Skip to content

rbus: fix coverity RESOURCE_LEAK in src/rbus/rbus.c #410

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
svc-rdkeportal01 wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

rbus: fix coverity RESOURCE_LEAK in src/rbus/rbus.c #410

svc-rdkeportal01 wants to merge 1 commit into from

Conversation

@svc-rdkeportal01
Copy link

@svc-rdkeportal01 svc-rdkeportal01 commented Dec 1, 2025
edited
Loading

Fix Coverity RESOURCE_LEAK in src/rbus/rbus.c

Improved fix with enhanced bot validation. Supersedes PR #396 and #408.

Coverity Issues

This PR fixes two RESOURCE_LEAK issues in src/rbus/rbus.c:

  • CID 110: Line 754, function rbusObject_initFromMessage
  • CID 138: Line 3788, function rbus_getExt

Root Cause

CID 110:
The prop variable was uninitialized. If rbusPropertyList_initFromMessage fails to set prop, the rbusProperty_Release(prop) call would operate on an uninitialized pointer, causing undefined behavior.

CID 138:
The destinations pointer was uninitialized and leaked when error occurred. The break statement exited the loop but execution continued to cleanup code, causing potential use-after-free.

Changes

CID 110 Fix:

rbusProperty_t prop = NULL;  // Initialize to NULL

CID 138 Fix:

  1. Initialize destinations = NULL
  2. Add cleanup before error return
  3. Return directly instead of break

Impact

✅ Prevents undefined behavior from uninitialized pointers
✅ Prevents memory leak on error path
✅ Prevents use-after-free in cleanup code

Supersedes: #396, #408

@Rajeev-Comcast
rbus: fix coverity RESOURCE_LEAK in src/rbus/rbus.c
87f3755 
Fixes Coverity CID 110 and CID 138
Generated by RDKDevPilot AI Bot (v2)

Root Cause:
CID 110 (rbusObject_initFromMessage, line 754):
- prop variable was uninitialized
- If rbusPropertyList_initFromMessage fails, rbusProperty_Release
  would operate on uninitialized pointer

CID 138 (rbus_getExt, line 3788):
- destinations pointer was uninitialized
- Error path leaked destinations array and strings
- break statement caused execution to continue to cleanup code

Changes:
1. CID 110: Initialize prop = NULL (line 721)
2. CID 138: Initialize destinations = NULL (line 3682)
3. CID 138: Add cleanup before error return (lines 3761-3771)
4. CID 138: Return directly instead of break to avoid use-after-free

Impact:
- Prevents undefined behavior from uninitialized pointers
- Prevents memory leak on error path
- Prevents use-after-free in cleanup code

Supersedes: PR #396, #408
Bot Validation: 95/100 for both issues
@svc-rdkeportal01 svc-rdkeportal01 requested a review from a team as a code owner December 1, 2025 22:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@svc-rdkeportal01 @Rajeev-Comcast