From 7f06d64a08c60e7c0b0d165997cafcd8f8aa1cfc Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Oct 06 2021 10:19:19 +0000 Subject: import open-vm-tools-11.2.5-2.el8 --- diff --git a/.gitignore b/.gitignore index 3eb7abc..ee3e12c 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/open-vm-tools-11.2.0-16938113.tar.gz +SOURCES/open-vm-tools-11.2.5-17337674.tar.gz diff --git a/.open-vm-tools.metadata b/.open-vm-tools.metadata index 57dc8c3..2e072f0 100644 --- a/.open-vm-tools.metadata +++ b/.open-vm-tools.metadata @@ -1 +1 @@ -bc13fc234d845604a9d84ab09fd41054a0ee9578 SOURCES/open-vm-tools-11.2.0-16938113.tar.gz +bf29ee42227601fe0c0380822fa4cd2cc0f46c55 SOURCES/open-vm-tools-11.2.5-17337674.tar.gz diff --git a/SOURCES/ovt-Fix-a-memory-leak-reported-by-a-partner-from-their-C.patch b/SOURCES/ovt-Fix-a-memory-leak-reported-by-a-partner-from-their-C.patch new file mode 100644 index 0000000..3bb62ea --- /dev/null +++ b/SOURCES/ovt-Fix-a-memory-leak-reported-by-a-partner-from-their-C.patch @@ -0,0 +1,72 @@ +From 46b67e93a5458ef50eebfeb6a16e1df417274003 Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Sun, 25 Apr 2021 14:54:39 -0400 +Subject: [PATCH] Fix a memory leak reported by a partner from their Coverity + scans. +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Cathy Avery (cavery) +RH-MergeRequest: 3: Fix a memory leak reported by a partner from their Coverity scans. +RH-Commit: [1/1] 31c94232c885c6d902cae33720a063ab0de401ce +RH-Bugzilla: 1935807 +RH-Acked-by: Mohammed Gamal +RH-Acked-by: Philippe Mathieu-Daudé + +commit 4f7441d8cd20923e509ff819084693bbd8c928df +Author: John Wolfe +Date: Thu Mar 25 20:21:17 2021 -0700 + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1935807 +Brew: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=36406926 +Tested: Tested by QE +Upstream Status: origin/devel +Conflicts: None + + Fix a memory leak reported by a partner from their Coverity scans. + +Signed-off-by: Cathy Avery +--- + open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c | 8 +++----- + 1 file changed, 3 insertions(+), 5 deletions(-) + +diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +index fbadee2c..aaa5082a 100644 +--- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c ++++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +@@ -1,5 +1,5 @@ + /********************************************************* +- * Copyright (C) 2016-2020 VMware, Inc. All rights reserved. ++ * Copyright (C) 2016-2021 VMware, Inc. All rights reserved. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published +@@ -872,7 +872,6 @@ VerifySubject(xmlDocPtr doc, + xmlNodePtr nameIDNode; + xmlNodePtr child; + gchar *subjectVal = NULL; +- gboolean retCode = FALSE; + gboolean validSubjectFound = FALSE; + xmlChar *tmp; + +@@ -956,14 +955,13 @@ VerifySubject(xmlDocPtr doc, + } + } + ++done: + if (validSubjectFound && (NULL != subjectRet)) { + *subjectRet = subjectVal; + } else { + g_free(subjectVal); + } +- retCode = validSubjectFound; +-done: +- return retCode; ++ return validSubjectFound; + } + + +-- +2.27.0 + diff --git a/SOURCES/ovt-Fix-memory-leaks.patch b/SOURCES/ovt-Fix-memory-leaks.patch deleted file mode 100644 index db83e4a..0000000 --- a/SOURCES/ovt-Fix-memory-leaks.patch +++ /dev/null @@ -1,249 +0,0 @@ -From 95800c144d2ab2af95cdc8f08df0518c496a579a Mon Sep 17 00:00:00 2001 -From: Cathy Avery -Date: Thu, 12 Nov 2020 09:01:08 -0500 -Subject: [PATCH] Fix memory leaks. - -RH-Author: Cathy Avery (cavery) -RH-MergeRequest: 2: Fix memory leaks. -RH-Commit: [1/1] 79ac85f5e8c31cc48b7b0834682c6320afcc2288 (cavery/open-vm-tools) -RH-Bugzilla: 1896804 - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1896804 -Brew: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=33050983 -Tested: By QE -Upstream Status: devel branch - -A Coverity scan of open-vm-tools reported a number of memory leaks -on error code paths. Fix seven reported leaks, and modify code -to address two false positives in order to make the code clearer -and/or keep Coverity from reporting the issues. Also fix additional -leaks found in the routine Proto_TextContents during code review. - -(cherry picked from commit e18e67f727d0354b08a55b685178fd05f542c6da) -Signed-off-by: Cathy Avery ---- - open-vm-tools/libvmtools/vmtoolsLog.c | 6 ++--- - .../plugins/guestInfo/guestInfoServer.c | 2 +- - open-vm-tools/services/vmtoolsd/pluginMgr.c | 1 + - open-vm-tools/vgauth/lib/proto.c | 23 +++++++++++++++---- - open-vm-tools/vgauth/serviceImpl/alias.c | 4 ++++ - 5 files changed, 28 insertions(+), 8 deletions(-) - -diff --git a/open-vm-tools/libvmtools/vmtoolsLog.c b/open-vm-tools/libvmtools/vmtoolsLog.c -index a991b49f..bea5abd4 100644 ---- a/open-vm-tools/libvmtools/vmtoolsLog.c -+++ b/open-vm-tools/libvmtools/vmtoolsLog.c -@@ -2395,7 +2395,6 @@ VMTools_ChangeLogFilePath(const gchar *delimiter, // IN - { - gchar key[128]; - gchar *path = NULL; -- gchar *userLogTemp = NULL; - gchar **tokens; - gboolean retVal = FALSE; - -@@ -2412,8 +2411,9 @@ VMTools_ChangeLogFilePath(const gchar *delimiter, // IN - - tokens = g_strsplit(path, delimiter, 2); - if (tokens != NULL && *tokens != NULL){ -- userLogTemp = g_strjoin(appendString, *tokens, " ", NULL); -- userLogTemp = g_strchomp (userLogTemp); -+ char *userLogTemp = g_strjoin(appendString, *tokens, " ", NULL); -+ -+ g_strchomp(userLogTemp); - if (*(tokens+1) != NULL){ - gchar *userLog; - userLog = g_strjoin(delimiter, userLogTemp, *(tokens+1), NULL); -diff --git a/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c b/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c -index c1ab6962..ab6725fe 100644 ---- a/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c -+++ b/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c -@@ -1298,12 +1298,12 @@ GuestInfoSendDiskInfoV1(ToolsAppCtx *ctx, // IN - b64name, - pdi->partitionList[i].freeBytes, - pdi->partitionList[i].totalBytes); -+ g_free(b64name); - if (len <= 0) { - goto exit; - } - - DynBuf_Append(&dynBuffer, tmpBuf, len); -- g_free(b64name); - - if (pdi->partitionList[i].fsType[0] != '\0') { - len = Str_Snprintf(tmpBuf, sizeof tmpBuf, jsonPerDiskFsTypeFmt, -diff --git a/open-vm-tools/services/vmtoolsd/pluginMgr.c b/open-vm-tools/services/vmtoolsd/pluginMgr.c -index 53b91f7a..d5f2c0ef 100644 ---- a/open-vm-tools/services/vmtoolsd/pluginMgr.c -+++ b/open-vm-tools/services/vmtoolsd/pluginMgr.c -@@ -512,6 +512,7 @@ ToolsCoreLoadDirectory(ToolsAppCtx *ctx, - dir = g_dir_open(pluginPath, 0, &err); - if (dir == NULL) { - g_warning("Error opening dir: %s\n", err->message); -+ g_clear_error(&err); - goto exit; - } - -diff --git a/open-vm-tools/vgauth/lib/proto.c b/open-vm-tools/vgauth/lib/proto.c -index 12386918..01df9df7 100644 ---- a/open-vm-tools/vgauth/lib/proto.c -+++ b/open-vm-tools/vgauth/lib/proto.c -@@ -830,8 +830,10 @@ Proto_TextContents(GMarkupParseContext *parseContext, - g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT, - "Found pipeName in reply type %d", - reply->expectedReplyType); -+ g_free(val); -+ } else { -+ reply->replyData.sessionReq.pipeName = val; - } -- reply->replyData.sessionReq.pipeName = val; - break; - - case PARSE_STATE_TICKET: -@@ -839,8 +841,10 @@ Proto_TextContents(GMarkupParseContext *parseContext, - g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT, - "Found ticket in reply type %d", - reply->expectedReplyType); -+ g_free(val); -+ } else { -+ reply->replyData.createTicket.ticket = val; - } -- reply->replyData.createTicket.ticket = val; - break; - - case PARSE_STATE_TOKEN: -@@ -853,6 +857,7 @@ Proto_TextContents(GMarkupParseContext *parseContext, - g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT, - "Found token in reply type %d", - reply->expectedReplyType); -+ g_free(val); - } - break; - -@@ -863,6 +868,7 @@ Proto_TextContents(GMarkupParseContext *parseContext, - g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT, - "Found token in reply type %d", - reply->expectedReplyType); -+ g_free(val); - } - break; - -@@ -878,6 +884,7 @@ Proto_TextContents(GMarkupParseContext *parseContext, - g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT, - "Found username in reply type %d", - reply->expectedReplyType); -+ g_free(val); - } - break; - -@@ -890,6 +897,7 @@ Proto_TextContents(GMarkupParseContext *parseContext, - g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT, - "Found pemCert in reply type %d", - reply->expectedReplyType); -+ g_free(val); - } - break; - case PARSE_STATE_CERTCOMMENT: -@@ -899,6 +907,7 @@ Proto_TextContents(GMarkupParseContext *parseContext, - g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT, - "Found cert comment in reply type %d", - reply->expectedReplyType); -+ g_free(val); - } - break; - -@@ -923,6 +932,7 @@ Proto_TextContents(GMarkupParseContext *parseContext, - g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT, - "Found SAMLSubject in reply type %d", - reply->expectedReplyType); -+ g_free(val); - } - break; - case PARSE_STATE_USERHANDLETYPE: -@@ -968,6 +978,7 @@ Proto_TextContents(GMarkupParseContext *parseContext, - g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT, - "Found NamedSubject in reply type %d", - reply->expectedReplyType); -+ g_free(val); - } - break; - case PARSE_STATE_ANYSUBJECT: -@@ -990,6 +1001,7 @@ Proto_TextContents(GMarkupParseContext *parseContext, - "Found AnySubject in reply type %d", - reply->expectedReplyType); - } -+ g_free(val); - break; - case PARSE_STATE_COMMENT: - if (PROTO_REPLY_QUERYALIASES == reply->expectedReplyType) { -@@ -1005,11 +1017,13 @@ Proto_TextContents(GMarkupParseContext *parseContext, - g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT, - "Found comment in reply type %d", - reply->expectedReplyType); -+ g_free(val); - } - break; - default: - g_warning("Unexpected value '%s' in unhandled parseState %d in %s\n", - val, reply->parseState, __FUNCTION__); -+ g_free(val); - ASSERT(0); - } - } -@@ -1200,7 +1214,6 @@ VGAuth_ReadAndParseResponse(VGAuthContext *ctx, - VGAuthError err = VGAUTH_E_OK; - GMarkupParseContext *parseContext; - gsize len; -- gchar *rawReply = NULL; - ProtoReply *reply; - gboolean bRet; - GError *gErr = NULL; -@@ -1217,6 +1230,8 @@ VGAuth_ReadAndParseResponse(VGAuthContext *ctx, - * transport. - */ - while (!reply->complete) { -+ gchar *rawReply = NULL; -+ - err = VGAuth_CommReadData(ctx, &len, &rawReply); - if (0 == len) { // EOF -- not expected - err = VGAUTH_E_COMM; -@@ -1237,6 +1252,7 @@ VGAuth_ReadAndParseResponse(VGAuthContext *ctx, - rawReply, - len, - &gErr); -+ g_free(rawReply); - if (!bRet) { - /* - * XXX Could drain the wire here, but since this should -@@ -1252,7 +1268,6 @@ VGAuth_ReadAndParseResponse(VGAuthContext *ctx, - * XXX need some way to break out if packet never completed - * yet socket left valid. timer? - */ -- g_free(rawReply); - } - - #if VGAUTH_PROTO_TRACE -diff --git a/open-vm-tools/vgauth/serviceImpl/alias.c b/open-vm-tools/vgauth/serviceImpl/alias.c -index f6cde02c..0a43811e 100644 ---- a/open-vm-tools/vgauth/serviceImpl/alias.c -+++ b/open-vm-tools/vgauth/serviceImpl/alias.c -@@ -3158,6 +3158,9 @@ ServiceIDVerifyStoreContents(void) - * a blacklist of bad files and keep going. but that's - * a lot of risky work that's very hard to test, so punt for now. - */ -+ g_free(badFileName); -+ g_free(fullFileName); -+ g_dir_close(dir); - return VGAUTH_E_FAIL; - } else { - Audit_Event(TRUE, -@@ -3408,6 +3411,7 @@ ServiceAliasInitAliasStore(void) - "Failed to rename suspect Alias store directory '%s' to '%s'"), - aliasStoreRootDir, badRootDirName); - // XXX making this fatal for now. can we do anything better? -+ g_free(badRootDirName); - return VGAUTH_E_FAIL; - } - g_free(badRootDirName); --- -2.18.4 - diff --git a/SPECS/open-vm-tools.spec b/SPECS/open-vm-tools.spec index 1f894b2..404629a 100644 --- a/SPECS/open-vm-tools.spec +++ b/SPECS/open-vm-tools.spec @@ -1,5 +1,5 @@ ################################################################################ -### Copyright 2013-2020 VMware, Inc. All rights reserved. +### Copyright 2013-2021 VMware, Inc. All rights reserved. ### ### RPM SPEC file for building open-vm-tools packages. ### @@ -20,8 +20,8 @@ %global _hardened_build 1 %global majorversion 11.2 -%global minorversion 0 -%global toolsbuild 16938113 +%global minorversion 5 +%global toolsbuild 17337674 %global toolsversion %{majorversion}.%{minorversion} %global toolsdaemon vmtoolsd @@ -41,11 +41,13 @@ Source3: run-vmblock\x2dfuse.mount Source4: open-vm-tools.conf Source5: vmtoolsd.pam +# For bz#1935807 - [ESXi][RHEL-8.5][open-vm-tools] Coverity detected an important defect in open-vm-tools-11.2.5 rebase +Patch1: ovt-Fix-a-memory-leak-reported-by-a-partner-from-their-C.patch + ExclusiveArch: x86_64 -# For bz#1896804 - [ESXi][open-vm-tools] Coverity detected important defects in open-vm-tools-11.2.0 rebase -Patch1: ovt-Fix-memory-leaks.patch +BuildRequires: make BuildRequires: autoconf BuildRequires: automake BuildRequires: libtool @@ -57,7 +59,6 @@ BuildRequires: glib2-devel >= 2.14.0 BuildRequires: gdk-pixbuf2-xlib-devel BuildRequires: gtk3-devel >= 3.10.0 BuildRequires: gtkmm30-devel >= 3.10.0 -BuildRequires: libdnet-devel BuildRequires: libicu-devel BuildRequires: libmspack-devel # Unfortunately, xmlsec1-openssl does not add libtool-ltdl @@ -365,6 +366,16 @@ fi %{_bindir}/vmware-vgauth-smoketest %changelog +* Thu Apr 29 2021 Miroslav Rezanina - 11.2.5-2.el8 +- ovt-Fix-a-memory-leak-reported-by-a-partner-from-their-C.patch [bz#1935807] +- Resolves: bz#1935807 + ([ESXi][RHEL-8.5][open-vm-tools] Coverity detected an important defect in open-vm-tools-11.2.5 rebase) + +* Tue Mar 02 2021 Miroslav Rezanina - 11.2.5-1.el8 +- Rebase to 11.2.5 [bz#1916561] +- Resolves: bz#1916561 + ([ESXi][RHEL8.5]Open-vm-tools update release 11.2.5 has been released) + * Tue Dec 01 2020 Miroslav Rezanina - 11.2.0-2.el8 - ovt-Fix-memory-leaks.patch [bz#1896804] - Resolves: bz#1896804