From 4ef60df7edfdd7a49a565494142f86d93f9268b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= Date: Fri, 31 Jul 2020 10:38:17 +0200 Subject: [PATCH] Plug a memory leak ==12029== at 0x483A809: malloc (vg_replace_malloc.c:307) ==12029== by 0x51F1386: realpath@@GLIBC_2.3 (in /usr/lib64/libc-2.31.so) ==12029== by 0x489F8CA: oscap_realpath (util.c:251) ==12029== by 0x495E6EF: rpmverify_collect (rpmverifyfile_probe.c:248) ==12029== by 0x495F461: rpmverifyfile_probe_main (rpmverifyfile_probe.c:543) ==12029== by 0x4935598: probe_worker (worker.c:1090) ==12029== by 0x4932F10: probe_worker_runfn (worker.c:81) ==12029== by 0x4CDA431: start_thread (in /usr/lib64/libpthread-2.31.so) ==12029== by 0x52A8912: clone (in /usr/lib64/libc-2.31.so) ==12029== at 0x483CCE8: realloc (vg_replace_malloc.c:834) ==12029== by 0x4D9DCD8: rrealloc (in /usr/lib64/librpmio.so.9.0.1) ==12029== by 0x4D25B88: headerFormat (in /usr/lib64/librpm.so.9.0.1) ==12029== by 0x495E467: rpmverify_collect (rpmverifyfile_probe.c:230) ==12029== by 0x495F461: rpmverifyfile_probe_main (rpmverifyfile_probe.c:543) ==12029== by 0x4935598: probe_worker (worker.c:1090) ==12029== by 0x4932F10: probe_worker_runfn (worker.c:81) ==12029== by 0x4CDA431: start_thread (in /usr/lib64/libpthread-2.31.so) ==12029== by 0x52A8912: clone (in /usr/lib64/libc-2.31.so) Resolves: RHBZ#1861301 --- .../probes/unix/linux/rpmverifyfile_probe.c | 24 ++++++++++++++----- 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c b/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c index c86818e72..57d69f552 100644 --- a/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c +++ b/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c @@ -61,10 +61,10 @@ struct rpmverify_res { char *name; /**< package name */ - const char *epoch; - const char *version; - const char *release; - const char *arch; + char *epoch; + char *version; + char *release; + char *arch; char *file; /**< filepath */ char extended_name[1024]; rpmVerifyAttrs vflags; /**< rpm verify flags */ @@ -272,14 +272,14 @@ static int rpmverify_collect(probe_ctx *ctx, free(current_file_realpath); continue; } - res.file = current_file_realpath ? current_file_realpath : strdup(current_file); + res.file = current_file_realpath ? oscap_strdup(current_file_realpath) : oscap_strdup(current_file); break; case OVAL_OPERATION_PATTERN_MATCH: ret = pcre_exec(re, NULL, current_file, strlen(current_file), 0, 0, NULL, 0); switch(ret) { case 0: /* match */ - res.file = strdup(current_file); + res.file = oscap_strdup(current_file); break; case -1: /* mismatch */ @@ -299,12 +299,18 @@ static int rpmverify_collect(probe_ctx *ctx, free(current_file_realpath); goto ret; } + free(current_file_realpath); if (rpmVerifyFile(g_rpm->rpmts, fi, &res.vflags, omit) != 0) res.vflags = RPMVERIFY_FAILURES; if (callback(ctx, &res) != 0) { ret = 0; + free(res.name); + free(res.epoch); + free(res.version); + free(res.release); + free(res.arch); free(res.file); goto ret; } @@ -313,6 +319,12 @@ static int rpmverify_collect(probe_ctx *ctx, rpmfiFree(fi); } + + free(res.name); + free(res.epoch); + free(res.version); + free(res.release); + free(res.arch); } match = rpmdbFreeIterator (match); -- 2.26.2