teknoraver / rpms / rpm

Forked from rpms/rpm 4 months ago
Clone

Blame rpm-4.16.1.3-imp-covscan-fixes.patch

Michal Domonkos 15e070
commit c7d7c5acd0c14d0450016887cba1d86483086794
Michal Domonkos 15e070
Author: Michal Domonkos <mdomonko@redhat.com>
Michal Domonkos 15e070
Date:   Mon Jun 21 10:05:10 2021 +0200
Michal Domonkos 15e070
Michal Domonkos 15e070
    Add quoting to literal curly brackets
Michal Domonkos 15e070
    
Michal Domonkos 15e070
    These curly brackets are already treated as literals by the shell, so
Michal Domonkos 15e070
    let's make that explicit for clarity, and silence a ShellCheck warning
Michal Domonkos 15e070
    at the same time.
Michal Domonkos 15e070
    
Michal Domonkos 15e070
    More info: https://github.com/koalaman/shellcheck/wiki/SC1083
Michal Domonkos 15e070
    
Michal Domonkos 15e070
    Found by ShellCheck.
Michal Domonkos 15e070
Michal Domonkos 15e070
    Adjusted for 4.16.1.3
Michal Domonkos 15e070
Michal Domonkos 15e070
diff -up rpm-4.16.1.3/scripts/check-rpaths-worker.orig rpm-4.16.1.3/scripts/check-rpaths-worker
Michal Domonkos 15e070
--- rpm-4.16.1.3/scripts/check-rpaths-worker.orig	2021-06-29 15:34:31.671003589 +0200
Michal Domonkos 15e070
+++ rpm-4.16.1.3/scripts/check-rpaths-worker	2021-06-29 15:34:51.993414093 +0200
Michal Domonkos 15e070
@@ -120,13 +120,13 @@ for i; do
Michal Domonkos 15e070
 	        (/lib64/*|/usr/lib64/*|/usr/X11R6/lib64/*|/usr/local/lib64/*)
Michal Domonkos 15e070
 		    badness=0;;
Michal Domonkos 15e070
 
Michal Domonkos 15e070
-		(\$ORIGIN|\${ORIGINX}|\$ORIGIN/*|\${ORIGINX}/*)
Michal Domonkos 15e070
+		(\$ORIGIN|\$\{ORIGINX\}|\$ORIGIN/*|\$\{ORIGINX\}/*)
Michal Domonkos 15e070
 		    test $allow_ORIGIN -eq 0 && badness=8 || {
Michal Domonkos 15e070
 			badness=0
Michal Domonkos 15e070
 			new_allow_ORIGIN=1
Michal Domonkos 15e070
 		    }
Michal Domonkos 15e070
 		    ;;
Michal Domonkos 15e070
-		(/*\$PLATFORM*|/*\${PLATFORM}*|/*\$LIB*|/*\${LIB}*)
Michal Domonkos 15e070
+		(/*\$PLATFORM*|/*\$\{PLATFORM\}*|/*\$LIB*|/*\$\{LIB\}*)
Michal Domonkos 15e070
 		    badness=0;;
Michal Domonkos 15e070
 	    	
Michal Domonkos 15e070
 	        (/lib|/usr/lib|/usr/X11R6/lib)
Michal Domonkos 3b3295
From d8dc4fd37b1d90cd97de7fcf484d449ec132c9b3 Mon Sep 17 00:00:00 2001
Michal Domonkos 3b3295
From: Michal Domonkos <mdomonko@redhat.com>
Michal Domonkos 3b3295
Date: Wed, 9 Jun 2021 21:31:40 +0200
Michal Domonkos 3b3295
Subject: [PATCH 1/7] Fix memory leak in sqlexec()
Michal Domonkos 3b3295
Michal Domonkos 3b3295
Callers are supposed to free the error strings themselves:
Michal Domonkos 3b3295
https://www.sqlite.org/capi3ref.html#sqlite3_exec
Michal Domonkos 3b3295
Michal Domonkos 3b3295
Found by Coverity.
Michal Domonkos 3b3295
---
Michal Domonkos 3b3295
 lib/backend/sqlite.c | 1 +
Michal Domonkos 3b3295
 1 file changed, 1 insertion(+)
Michal Domonkos 3b3295
Michal Domonkos 3b3295
diff --git a/lib/backend/sqlite.c b/lib/backend/sqlite.c
Michal Domonkos 3b3295
index 7c2de45aa..dbefeb163 100644
Michal Domonkos 3b3295
--- a/lib/backend/sqlite.c
Michal Domonkos 3b3295
+++ b/lib/backend/sqlite.c
Michal Domonkos 3b3295
@@ -233,6 +233,7 @@ static int sqlexec(sqlite3 *sdb, const char *fmt, ...)
Michal Domonkos 3b3295
 	rpmlog(RPMLOG_DEBUG, "%s: %d\n", cmd, rc);
Michal Domonkos 3b3295
 
Michal Domonkos 3b3295
     sqlite3_free(cmd);
Michal Domonkos 3b3295
+    sqlite3_free(err);
Michal Domonkos 3b3295
 
Michal Domonkos 3b3295
     return rc ? RPMRC_FAIL : RPMRC_OK;
Michal Domonkos 3b3295
 }
Michal Domonkos 3b3295
-- 
Michal Domonkos 3b3295
2.31.1
Michal Domonkos 3b3295
Michal Domonkos 15e070
From 5baf73feb4951cc3b3f553a4b18d3b3599cbf87c Mon Sep 17 00:00:00 2001
Michal Domonkos 15e070
From: Michal Domonkos <mdomonko@redhat.com>
Michal Domonkos 15e070
Date: Fri, 25 Jun 2021 11:21:46 +0200
Michal Domonkos 3b3295
Subject: [PATCH 2/7] Always free the arg list passed to rpmGlob()
Michal Domonkos 15e070
Michal Domonkos 15e070
Even though the actual implementation of rpmGlob() does not allocate the
Michal Domonkos 15e070
passed arg list (av) if the return code (rc) is non-zero or arg count
Michal Domonkos 15e070
(ac) is 0, it's the responsibility of the caller (rpmInstall() here) to
Michal Domonkos 15e070
free that memory, so make sure we do that irrespectively of the above
Michal Domonkos 15e070
conditions.
Michal Domonkos 15e070
Michal Domonkos 15e070
Found by Coverity.
Michal Domonkos 15e070
---
Michal Domonkos 15e070
 lib/rpminstall.c | 1 +
Michal Domonkos 15e070
 1 file changed, 1 insertion(+)
Michal Domonkos 15e070
Michal Domonkos 15e070
diff --git a/lib/rpminstall.c b/lib/rpminstall.c
Michal Domonkos 15e070
index 724126e94..302ec0ba1 100644
Michal Domonkos 15e070
--- a/lib/rpminstall.c
Michal Domonkos 15e070
+++ b/lib/rpminstall.c
Michal Domonkos 15e070
@@ -461,6 +461,7 @@ int rpmInstall(rpmts ts, struct rpmInstallArguments_s * ia, ARGV_t fileArgv)
Michal Domonkos 15e070
 		rpmlog(RPMLOG_ERR, _("File not found by glob: %s\n"), *eiu->fnp);
Michal Domonkos 15e070
 	    }
Michal Domonkos 15e070
 	    eiu->numFailed++;
Michal Domonkos 15e070
+	    argvFree(av);
Michal Domonkos 15e070
 	    continue;
Michal Domonkos 15e070
 	}
Michal Domonkos 15e070
 
Michal Domonkos 15e070
-- 
Michal Domonkos 15e070
2.31.1
Michal Domonkos 15e070
Michal Domonkos 15e070
From 3c8b01b67ec907afaaffe71691fa41b878578527 Mon Sep 17 00:00:00 2001
Michal Domonkos 15e070
From: Michal Domonkos <mdomonko@redhat.com>
Michal Domonkos 15e070
Date: Mon, 14 Jun 2021 10:21:25 +0200
Michal Domonkos 3b3295
Subject: [PATCH 3/7] Fix resource leak in Fts_children()
Michal Domonkos 15e070
Michal Domonkos 15e070
This function is not used anywhere within our codebase (and neither is
Michal Domonkos 15e070
it part of the public API) so it's basically a no-op... Still, rather
Michal Domonkos 15e070
than yanking it completely, let's just silence the Coverity error here.
Michal Domonkos 15e070
Michal Domonkos 15e070
Found by Coverity.
Michal Domonkos 15e070
---
Michal Domonkos 15e070
 misc/fts.c | 4 +++-
Michal Domonkos 15e070
 1 file changed, 3 insertions(+), 1 deletion(-)
Michal Domonkos 15e070
Michal Domonkos 15e070
diff --git a/misc/fts.c b/misc/fts.c
Michal Domonkos 15e070
index d3ebb2946..caf27495d 100644
Michal Domonkos 15e070
--- a/misc/fts.c
Michal Domonkos 15e070
+++ b/misc/fts.c
Michal Domonkos 15e070
@@ -585,8 +585,10 @@ Fts_children(FTS * sp, int instr)
Michal Domonkos 15e070
 	if ((fd = __open(".", O_RDONLY, 0)) < 0)
Michal Domonkos 15e070
 		return (NULL);
Michal Domonkos 15e070
 	sp->fts_child = fts_build(sp, instr);
Michal Domonkos 15e070
-	if (__fchdir(fd))
Michal Domonkos 15e070
+	if (__fchdir(fd)) {
Michal Domonkos 15e070
+		(void)__close(fd);
Michal Domonkos 15e070
 		return (NULL);
Michal Domonkos 15e070
+	}
Michal Domonkos 15e070
 	(void)__close(fd);
Michal Domonkos 15e070
 	return (sp->fts_child);
Michal Domonkos 15e070
 }
Michal Domonkos 15e070
-- 
Michal Domonkos 15e070
2.31.1
Michal Domonkos 15e070
Michal Domonkos 15e070
From 39b7bf8579e0522cf16347b3a7e332d3b6d742c6 Mon Sep 17 00:00:00 2001
Michal Domonkos 15e070
From: Michal Domonkos <mdomonko@redhat.com>
Michal Domonkos 15e070
Date: Mon, 14 Jun 2021 12:34:23 +0200
Michal Domonkos 3b3295
Subject: [PATCH 4/7] Fix memory leak in fts_build()
Michal Domonkos 15e070
Michal Domonkos 15e070
Turns out this leak is already fixed in glibc's current version of fts.c
Michal Domonkos 15e070
(where our copy originates from), so let's just backport that.
Michal Domonkos 15e070
Michal Domonkos 15e070
Original commit in glibc:
Michal Domonkos 15e070
https://sourceware.org/git/?p=glibc.git;\
Michal Domonkos 15e070
a=commit;h=db67c2c98b89a5723af44df54f38b779de8d4a65
Michal Domonkos 15e070
Michal Domonkos 15e070
Found by Coverity.
Michal Domonkos 15e070
---
Michal Domonkos 15e070
 misc/fts.c | 2 ++
Michal Domonkos 15e070
 1 file changed, 2 insertions(+)
Michal Domonkos 15e070
Michal Domonkos 15e070
diff --git a/misc/fts.c b/misc/fts.c
Michal Domonkos 15e070
index caf27495d..f7fce0eaa 100644
Michal Domonkos 15e070
--- a/misc/fts.c
Michal Domonkos 15e070
+++ b/misc/fts.c
Michal Domonkos 15e070
@@ -855,6 +855,7 @@ mem1:				saved_errno = errno;
Michal Domonkos 15e070
 	     fts_safe_changedir(sp, cur->fts_parent, -1, ".."))) {
Michal Domonkos 15e070
 		cur->fts_info = FTS_ERR;
Michal Domonkos 15e070
 		SET(FTS_STOP);
Michal Domonkos 15e070
+		fts_lfree(head);
Michal Domonkos 15e070
 		return (NULL);
Michal Domonkos 15e070
 	}
Michal Domonkos 15e070
 
Michal Domonkos 15e070
@@ -862,6 +863,7 @@ mem1:				saved_errno = errno;
Michal Domonkos 15e070
 	if (!nitems) {
Michal Domonkos 15e070
 		if (type == BREAD)
Michal Domonkos 15e070
 			cur->fts_info = FTS_DP;
Michal Domonkos 15e070
+		fts_lfree(head);
Michal Domonkos 15e070
 		return (NULL);
Michal Domonkos 15e070
 	}
Michal Domonkos 15e070
 
Michal Domonkos 15e070
-- 
Michal Domonkos 15e070
2.31.1
Michal Domonkos 15e070
Michal Domonkos 15e070
From 9c093c4f092dd6bd1e0c8d2b852a72b74db076c2 Mon Sep 17 00:00:00 2001
Michal Domonkos 15e070
From: Michal Domonkos <mdomonko@redhat.com>
Michal Domonkos 15e070
Date: Tue, 15 Jun 2021 13:34:21 +0200
Michal Domonkos 3b3295
Subject: [PATCH 5/7] Fix memory leak in decodePkts()
Michal Domonkos 15e070
Michal Domonkos 15e070
Found by Coverity.
Michal Domonkos 15e070
---
Michal Domonkos 15e070
 rpmio/rpmpgp.c | 6 +++++-
Michal Domonkos 15e070
 1 file changed, 5 insertions(+), 1 deletion(-)
Michal Domonkos 15e070
Michal Domonkos 15e070
diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
Michal Domonkos 15e070
index c59185dce..ee5c81e24 100644
Michal Domonkos 15e070
--- a/rpmio/rpmpgp.c
Michal Domonkos 15e070
+++ b/rpmio/rpmpgp.c
Michal Domonkos 15e070
@@ -1371,9 +1371,13 @@ static pgpArmor decodePkts(uint8_t *b, uint8_t **pkt, size_t *pktlen)
Michal Domonkos 15e070
 	    crc = pgpCRC(dec, declen);
Michal Domonkos 15e070
 	    if (crcpkt != crc) {
Michal Domonkos 15e070
 		ec = PGPARMOR_ERR_CRC_CHECK;
Michal Domonkos 15e070
+		_free(dec);
Michal Domonkos 15e070
 		goto exit;
Michal Domonkos 15e070
 	    }
Michal Domonkos 15e070
-	    if (pkt) *pkt = dec;
Michal Domonkos 15e070
+	    if (pkt)
Michal Domonkos 15e070
+		*pkt = dec;
Michal Domonkos 15e070
+	    else
Michal Domonkos 15e070
+		_free(dec);
Michal Domonkos 15e070
 	    if (pktlen) *pktlen = declen;
Michal Domonkos 15e070
 	    ec = PGPARMOR_PUBKEY;	/* XXX ASCII Pubkeys only, please. */
Michal Domonkos 15e070
 	    goto exit;
Michal Domonkos 15e070
-- 
Michal Domonkos 15e070
2.31.1
Michal Domonkos 15e070
Michal Domonkos 15e070
From 590b2fc06252567eb7d57197dc361a8b459d62a3 Mon Sep 17 00:00:00 2001
Michal Domonkos 15e070
From: Michal Domonkos <mdomonko@redhat.com>
Michal Domonkos 15e070
Date: Mon, 21 Jun 2021 17:51:14 +0200
Michal Domonkos 3b3295
Subject: [PATCH 6/7] Fix memory leak with multiple %lang-s in one line
Michal Domonkos 15e070
Michal Domonkos 15e070
We permit two equivalent forms of specifying a list of languages per
Michal Domonkos 15e070
file:
Michal Domonkos 15e070
Michal Domonkos 15e070
  %lang(xx,yy,zz) /path/to/file
Michal Domonkos 15e070
  %lang(xx) %lang(yy) %lang(zz) /path/to/file
Michal Domonkos 15e070
Michal Domonkos 15e070
The leak was when parsing the second form.
Michal Domonkos 15e070
Michal Domonkos 15e070
Found by Coverity.
Michal Domonkos 15e070
---
Michal Domonkos 15e070
 build/files.c | 2 ++
Michal Domonkos 15e070
 1 file changed, 2 insertions(+)
Michal Domonkos 15e070
Michal Domonkos 15e070
diff --git a/build/files.c b/build/files.c
Michal Domonkos 15e070
index f8153ad2b..0c8859f6c 100644
Michal Domonkos 15e070
--- a/build/files.c
Michal Domonkos 15e070
+++ b/build/files.c
Michal Domonkos 15e070
@@ -777,6 +777,8 @@ static rpmRC parseForLang(char * buf, FileEntry cur)
Michal Domonkos 15e070
 
Michal Domonkos 15e070
 	if (*pe == ',') pe++;	/* skip , if present */
Michal Domonkos 15e070
     }
Michal Domonkos 15e070
+
Michal Domonkos 15e070
+    q = _free(q);
Michal Domonkos 15e070
   }
Michal Domonkos 15e070
 
Michal Domonkos 15e070
     rc = RPMRC_OK;
Michal Domonkos 15e070
-- 
Michal Domonkos 15e070
2.31.1
Michal Domonkos 15e070
Michal Domonkos 15e070
From b7a1e996326ee29a163d67ceb1e6127fdc251c14 Mon Sep 17 00:00:00 2001
Michal Domonkos 15e070
From: Michal Domonkos <mdomonko@redhat.com>
Michal Domonkos 15e070
Date: Fri, 25 Jun 2021 15:15:08 +0200
Michal Domonkos 3b3295
Subject: [PATCH 7/7] Fix memory leaks in Lua rex extension
Michal Domonkos 15e070
Michal Domonkos 15e070
This covers the following usage:
Michal Domonkos 15e070
Michal Domonkos 15e070
expr = rex.newPOSIX(<regex>)
Michal Domonkos 15e070
expr:match(<string>)           # A leak occurred here
Michal Domonkos 15e070
expr:gmatch(<string>, <func>)  # A leak occurred here
Michal Domonkos 15e070
Michal Domonkos 15e070
Found by Coverity.
Michal Domonkos 15e070
---
Michal Domonkos 15e070
 luaext/lrexlib.c | 9 ++++++---
Michal Domonkos 15e070
 1 file changed, 6 insertions(+), 3 deletions(-)
Michal Domonkos 15e070
Michal Domonkos 15e070
diff --git a/luaext/lrexlib.c b/luaext/lrexlib.c
Michal Domonkos 15e070
index 09c5a6454..0f29b6371 100644
Michal Domonkos 15e070
--- a/luaext/lrexlib.c
Michal Domonkos 15e070
+++ b/luaext/lrexlib.c
Michal Domonkos 15e070
@@ -80,6 +80,7 @@ static void rex_push_matches(lua_State *L, const char *text, regmatch_t *match,
Michal Domonkos 15e070
 
Michal Domonkos 15e070
 static int rex_match(lua_State *L)
Michal Domonkos 15e070
 {
Michal Domonkos 15e070
+  int rc = 0;
Michal Domonkos 15e070
   int res;
Michal Domonkos 15e070
 #ifdef REG_BASIC
Michal Domonkos 15e070
   size_t len;
Michal Domonkos 15e070
@@ -109,9 +110,10 @@ static int rex_match(lua_State *L)
Michal Domonkos 15e070
     lua_pushstring(L, "n");
Michal Domonkos 15e070
     lua_pushnumber(L, ncapt);
Michal Domonkos 15e070
     lua_rawset(L, -3);
Michal Domonkos 15e070
-    return 3;
Michal Domonkos 15e070
-  } else
Michal Domonkos 15e070
-    return 0;
Michal Domonkos 15e070
+    rc = 3;
Michal Domonkos 15e070
+  }
Michal Domonkos 15e070
+  free(match);
Michal Domonkos 15e070
+  return rc;
Michal Domonkos 15e070
 }
Michal Domonkos 15e070
 
Michal Domonkos 15e070
 static int rex_gmatch(lua_State *L)
Michal Domonkos 15e070
@@ -158,6 +160,7 @@ static int rex_gmatch(lua_State *L)
Michal Domonkos 15e070
       break;
Michal Domonkos 15e070
   }
Michal Domonkos 15e070
   lua_pushnumber(L, nmatch);
Michal Domonkos 15e070
+  free(match);
Michal Domonkos 15e070
   return 1;
Michal Domonkos 15e070
 }
Michal Domonkos 15e070
 
Michal Domonkos 15e070
-- 
Michal Domonkos 15e070
2.31.1
Michal Domonkos 15e070