Fix a memory leak in uri_contains_password. (#687)

* Fix a memory leak in uri_contains_password.

* Add a fix to tmux_prepare_XDG_environment memory leak.

* Fix another connection string parsing memory leak.

* Fix calling PQsetNoticeProcessor on a finished connection.

* Fix a leak in parse_version_number.

* Add missed free_program calls before exit in tmux calling code.

* Fix some more leaks reported by valgrind.

* Fix pg_setup_get_username and make it "cache invalidation" style.

* Fix another leak found by valgrind, in the tmux code path.

Author: DimCitus

src/bin/pg_autoctl/cli_do_tmux.c

@@ -554,13 +554,15 @@ tmux_prepare_XDG_environment(const char *root, bool createDirectories)
 			if (pg_mkdir_p(env, 0700) == -1)
 			{
 				log_error("mkdir -p \"%s\": %m", env);
+				free(env);
 				return false;
 			}
 		}
 
 		if (!normalize_filename(env, env, MAXPGPATH))
 		{
 			/* errors have already been logged */
+			free(env);
 			return false;
 		}
 
@@ -588,9 +590,13 @@ tmux_prepare_XDG_environment(const char *root, bool createDirectories)
 			if (pg_mkdir_p(targetPath, 0700) == -1)
 			{
 				log_error("mkdir -p \"%s\": %m", targetPath);
+
+				free(env);
 				return false;
 			}
 		}
+
+		free(env);
 	}
 
 	return true;
@@ -894,6 +900,7 @@ tmux_start_server(const char *scriptName)
 	(void) execute_subprogram(&program);
 
 	/* we only get there when the tmux session is done */
+	free_program(&program);
 	return true;
 }
 
@@ -935,6 +942,8 @@ tmux_attach_session(const char *tmux_path, const char *sessionName)
 	(void) execute_subprogram(&program);
 
 	/* we only get there when the tmux session is done */
+	free_program(&program);
+
 	return true;
 }
 
@@ -1477,6 +1486,7 @@ cli_do_tmux_wait(int argc, char **argv)
 			(void) snprintf_program_command_line(&program, command, BUFSIZE);
 
 			log_error("%s [%d]", command, program.returnCode);
+			free_program(&program);
 			exit(EXIT_CODE_INTERNAL_ERROR);
 		}
 
@@ -1501,8 +1511,12 @@ cli_do_tmux_wait(int argc, char **argv)
 			{
 				log_info("The monitor is ready at: %s", showUri.stdOut);
 			}
+
+			free_program(&showUri);
 		}
 
+		free_program(&program);
+
 		if (!ready)
 		{
 			exit(EXIT_CODE_INTERNAL_ERROR);

src/bin/pg_autoctl/parsing.c

@@ -140,6 +140,7 @@ parse_version_number(const char *version_string,
 		return false;
 	}
 
+	free(match);
 	return true;
 }
 
@@ -701,6 +702,8 @@ parse_pguri_info_key_vals(const char *pguri,
 		}
 	}
 
+	PQconninfoFree(conninfo);
+
 	/*
 	 * Display an error message per missing field, and only then return false
 	 * if we're missing any one of those.
@@ -1044,8 +1047,9 @@ parseNodesArray(const char *nodesJSON,
 
 
 /*
- * uri_contains_password takes a Postgres connection string and checks to see if it contains a parameter
- * called password. Returns true if a password keyword is present in the connection string.
+ * uri_contains_password takes a Postgres connection string and checks to see
+ * if it contains a parameter called password. Returns true if a password
+ * keyword is present in the connection string.
  */
 static bool
 uri_contains_password(const char *pguri)
@@ -1067,16 +1071,16 @@ uri_contains_password(const char *pguri)
 	 */
 	for (option = conninfo; option->keyword != NULL; option++)
 	{
-		if (
-			strcmp(option->keyword, "password") == 0 &&
+		if (strcmp(option->keyword, "password") == 0 &&
 			option->val != NULL &&
-			!IS_EMPTY_STRING_BUFFER(option->val)
-			)
+			!IS_EMPTY_STRING_BUFFER(option->val))
 		{
+			PQconninfoFree(conninfo);
 			return true;
 		}
 	}
 
+	PQconninfoFree(conninfo);
 	return false;
 }
 

src/bin/pg_autoctl/pgsetup.c

@@ -1342,7 +1342,7 @@ pg_setup_role(PostgresSetup *pgSetup)
 char *
 pg_setup_get_username(PostgresSetup *pgSetup)
 {
-	char userEnv[NAMEDATALEN];
+	char userEnv[NAMEDATALEN] = { 0 };
 
 	/* use a configured username if provided */
 	if (!IS_EMPTY_STRING_BUFFER(pgSetup->username))
@@ -1359,21 +1359,24 @@ pg_setup_get_username(PostgresSetup *pgSetup)
 	{
 		log_trace("username found in passwd: %s", pw->pw_name);
 
-		/* struct passwd is in thread shared space, return a copy */
-		return strdup(pw->pw_name);
+		strlcpy(pgSetup->username, pw->pw_name, sizeof(pgSetup->username));
+		return pgSetup->username;
 	}
 
 
 	/* fallback on USER from env if the user cannot be found in passwd */
 	if (get_env_copy("USER", userEnv, NAMEDATALEN))
 	{
 		log_trace("username found in USER environment variable: %s", userEnv);
-		return strdup(userEnv);
+
+		strlcpy(pgSetup->username, userEnv, sizeof(pgSetup->username));
+		return pgSetup->username;
 	}
 
 	log_trace("username fallback to default: %s", DEFAULT_USERNAME);
+	strlcpy(pgSetup->username, DEFAULT_USERNAME, sizeof(pgSetup->username));
 
-	return DEFAULT_USERNAME;
+	return pgSetup->username;
 }
 
 

src/bin/pg_autoctl/pgsql.c

@@ -2257,13 +2257,16 @@ pgsql_create_user(PGSQL *pgsql, const char *userName, const char *password,
 
 	PQclear(result);
 	clear_results(pgsql);
+
 	if (pgsql->connectionStatementType == PGSQL_CONNECTION_SINGLE_STATEMENT)
 	{
 		pgsql_finish(pgsql);
 	}
-
-	/* restore the normal notice message processing, if needed. */
-	PQsetNoticeProcessor(connection, previousNoticeProcessor, NULL);
+	else
+	{
+		/* restore the normal notice message processing, if needed. */
+		PQsetNoticeProcessor(connection, previousNoticeProcessor, NULL);
+	}
 
 	return true;
 }