Description
Additional context
Our company uses libvncserver in our product. I am working on static analysis, and one of my tasks was to scan libvncserver package. During the scan, I found some errors in code:
Describe errors
-
https://github.com/LibVNC/libvncserver/blob/master/src/libvncserver/rfbserver.c#L1409
Handle dirp is created by calling function 'opendir' and lost at https://github.com/LibVNC/libvncserver/blob/master/src/libvncserver/rfbserver.c#L1415, need closedir(dirp) there. -
https://github.com/LibVNC/libvncserver/blob/master/src/libvncserver/sockets.c#L1211
Handle 'sock' is created by calling function 'socket' and lost at https://github.com/LibVNC/libvncserver/blob/master/src/libvncserver/sockets.c#L1216 and https://github.com/LibVNC/libvncserver/blob/master/src/libvncserver/sockets.c#L1219, need close(sock) there. -
https://github.com/LibVNC/libvncserver/blob/master/src/libvncserver/rfbserver.c#L347
Dynamic memory, referenced by 'cl->host', is allocated by calling function 'strdup' and lost at https://github.com/LibVNC/libvncserver/blob/master/src/libvncserver/rfbserver.c#L364, possibly need rfbCloseClient(cl) there