diff --git a/rpm-4.16.1.3-imp-covscan-fixes.patch b/rpm-4.16.1.3-imp-covscan-fixes.patch index 19d8647..02d77cc 100644 --- a/rpm-4.16.1.3-imp-covscan-fixes.patch +++ b/rpm-4.16.1.3-imp-covscan-fixes.patch @@ -33,10 +33,38 @@ diff -up rpm-4.16.1.3/scripts/check-rpaths-worker.orig rpm-4.16.1.3/scripts/chec badness=0;; (/lib|/usr/lib|/usr/X11R6/lib) +From d8dc4fd37b1d90cd97de7fcf484d449ec132c9b3 Mon Sep 17 00:00:00 2001 +From: Michal Domonkos +Date: Wed, 9 Jun 2021 21:31:40 +0200 +Subject: [PATCH 1/7] Fix memory leak in sqlexec() + +Callers are supposed to free the error strings themselves: +https://www.sqlite.org/capi3ref.html#sqlite3_exec + +Found by Coverity. +--- + lib/backend/sqlite.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/lib/backend/sqlite.c b/lib/backend/sqlite.c +index 7c2de45aa..dbefeb163 100644 +--- a/lib/backend/sqlite.c ++++ b/lib/backend/sqlite.c +@@ -233,6 +233,7 @@ static int sqlexec(sqlite3 *sdb, const char *fmt, ...) + rpmlog(RPMLOG_DEBUG, "%s: %d\n", cmd, rc); + + sqlite3_free(cmd); ++ sqlite3_free(err); + + return rc ? RPMRC_FAIL : RPMRC_OK; + } +-- +2.31.1 + From 5baf73feb4951cc3b3f553a4b18d3b3599cbf87c Mon Sep 17 00:00:00 2001 From: Michal Domonkos Date: Fri, 25 Jun 2021 11:21:46 +0200 -Subject: [PATCH 1/6] Always free the arg list passed to rpmGlob() +Subject: [PATCH 2/7] Always free the arg list passed to rpmGlob() Even though the actual implementation of rpmGlob() does not allocate the passed arg list (av) if the return code (rc) is non-zero or arg count @@ -67,7 +95,7 @@ index 724126e94..302ec0ba1 100644 From 3c8b01b67ec907afaaffe71691fa41b878578527 Mon Sep 17 00:00:00 2001 From: Michal Domonkos Date: Mon, 14 Jun 2021 10:21:25 +0200 -Subject: [PATCH 2/6] Fix resource leak in Fts_children() +Subject: [PATCH 3/7] Fix resource leak in Fts_children() This function is not used anywhere within our codebase (and neither is it part of the public API) so it's basically a no-op... Still, rather @@ -100,7 +128,7 @@ index d3ebb2946..caf27495d 100644 From 39b7bf8579e0522cf16347b3a7e332d3b6d742c6 Mon Sep 17 00:00:00 2001 From: Michal Domonkos Date: Mon, 14 Jun 2021 12:34:23 +0200 -Subject: [PATCH 3/6] Fix memory leak in fts_build() +Subject: [PATCH 4/7] Fix memory leak in fts_build() Turns out this leak is already fixed in glibc's current version of fts.c (where our copy originates from), so let's just backport that. @@ -140,7 +168,7 @@ index caf27495d..f7fce0eaa 100644 From 9c093c4f092dd6bd1e0c8d2b852a72b74db076c2 Mon Sep 17 00:00:00 2001 From: Michal Domonkos Date: Tue, 15 Jun 2021 13:34:21 +0200 -Subject: [PATCH 4/6] Fix memory leak in decodePkts() +Subject: [PATCH 5/7] Fix memory leak in decodePkts() Found by Coverity. --- @@ -172,7 +200,7 @@ index c59185dce..ee5c81e24 100644 From 590b2fc06252567eb7d57197dc361a8b459d62a3 Mon Sep 17 00:00:00 2001 From: Michal Domonkos Date: Mon, 21 Jun 2021 17:51:14 +0200 -Subject: [PATCH 5/6] Fix memory leak with multiple %lang-s in one line +Subject: [PATCH 6/7] Fix memory leak with multiple %lang-s in one line We permit two equivalent forms of specifying a list of languages per file: @@ -206,7 +234,7 @@ index f8153ad2b..0c8859f6c 100644 From b7a1e996326ee29a163d67ceb1e6127fdc251c14 Mon Sep 17 00:00:00 2001 From: Michal Domonkos Date: Fri, 25 Jun 2021 15:15:08 +0200 -Subject: [PATCH 6/6] Fix memory leaks in Lua rex extension +Subject: [PATCH 7/7] Fix memory leaks in Lua rex extension This covers the following usage: