Bug #115162 Potential Memory Leak in file `xcom\network\xcom_network_provider_native_lib.cc`
Submitted: 29 May 13:01 Modified: 29 May 13:13
Reporter: Hershey None Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Server: Pluggable Authentication Severity:S2 (Serious)
Version:8.0 OS:Any
Assigned to: CPU Architecture:Any

[29 May 13:01] Hershey None
Description:
File: plugin\group_replication\libmysqlgcs\src\bindings\xcom\xcom\network\xcom_network_provider_native_lib.cc
Function: Xcom_network_provider_library::announce_tcp
Details:
Please see the comment in the code snippet below:

result Xcom_network_provider_library::announce_tcp(xcom_port port) {
	...
    /* Assuming `sock_addr` is not nullptr, and 
    `bind(fd.val, sock_addr, sock_addr_len) < 0` is True. */
    if (sock_addr == nullptr || (bind(fd.val, sock_addr, sock_addr_len) < 0)) {
        fd = create_server_socket_v4();
        if (fd.val < 0) { // Assuming condition is True
          return fd; // return without free `sock_addr`
        }
        free(sock_addr);
        sock_addr = nullptr;
        ...
    }
}

How to repeat:
This is a static analyzer warning, we have not found an actual path that triggers the memory leak.

It seems this piece of code is not typically triggered, but fixing this potential memory leak is quite easy :)

Suggested fix:
It is safe to pass `nullptr` to the free function.
So just free `sock_addr` before `return fd` in the `fd.val<0` branch:

if (fd.val < 0) {
​    free(sock_addr);
​    return fd; 
}
[29 May 13:13] MySQL Verification Team
Hi MR. Hershev,

Thank you for your contribution.

This is now a verified bug.

It affects 8.0 and higher .......

Since it is a memory leak, it has a Severity of 2.