diff --git a/src/libcrun/cgroup-setup.c b/src/libcrun/cgroup-setup.c index 517be900a..25b572587 100644 --- a/src/libcrun/cgroup-setup.c +++ b/src/libcrun/cgroup-setup.c @@ -42,6 +42,8 @@ static int initialize_cpuset_subsystem_rec (char *path, size_t path_len, char *cpus, char *mems, runtime_spec_schema_config_linux_resources *resources, libcrun_error_t *err) { + cleanup_free char *allocated_cpus = NULL; + cleanup_free char *allocated_mems = NULL; cleanup_close int dirfd = -1; cleanup_close int mems_fd = -1; cleanup_close int cpus_fd = -1; @@ -118,9 +120,9 @@ initialize_cpuset_subsystem_rec (char *path, size_t path_len, char *cpus, char * if (resources && resources->cpu) { if (resources->cpu->cpus && ! has_cpus) - cpus = xstrdup (resources->cpu->cpus); + cpus = allocated_cpus = xstrdup (resources->cpu->cpus); if (resources->cpu->mems && ! has_mems) - mems = xstrdup (resources->cpu->mems); + mems = allocated_mems = xstrdup (resources->cpu->mems); } /* Finally, if we have a fd to populate, write the value chosen. If we have a value from the resources struct to base it off of, diff --git a/src/libcrun/cgroup-systemd.c b/src/libcrun/cgroup-systemd.c index 7d85a8dca..83ae93b32 100644 --- a/src/libcrun/cgroup-systemd.c +++ b/src/libcrun/cgroup-systemd.c @@ -206,7 +206,6 @@ static int setup_missing_cpu_options_for_systemd (runtime_spec_schema_config_linux_resources *resources, bool cgroup2, const char *path, libcrun_error_t *err) { cleanup_free char *cgroup_path = NULL; - cleanup_close int dirfd = -1; int parent; int ret; @@ -218,6 +217,8 @@ setup_missing_cpu_options_for_systemd (runtime_spec_schema_config_linux_resource for (parent = 0; parent < 2; parent++) { + cleanup_close int dirfd = -1; + if (cgroup2) ret = append_paths (&cgroup_path, err, CGROUP_ROOT, path ? path : "", (parent ? ".." : NULL), NULL); else diff --git a/src/libcrun/container.c b/src/libcrun/container.c index 5a734a0b0..1c4c71f58 100644 --- a/src/libcrun/container.c +++ b/src/libcrun/container.c @@ -3913,7 +3913,7 @@ populate_capabilities (struct features_info_s *info, char ***capabilities, size_ static void retrieve_mount_options (struct features_info_s **info) { - const struct propagation_flags_s *mount_options_list; + cleanup_free const struct propagation_flags_s *mount_options_list = NULL; size_t num_mount_options = 0; // Retrieve mount options from wordlist @@ -3940,8 +3940,8 @@ libcrun_container_get_features (libcrun_context_t *context, struct features_info size_t num_actions = sizeof (actions) / sizeof (actions[0]); size_t num_hooks = sizeof (hooks) / sizeof (hooks[0]); size_t num_archs = sizeof (archs) / sizeof (archs[0]); + cleanup_free char **capabilities = NULL; size_t num_capabilities = 0; - char **capabilities = NULL; *info = xmalloc0 (sizeof (struct features_info_s)); @@ -4000,7 +4000,7 @@ libcrun_container_get_features (libcrun_context_t *context, struct features_info int size = snprintf (NULL, 0, "%u.%u.%u", version->major, version->minor, version->micro) + 1; char *version_string = xmalloc0 (size); snprintf (version_string, size, "%u.%u.%u", version->major, version->minor, version->micro); - (*info)->annotations.io_github_seccomp_libseccomp_version = xstrdup (version_string); + (*info)->annotations.io_github_seccomp_libseccomp_version = version_string; } #endif diff --git a/src/libcrun/linux.c b/src/libcrun/linux.c index 772a0dd0f..e27793604 100644 --- a/src/libcrun/linux.c +++ b/src/libcrun/linux.c @@ -4020,7 +4020,7 @@ maybe_get_idmapped_mount (runtime_spec_schema_config_schema *def, runtime_spec_s cleanup_close int fd = -1; const char *idmap_option; bool recursive = false; - const char *options; + const char *options = NULL; char proc_path[64]; bool has_mappings; int ret;