT_PRIVATE_KEY"private-key");
31 fprintf(stderrstderr, "\n");
32 fprintf(stderrstderr, "%-14s %s (pk), %s (c), %s (cr),\n", "", SEC_CT_PUBLIC_KEY"public-key",
33 SEC_CT_CERTIFICATE"certificate", SEC_CT_CERTIFICATE_REQUEST"certificate-request");
34 fprintf(stderrstderr, "%-14s %s (ci), %s (p7), %s (p12), %s or %s (n).\n", "",
35 SEC_CT_CERTIFICATE_ID"certificate-identity", SEC_CT_PKCS7"pkcs7", SEC_CT_PKCS12"pkcs12",
36 SEC_CT_CRL"crl", SEC_CT_NAME"name");
37 fprintf(stderrstderr, "%-14s (Use either the long type name or the shortcut.)\n", "");
38 fprintf(stderrstderr, "%-14s Input is in ascii encoded form (RFC1113)\n",
39 "-a");
40 fprintf(stderrstderr, "%-14s Define an input file to use (default is stdin)\n",
41 "-i input");
42 fprintf(stderrstderr, "%-14s Define an output file to use (default is stdout)\n",
43 "-o output");
44 fprintf(stderrstderr, "%-14s Don't wrap long output lines\n",
45 "-w");
46 fprintf(stderrstderr, "%-14s Use UTF-8 (default is to show non-ascii as .)\n",
47 "-u");
48 exit(-1);
49}
50
51int
52main(int argc, char **argv)
53{
54 int rv, ascii;
55 char *progName;
56 FILE *outFile;
57 PRFileDesc *inFile;
58 SECItem der, data;
59 char *typeTag;
60 PLOptState *optstate;
61 PRBool wrap = PR_TRUE1;
62
63 progName = strrchr(argv[0], '/');
64 progName = progName ? progName + 1 : argv[0];
1
Assuming 'progName' is non-null
2
'?' condition is true
65
66 ascii = 0;
67 inFile = 0;
68 outFile = 0;
69 typeTag = 0;
70 optstate = PL_CreateOptState(argc, argv, "at:i:o:uw");
71 while (PL_GetNextOpt(optstate) == PL_OPT_OK) {
3
Assuming the condition is true
4
Loop condition is true. Entering loop body
7
 Execution continues on line 71
8
Assuming the condition is true
9
Loop condition is true. Entering loop body
11
 Execution continues on line 71
12
Potential leak of memory pointed to by 'typeTag'
72 switch (optstate->option) {
5
Control jumps to 'case 116:' at line 103
10
Control jumps to 'case 116:' at line 103
73 case '?':
74 Usage(progName);
75 break;
76
77 case 'a':
78 ascii = 1;
79 break;
80
81 case 'i':
82 inFile = PR_Open(optstate->value, PR_RDONLY0x01, 0);
83 if (!inFile) {
84 fprintf(stderrstderr, "%s: unable to open \"%s\" for reading\n",
85 progName, optstate->value);
86 PORT_FreePORT_Free_Util(typeTag);
87 PL_DestroyOptState(optstate);
88 return -1;
89 }
90 break;
91
92 case 'o':
93 outFile = fopen(optstate->value, "w");
94 if (!outFile) {
95 fprintf(stderrstderr, "%s: unable to open \"%s\" for writing\n",
96 progName, optstate->value);
97 PORT_FreePORT_Free_Util(typeTag);
98 PL_DestroyOptState(optstate);
99 return -1;
100 }
101 break;
102
103 case 't':
104 typeTag = strdup(optstate->value);
6
Memory is allocated
105 break;
106
107 case 'u':
108 SECU_EnableUtf8Display(PR_TRUE1);
109 break;
110
111 case 'w':
112 wrap = PR_FALSE0;
113 break;
114 }
115 }
116 PL_DestroyOptState(optstate);
117 if (!typeTag)
118 Usage(progName);
119
120 if (!inFile)
121 inFile = PR_STDINPR_GetSpecialFD(PR_StandardInput);
122 if (!outFile)
123 outFile = stdoutstdout;
124
125 PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
126 rv = NSS_NoDB_Init(NULL((void*)0));
127 if (rv != SECSuccess) {
128 fprintf(stderrstderr, "%s: NSS_NoDB_Init failed (%s)\n",
129 progName, SECU_Strerror(PORT_GetError())PR_ErrorToString((PORT_GetError_Util()), 0));
130 exit(1);
131 }
132 SECU_RegisterDynamicOids();
133
134 rv = SECU_ReadDERFromFile(&der, inFile, ascii, PR_FALSE0);
135 if (rv != SECSuccess) {
136 fprintf(stderrstderr, "%s: SECU_ReadDERFromFile failed\n", progName);
137 exit(1);
138 }
139
140 /* Data is untyped, using the specified type */
141 data.data = der.data;
142 data.len = der.len;
143
144 SECU_EnableWrap(wrap);
145
146 /* Pretty print it */
147 if (PORT_Strcmpstrcmp(typeTag, SEC_CT_CERTIFICATE"certificate") == 0 ||
148 PORT_Strcmpstrcmp(typeTag, "c") == 0) {
149 rv = SECU_PrintSignedData(outFile, &data, "Certificate", 0,
150 (SECU_PPFunc)SECU_PrintCertificate);
151 } else if (PORT_Strcmpstrcmp(typeTag, SEC_CT_CERTIFICATE_ID"certificate-identity") == 0 ||
152 PORT_Strcmpstrcmp(typeTag, "ci") == 0) {
153 rv = SECU_PrintSignedContent(outFile, &data, 0, 0,
154 SECU_PrintDumpDerIssuerAndSerial);
155 } else if (PORT_Strcmpstrcmp(typeTag, SEC_CT_CERTIFICATE_REQUEST"certificate-request") == 0 ||
156 PORT_Strcmpstrcmp(typeTag, "cr") == 0) {
157 rv = SECU_PrintSignedData(outFile, &data, "Certificate Request", 0,
158 SECU_PrintCertificateRequest);
159 } else if (PORT_Strcmpstrcmp(typeTag, SEC_CT_CRL"crl") == 0) {
160 rv = SECU_PrintSignedData(outFile, &data, "CRL", 0, SECU_PrintCrl);
161 } else if (PORT_Strcmpstrcmp(typeTag, SEC_CT_PRIVATE_KEY"private-key") == 0 ||
162 PORT_Strcmpstrcmp(typeTag, "sk") == 0) {
163 rv = SECU_PrintPrivateKey(outFile, &data, "Private Key", 0);
164 } else if (PORT_Strcmpstrcmp(typeTag, SEC_CT_PUBLIC_KEY"public-key") == 0 ||
165 PORT_Strcmpstrcmp(typeTag, "pk") == 0) {
166 rv = SECU_PrintSubjectPublicKeyInfo(outFile, &data, "Public Key", 0);
167 } else if (PORT_Strcmpstrcmp(typeTag, SEC_CT_PKCS7"pkcs7") == 0 ||
168 PORT_Strcmpstrcmp(typeTag, "p7") == 0) {
169 rv = SECU_PrintPKCS7ContentInfo(outFile, &data,
170 "PKCS #7 Content Info", 0);
171 } else if (PORT_Strcmpstrcmp(typeTag, SEC_CT_NAME"name") == 0 ||
172 PORT_Strcmpstrcmp(typeTag, "n") == 0) {
173 rv = SECU_PrintDERName(outFile, &data, "Name", 0);
174 } else if (PORT_Strcmpstrcmp(typeTag, SEC_CT_PKCS12"pkcs12") == 0 ||
175 PORT_Strcmpstrcmp(typeTag, "p12") == 0) {
176 rv = SECU_PrintPKCS12(outFile, &data, "PKCS #12 File", 0);
177 } else {
178 fprintf(stderrstderr, "%s: don't know how to print out '%s' files\n",
179 progName, typeTag);
180 SECU_PrintAny(outFile, &data, "File contains", 0);
181 return -1;
182 }
183
184 PORT_FreePORT_Free_Util(typeTag);
185
186 if (inFile != PR_STDINPR_GetSpecialFD(PR_StandardInput))
187 PR_Close(inFile);
188 PORT_FreePORT_Free_Util(der.data);
189 if (rv) {
190 fprintf(stderrstderr, "%s: problem converting data (%s)\n",
191 progName, SECU_Strerror(PORT_GetError())PR_ErrorToString((PORT_GetError_Util()), 0));
192 }
193 if (NSS_Shutdown() != SECSuccess) {
194 fprintf(stderrstderr, "%s: NSS_Shutdown failed (%s)\n",
195 progName, SECU_Strerror(PORT_GetError())PR_ErrorToString((PORT_GetError_Util()), 0));
196 rv = SECFailure;
197 }
198 PR_Cleanup();
199 return rv;
200}