In the excerpt below partial->comp = parse_partial_comp(node); stores in partial->comp pointer to newly allocated memory.
In if (!partial->comp || partial->comp->kind != ICAL_VCALENDAR_COMPONENT) return *fctx->ret = HTTP_BAD_REQUEST; when partial->comp->kind != ICAL_VCALENDAR_COMPONENT then the memory is not released. This is what the static analyzer sees.
I see in addition that when the parsed XML snippet has for some reason twice <comp/> then partial->comp = parse_partial_comp(node); is executed twice in a row and the memory allocated from the first parse_partial_comp(node) is lost.
|
partial->comp = NULL; |
|
|
|
/* Check for and parse child elements of CALDAV:calendar-data */ |
|
for (node = xmlFirstElementChild(prop); node; |
|
node = xmlNextElementSibling(node)) { |
|
xmlChar *prop; |
|
|
|
if (!xmlStrcmp(node->name, BAD_CAST "expand") || |
|
!xmlStrcmp(node->name, BAD_CAST "limit-recurrence-set")) { |
|
partial->expand = (node->name[0] == 'e'); |
|
prop = xmlGetProp(node, BAD_CAST "start"); |
|
if (!prop) return (*fctx->ret = HTTP_BAD_REQUEST); |
|
partial->range.start = icaltime_from_string((char *) prop); |
|
xmlFree(prop); |
|
|
|
prop = xmlGetProp(node, BAD_CAST "end"); |
|
if (!prop) return (*fctx->ret = HTTP_BAD_REQUEST); |
|
partial->range.end = icaltime_from_string((char *) prop); |
|
xmlFree(prop); |
|
} |
|
else if (!xmlStrcmp(node->name, BAD_CAST "comp")) { |
|
partial->comp = parse_partial_comp(node); |
|
if (!partial->comp || |
|
partial->comp->kind != ICAL_VCALENDAR_COMPONENT) { |
|
return (*fctx->ret = HTTP_BAD_REQUEST); |
|
} |
|
} |
|
else if (!xmlStrcmp(node->name, BAD_CAST "limit-freebusy-set")) { |
|
syslog(LOG_NOTICE, |
|
"Client attempted to use CALDAV:limit-freebusy-set"); |
|
return (*fctx->ret = HTTP_NOT_IMPLEMENTED); |
|
} |
|
} |