dcavalca / rpms / rpm

Forked from rpms/rpm a year ago
Clone
Source Code
GIT

Blame rpm-4.14.3-imp-covscan-fixes.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c8s-imaevm-bootstrap c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   284b6bc6f8eb245e100790783a5251cc7964381b
  2.   rpm-4.14.3-imp-covscan-fixes.patch
Blob History Raw
James Antill ee2eaf 
commit c7d7c5acd0c14d0450016887cba1d86483086794
James Antill ee2eaf 
Author: Michal Domonkos <mdomonko@redhat.com>
James Antill ee2eaf 
Date:   Mon Jun 21 10:05:10 2021 +0200
James Antill ee2eaf
James Antill ee2eaf 
    Add quoting to literal curly brackets
James Antill ee2eaf
James Antill ee2eaf 
    These curly brackets are already treated as literals by the shell, so
James Antill ee2eaf 
    let's make that explicit for clarity, and silence a ShellCheck warning
James Antill ee2eaf 
    at the same time.
James Antill ee2eaf
James Antill ee2eaf 
    More info: https://github.com/koalaman/shellcheck/wiki/SC1083
James Antill ee2eaf
James Antill ee2eaf 
    Found by ShellCheck.
James Antill ee2eaf
James Antill ee2eaf 
diff -up rpm-4.16.1.3/scripts/check-rpaths-worker.orig rpm-4.16.1.3/scripts/check-rpaths-worker
James Antill ee2eaf 
--- rpm-4.16.1.3/scripts/check-rpaths-worker.orig	2021-06-29 15:34:31.671003589 +0200
James Antill ee2eaf 
+++ rpm-4.16.1.3/scripts/check-rpaths-worker	2021-06-29 15:34:51.993414093 +0200
James Antill ee2eaf 
@@ -120,13 +120,13 @@ for i; do
James Antill ee2eaf 
 	        (/lib64/*|/usr/lib64/*|/usr/X11R6/lib64/*|/usr/local/lib64/*)
James Antill ee2eaf 
 		    badness=0;;
James Antill ee2eaf
James Antill ee2eaf 
-		(\$ORIGIN|\${ORIGINX}|\$ORIGIN/*|\${ORIGINX}/*)
James Antill ee2eaf 
+		(\$ORIGIN|\$\{ORIGINX\}|\$ORIGIN/*|\$\{ORIGINX\}/*)
James Antill ee2eaf 
 		    test $allow_ORIGIN -eq 0 && badness=8 || {
James Antill ee2eaf 
 			badness=0
James Antill ee2eaf 
 			new_allow_ORIGIN=1
James Antill ee2eaf 
 		    }
James Antill ee2eaf 
 		    ;;
James Antill ee2eaf 
-		(/*\$PLATFORM*|/*\${PLATFORM}*|/*\$LIB*|/*\${LIB}*)
James Antill ee2eaf 
+		(/*\$PLATFORM*|/*\$\{PLATFORM\}*|/*\$LIB*|/*\$\{LIB\}*)
James Antill ee2eaf 
 		    badness=0;;
James Antill ee2eaf
James Antill ee2eaf 
 	        (/lib|/usr/lib|/usr/X11R6/lib)
James Antill ee2eaf 
From d8dc4fd37b1d90cd97de7fcf484d449ec132c9b3 Mon Sep 17 00:00:00 2001
James Antill ee2eaf 
From: Michal Domonkos <mdomonko@redhat.com>
James Antill ee2eaf 
Date: Wed, 9 Jun 2021 21:31:40 +0200
James Antill ee2eaf 
Subject: [PATCH 1/7] Fix memory leak in sqlexec()
James Antill ee2eaf
James Antill ee2eaf 
Callers are supposed to free the error strings themselves:
James Antill ee2eaf 
https://www.sqlite.org/capi3ref.html#sqlite3_exec
James Antill ee2eaf
James Antill ee2eaf 
Found by Coverity.
James Antill ee2eaf 
---
James Antill ee2eaf 
 lib/backend/sqlite.c | 1 +
James Antill ee2eaf 
 1 file changed, 1 insertion(+)
James Antill ee2eaf
James Antill ee2eaf 
diff --git a/lib/backend/sqlite.c b/lib/backend/sqlite.c
James Antill ee2eaf 
index 7c2de45aa..dbefeb163 100644
James Antill ee2eaf 
--- a/lib/backend/sqlite.c
James Antill ee2eaf 
+++ b/lib/backend/sqlite.c
James Antill ee2eaf 
@@ -233,6 +233,7 @@ static int sqlexec(sqlite3 *sdb, const char *fmt, ...)
James Antill ee2eaf 
 	rpmlog(RPMLOG_DEBUG, "%s: %d\n", cmd, rc);
James Antill ee2eaf
James Antill ee2eaf 
     sqlite3_free(cmd);
James Antill ee2eaf 
+    sqlite3_free(err);
James Antill ee2eaf
James Antill ee2eaf 
     return rc ? RPMRC_FAIL : RPMRC_OK;
James Antill ee2eaf 
 }
James Antill ee2eaf 
--
James Antill ee2eaf 
2.31.1
James Antill ee2eaf
James Antill ee2eaf 
From 5baf73feb4951cc3b3f553a4b18d3b3599cbf87c Mon Sep 17 00:00:00 2001
James Antill ee2eaf 
From: Michal Domonkos <mdomonko@redhat.com>
James Antill ee2eaf 
Date: Fri, 25 Jun 2021 11:21:46 +0200
James Antill ee2eaf 
Subject: [PATCH 2/7] Always free the arg list passed to rpmGlob()
James Antill ee2eaf
James Antill ee2eaf 
Even though the actual implementation of rpmGlob() does not allocate the
James Antill ee2eaf 
passed arg list (av) if the return code (rc) is non-zero or arg count
James Antill ee2eaf 
(ac) is 0, it's the responsibility of the caller (rpmInstall() here) to
James Antill ee2eaf 
free that memory, so make sure we do that irrespectively of the above
James Antill ee2eaf 
conditions.
James Antill ee2eaf
James Antill ee2eaf 
Found by Coverity.
James Antill ee2eaf 
---
James Antill ee2eaf 
 lib/rpminstall.c | 1 +
James Antill ee2eaf 
 1 file changed, 1 insertion(+)
James Antill ee2eaf
James Antill ee2eaf 
diff --git a/lib/rpminstall.c b/lib/rpminstall.c
James Antill ee2eaf 
index 724126e94..302ec0ba1 100644
James Antill ee2eaf 
--- a/lib/rpminstall.c
James Antill ee2eaf 
+++ b/lib/rpminstall.c
James Antill ee2eaf 
@@ -461,6 +461,7 @@ int rpmInstall(rpmts ts, struct rpmInstallArguments_s * ia, ARGV_t fileArgv)
James Antill ee2eaf 
 		rpmlog(RPMLOG_ERR, _("File not found by glob: %s\n"), *eiu->fnp);
James Antill ee2eaf 
 	    }
James Antill ee2eaf 
 	    eiu->numFailed++;
James Antill ee2eaf 
+	    argvFree(av);
James Antill ee2eaf 
 	    continue;
James Antill ee2eaf 
 	}
James Antill ee2eaf
James Antill ee2eaf 
--
James Antill ee2eaf 
2.31.1
James Antill ee2eaf
James Antill ee2eaf 
From 3c8b01b67ec907afaaffe71691fa41b878578527 Mon Sep 17 00:00:00 2001
James Antill ee2eaf 
From: Michal Domonkos <mdomonko@redhat.com>
James Antill ee2eaf 
Date: Mon, 14 Jun 2021 10:21:25 +0200
James Antill ee2eaf 
Subject: [PATCH 3/7] Fix resource leak in Fts_children()
James Antill ee2eaf
James Antill ee2eaf 
This function is not used anywhere within our codebase (and neither is
James Antill ee2eaf 
it part of the public API) so it's basically a no-op... Still, rather
James Antill ee2eaf 
than yanking it completely, let's just silence the Coverity error here.
James Antill ee2eaf
James Antill ee2eaf 
Found by Coverity.
James Antill ee2eaf 
---
James Antill ee2eaf 
 misc/fts.c | 4 +++-
James Antill ee2eaf 
 1 file changed, 3 insertions(+), 1 deletion(-)
James Antill ee2eaf
James Antill ee2eaf 
diff --git a/misc/fts.c b/misc/fts.c
James Antill ee2eaf 
index d3ebb2946..caf27495d 100644
James Antill ee2eaf 
--- a/misc/fts.c
James Antill ee2eaf 
+++ b/misc/fts.c
James Antill ee2eaf 
@@ -585,8 +585,10 @@ Fts_children(FTS * sp, int instr)
James Antill ee2eaf 
 	if ((fd = __open(".", O_RDONLY, 0)) < 0)
James Antill ee2eaf 
 		return (NULL);
James Antill ee2eaf 
 	sp->fts_child = fts_build(sp, instr);
James Antill ee2eaf 
-	if (__fchdir(fd))
James Antill ee2eaf 
+	if (__fchdir(fd)) {
James Antill ee2eaf 
+		(void)__close(fd);
James Antill ee2eaf 
 		return (NULL);
James Antill ee2eaf 
+	}
James Antill ee2eaf 
 	(void)__close(fd);
James Antill ee2eaf 
 	return (sp->fts_child);
James Antill ee2eaf 
 }
James Antill ee2eaf 
--
James Antill ee2eaf 
2.31.1
James Antill ee2eaf
James Antill ee2eaf 
From 39b7bf8579e0522cf16347b3a7e332d3b6d742c6 Mon Sep 17 00:00:00 2001
James Antill ee2eaf 
From: Michal Domonkos <mdomonko@redhat.com>
James Antill ee2eaf 
Date: Mon, 14 Jun 2021 12:34:23 +0200
James Antill ee2eaf 
Subject: [PATCH 4/7] Fix memory leak in fts_build()
James Antill ee2eaf
James Antill ee2eaf 
Turns out this leak is already fixed in glibc's current version of fts.c
James Antill ee2eaf 
(where our copy originates from), so let's just backport that.
James Antill ee2eaf
James Antill ee2eaf 
Original commit in glibc:
James Antill ee2eaf 
https://sourceware.org/git/?p=glibc.git;\
James Antill ee2eaf 
a=commit;h=db67c2c98b89a5723af44df54f38b779de8d4a65
James Antill ee2eaf
James Antill ee2eaf 
Found by Coverity.
James Antill ee2eaf 
---
James Antill ee2eaf 
 misc/fts.c | 2 ++
James Antill ee2eaf 
 1 file changed, 2 insertions(+)
James Antill ee2eaf
James Antill ee2eaf 
diff --git a/misc/fts.c b/misc/fts.c
James Antill ee2eaf 
index caf27495d..f7fce0eaa 100644
James Antill ee2eaf 
--- a/misc/fts.c
James Antill ee2eaf 
+++ b/misc/fts.c
James Antill ee2eaf 
@@ -855,6 +855,7 @@ mem1:				saved_errno = errno;
James Antill ee2eaf 
 	     fts_safe_changedir(sp, cur->fts_parent, -1, ".."))) {
James Antill ee2eaf 
 		cur->fts_info = FTS_ERR;
James Antill ee2eaf 
 		SET(FTS_STOP);
James Antill ee2eaf 
+		fts_lfree(head);
James Antill ee2eaf 
 		return (NULL);
James Antill ee2eaf 
 	}
James Antill ee2eaf
James Antill ee2eaf 
@@ -862,6 +863,7 @@ mem1:				saved_errno = errno;
James Antill ee2eaf 
 	if (!nitems) {
James Antill ee2eaf 
 		if (type == BREAD)
James Antill ee2eaf 
 			cur->fts_info = FTS_DP;
James Antill ee2eaf 
+		fts_lfree(head);
James Antill ee2eaf 
 		return (NULL);
James Antill ee2eaf 
 	}
James Antill ee2eaf
James Antill ee2eaf 
--
James Antill ee2eaf 
2.31.1
James Antill ee2eaf
James Antill ee2eaf 
From 9c093c4f092dd6bd1e0c8d2b852a72b74db076c2 Mon Sep 17 00:00:00 2001
James Antill ee2eaf 
From: Michal Domonkos <mdomonko@redhat.com>
James Antill ee2eaf 
Date: Tue, 15 Jun 2021 13:34:21 +0200
James Antill ee2eaf 
Subject: [PATCH 5/7] Fix memory leak in decodePkts()
James Antill ee2eaf
James Antill ee2eaf 
Found by Coverity.
James Antill ee2eaf 
---
James Antill ee2eaf 
 rpmio/rpmpgp.c | 6 +++++-
James Antill ee2eaf 
 1 file changed, 5 insertions(+), 1 deletion(-)
James Antill ee2eaf
James Antill ee2eaf 
diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
James Antill ee2eaf 
index c59185dce..ee5c81e24 100644
James Antill ee2eaf 
--- a/rpmio/rpmpgp.c
James Antill ee2eaf 
+++ b/rpmio/rpmpgp.c
James Antill ee2eaf 
@@ -1371,9 +1371,13 @@ static pgpArmor decodePkts(uint8_t *b, uint8_t **pkt, size_t *pktlen)
James Antill ee2eaf 
 	    crc = pgpCRC(dec, declen);
James Antill ee2eaf 
 	    if (crcpkt != crc) {
James Antill ee2eaf 
 		ec = PGPARMOR_ERR_CRC_CHECK;
James Antill ee2eaf 
+		_free(dec);
James Antill ee2eaf 
 		goto exit;
James Antill ee2eaf 
 	    }
James Antill ee2eaf 
-	    if (pkt) *pkt = dec;
James Antill ee2eaf 
+	    if (pkt)
James Antill ee2eaf 
+		*pkt = dec;
James Antill ee2eaf 
+	    else
James Antill ee2eaf 
+		_free(dec);
James Antill ee2eaf 
 	    if (pktlen) *pktlen = declen;
James Antill ee2eaf 
 	    ec = PGPARMOR_PUBKEY;	/* XXX ASCII Pubkeys only, please. */
James Antill ee2eaf 
 	    goto exit;
James Antill ee2eaf 
--
James Antill ee2eaf 
2.31.1
James Antill ee2eaf
James Antill ee2eaf 
From 590b2fc06252567eb7d57197dc361a8b459d62a3 Mon Sep 17 00:00:00 2001
James Antill ee2eaf 
From: Michal Domonkos <mdomonko@redhat.com>
James Antill ee2eaf 
Date: Mon, 21 Jun 2021 17:51:14 +0200
James Antill ee2eaf 
Subject: [PATCH 6/7] Fix memory leak with multiple %lang-s in one line
James Antill ee2eaf
James Antill ee2eaf 
We permit two equivalent forms of specifying a list of languages per
James Antill ee2eaf 
file:
James Antill ee2eaf
James Antill ee2eaf 
  %lang(xx,yy,zz) /path/to/file
James Antill ee2eaf 
  %lang(xx) %lang(yy) %lang(zz) /path/to/file
James Antill ee2eaf
James Antill ee2eaf 
The leak was when parsing the second form.
James Antill ee2eaf
James Antill ee2eaf 
Found by Coverity.
James Antill ee2eaf 
---
James Antill ee2eaf 
 build/files.c | 2 ++
James Antill ee2eaf 
 1 file changed, 2 insertions(+)
James Antill ee2eaf
James Antill ee2eaf 
diff --git a/build/files.c b/build/files.c
James Antill ee2eaf 
index f8153ad2b..0c8859f6c 100644
James Antill ee2eaf 
--- a/build/files.c
James Antill ee2eaf 
+++ b/build/files.c
James Antill ee2eaf 
@@ -777,6 +777,8 @@ static rpmRC parseForLang(char * buf, FileEntry cur)
James Antill ee2eaf
James Antill ee2eaf 
 	if (*pe == ',') pe++;	/* skip , if present */
James Antill ee2eaf 
     }
James Antill ee2eaf 
+
James Antill ee2eaf 
+    q = _free(q);
James Antill ee2eaf 
   }
James Antill ee2eaf
James Antill ee2eaf 
     rc = RPMRC_OK;
James Antill ee2eaf 
--
James Antill ee2eaf 
2.31.1
James Antill ee2eaf
James Antill ee2eaf 
From b7a1e996326ee29a163d67ceb1e6127fdc251c14 Mon Sep 17 00:00:00 2001
James Antill ee2eaf 
From: Michal Domonkos <mdomonko@redhat.com>
James Antill ee2eaf 
Date: Fri, 25 Jun 2021 15:15:08 +0200
James Antill ee2eaf 
Subject: [PATCH 7/7] Fix memory leaks in Lua rex extension
James Antill ee2eaf
James Antill ee2eaf 
This covers the following usage:
James Antill ee2eaf
James Antill ee2eaf 
expr = rex.newPOSIX(<regex>)
James Antill ee2eaf 
expr:match(<string>)           # A leak occurred here
James Antill ee2eaf 
expr:gmatch(<string>, <func>)  # A leak occurred here
James Antill ee2eaf
James Antill ee2eaf 
Found by Coverity.
James Antill ee2eaf 
---
James Antill ee2eaf 
 luaext/lrexlib.c | 9 ++++++---
James Antill ee2eaf 
 1 file changed, 6 insertions(+), 3 deletions(-)
James Antill ee2eaf
James Antill ee2eaf 
diff --git a/luaext/lrexlib.c b/luaext/lrexlib.c
James Antill ee2eaf 
index 09c5a6454..0f29b6371 100644
James Antill ee2eaf 
--- a/luaext/lrexlib.c
James Antill ee2eaf 
+++ b/luaext/lrexlib.c
James Antill ee2eaf 
@@ -80,6 +80,7 @@ static void rex_push_matches(lua_State *L, const char *text, regmatch_t *match,
James Antill ee2eaf
James Antill ee2eaf 
 static int rex_match(lua_State *L)
James Antill ee2eaf 
 {
James Antill ee2eaf 
+  int rc = 0;
James Antill ee2eaf 
   int res;
James Antill ee2eaf 
 #ifdef REG_BASIC
James Antill ee2eaf 
   size_t len;
James Antill ee2eaf 
@@ -109,9 +110,10 @@ static int rex_match(lua_State *L)
James Antill ee2eaf 
     lua_pushstring(L, "n");
James Antill ee2eaf 
     lua_pushnumber(L, ncapt);
James Antill ee2eaf 
     lua_rawset(L, -3);
James Antill ee2eaf 
-    return 3;
James Antill ee2eaf 
-  } else
James Antill ee2eaf 
-    return 0;
James Antill ee2eaf 
+    rc = 3;
James Antill ee2eaf 
+  }
James Antill ee2eaf 
+  free(match);
James Antill ee2eaf 
+  return rc;
James Antill ee2eaf 
 }
James Antill ee2eaf
James Antill ee2eaf 
 static int rex_gmatch(lua_State *L)
James Antill ee2eaf 
@@ -158,6 +160,7 @@ static int rex_gmatch(lua_State *L)
James Antill ee2eaf 
       break;
James Antill ee2eaf 
   }
James Antill ee2eaf 
   lua_pushnumber(L, nmatch);
James Antill ee2eaf 
+  free(match);
James Antill ee2eaf 
   return 1;
James Antill ee2eaf 
 }
James Antill ee2eaf
James Antill ee2eaf 
--
James Antill ee2eaf 
2.31.1
James Antill ee2eaf
James Antill ee2eaf 
commit 9747a6af016a3458d54fe060777c95e3900b5fa4
James Antill ee2eaf 
Author: Demi Marie Obenour <athena@invisiblethingslab.com>
James Antill ee2eaf 
Date:   Tue Mar 2 12:47:29 2021 -0500
James Antill ee2eaf
James Antill ee2eaf 
    Fix a tiny memory leak
James Antill ee2eaf
James Antill ee2eaf 
    Found by fuzzing rpmReadPackageFile() with libfuzzer under ASAN.
James Antill ee2eaf
James Antill ee2eaf 
diff --git a/lib/headerutil.c b/lib/headerutil.c
James Antill ee2eaf 
index 22e36c74d..fab210ff2 100644
James Antill ee2eaf 
--- a/lib/headerutil.c
James Antill ee2eaf 
+++ b/lib/headerutil.c
James Antill ee2eaf 
@@ -333,8 +333,10 @@ static void providePackageNVR(Header h)
James Antill ee2eaf 
     rpmds hds, nvrds;
James Antill ee2eaf
James Antill ee2eaf 
     /* Generate provides for this package name-version-release. */
James Antill ee2eaf 
-    if (!(name && pEVR))
James Antill ee2eaf 
+    if (!(name && pEVR)) {
James Antill ee2eaf 
+	free(pEVR);
James Antill ee2eaf 
 	return;
James Antill ee2eaf 
+    }
James Antill ee2eaf
James Antill ee2eaf 
     /*
James Antill ee2eaf 
      * Rpm prior to 3.0.3 does not have versioned provides.
James Antill ee2eaf 
commit cb2ae4bdf2f60876fdc68e3f84938e9c37182fab
James Antill ee2eaf 
Author: Igor Gnatenko <i.gnatenko.brain@gmail.com>
James Antill ee2eaf 
Date:   Tue Feb 6 14:50:27 2018 +0100
James Antill ee2eaf
James Antill ee2eaf 
    lua: fix memory leak in Pexec()
James Antill ee2eaf
James Antill ee2eaf 
    Signed-off-by: Igor Gnatenko <i.gnatenko.brain@gmail.com>
James Antill ee2eaf
James Antill ee2eaf 
diff --git a/luaext/lposix.c b/luaext/lposix.c
James Antill ee2eaf 
index 5d7ad3c87..2730bcff7 100644
James Antill ee2eaf 
--- a/luaext/lposix.c
James Antill ee2eaf 
+++ b/luaext/lposix.c
James Antill ee2eaf 
@@ -348,6 +348,7 @@ static int Pexec(lua_State *L)			/** exec(path,[args]) */
James Antill ee2eaf 
 	for (i=1; i
James Antill ee2eaf 
 	argv[i] = NULL;
James Antill ee2eaf 
 	execvp(path,argv);
James Antill ee2eaf 
+	free(argv);
James Antill ee2eaf 
 	return pusherror(L, path);
James Antill ee2eaf 
 }

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation