diff --git a/.gitignore b/.gitignore
index 8a2e58d..c32c619 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/open-vm-tools-10.3.0-8931395.tar.gz
+SOURCES/open-vm-tools-10.3.10-12406962.tar.gz
diff --git a/.open-vm-tools.metadata b/.open-vm-tools.metadata
index 8e6b47c..55389fd 100644
--- a/.open-vm-tools.metadata
+++ b/.open-vm-tools.metadata
@@ -1 +1 @@
-236d8159882ab2663043232a59f84eba144d0345 SOURCES/open-vm-tools-10.3.0-8931395.tar.gz
+4f5fcf3f098aaddd3da24caa772575505e286ed7 SOURCES/open-vm-tools-10.3.10-12406962.tar.gz
diff --git a/SOURCES/0002-Update-cloud-init-handling.patch b/SOURCES/0002-Update-cloud-init-handling.patch
deleted file mode 100644
index 52b8fdb..0000000
--- a/SOURCES/0002-Update-cloud-init-handling.patch
+++ /dev/null
@@ -1,198 +0,0 @@
-From 83724a3f0c7ae5bc6586d5fd52a5b432fdd70fab Mon Sep 17 00:00:00 2001
-From: Miroslav Rezanina <mrezanin@redhat.com>
-Date: Tue, 16 Oct 2018 07:20:56 +0200
-Subject: Update cloud-init handling
-
-This update of cloud-init changes for 10.3.0.
----
- open-vm-tools/libDeployPkg/linuxDeployment.c | 57 ++++++++++++++--------
- .../libDeployPkg/linuxDeploymentUtilities.c | 3 +-
- 2 files changed, 38 insertions(+), 22 deletions(-)
-
-diff --git a/libDeployPkg/linuxDeployment.c b/libDeployPkg/linuxDeployment.c
-index 996f184..34c8b95 100644
---- a/libDeployPkg/linuxDeployment.c
-+++ b/libDeployPkg/linuxDeployment.c
-@@ -139,7 +139,7 @@ static bool CopyFileToDirectory(const char* srcPath, const char* destPath,
- const char* fileName);
- static DeployPkgStatus Deploy(const char* pkgName);
- static char** GetFormattedCommandLine(const char* command);
--int ForkExecAndWaitCommand(const char* command);
-+int ForkExecAndWaitCommand(const char* command, bool ignoreStdErr);
- static void SetDeployError(const char* format, ...);
- static const char* GetDeployError(void);
- static void NoLogging(int level, const char* fmtstr, ...);
-@@ -920,7 +920,7 @@ CloudInitSetup(const char *tmpDirPath)
- "/bin/mkdir -p %s", cloudInitTmpDirPath);
- command[sizeof(command) - 1] = '\0';
-
-- forkExecResult = ForkExecAndWaitCommand(command);
-+ forkExecResult = ForkExecAndWaitCommand(command, false);
- if (forkExecResult != 0) {
- SetDeployError("Error creating %s dir: %s",
- cloudInitTmpDirPath,
-@@ -937,7 +937,7 @@ CloudInitSetup(const char *tmpDirPath)
- "/usr/bin/test -f %s/nics.txt", tmpDirPath);
- command[sizeof(command) - 1] = '\0';
-
-- forkExecResult = ForkExecAndWaitCommand(command);
-+ forkExecResult = ForkExecAndWaitCommand(command, false);
-
- /*
- * /usr/bin/test -f returns 0 if the file exists
-@@ -946,7 +946,7 @@ CloudInitSetup(const char *tmpDirPath)
- */
- if (forkExecResult == 0) {
- sLog(log_info, "nics.txt file exists. Copying..");
-- if(!CopyFileToDirectory(tmpDirPath, cloudInitTmpDirPath, "nics.txt")) {
-+ if (!CopyFileToDirectory(tmpDirPath, cloudInitTmpDirPath, "nics.txt")) {
- goto done;
- }
- }
-@@ -973,7 +973,7 @@ CloudInitSetup(const char *tmpDirPath)
- }
-
- sLog(log_info, "Copying main configuration file cust.cfg");
-- if(!CopyFileToDirectory(tmpDirPath, cloudInitTmpDirPath, "cust.cfg")) {
-+ if (!CopyFileToDirectory(tmpDirPath, cloudInitTmpDirPath, "cust.cfg")) {
- goto done;
- }
-
-@@ -992,7 +992,7 @@ done:
- "/bin/rm -rf %s",
- cloudInitTmpDirPath);
- command[sizeof(command) - 1] = '\0';
-- ForkExecAndWaitCommand(command);
-+ ForkExecAndWaitCommand(command, false);
- }
- sLog(log_error, "Setting generic error status in vmx. \n");
- SetCustomizationStatusInVmx(TOOLSDEPLOYPKG_RUNNING,
-@@ -1016,7 +1016,7 @@ CopyFileToDirectory(const char* srcPath, const char* destPath,
- snprintf(command, sizeof(command), "/bin/cp %s/%s %s/%s.tmp", srcPath,
- fileName, destPath, fileName);
- command[sizeof(command) - 1] = '\0';
-- forkExecResult = ForkExecAndWaitCommand(command);
-+ forkExecResult = ForkExecAndWaitCommand(command, false);
- if (forkExecResult != 0) {
- SetDeployError("Error while copying file %s: %s", fileName,
- strerror(errno));
-@@ -1026,7 +1026,7 @@ CopyFileToDirectory(const char* srcPath, const char* destPath,
- fileName, destPath, fileName);
- command[sizeof(command) - 1] = '\0';
-
-- forkExecResult = ForkExecAndWaitCommand(command);
-+ forkExecResult = ForkExecAndWaitCommand(command, false);
- if (forkExecResult != 0) {
- SetDeployError("Error while renaming temp file %s: %s", fileName,
- strerror(errno));
-@@ -1090,7 +1090,7 @@ UseCloudInitWorkflow(const char* dirPath)
- sLog(log_info, "cust.cfg is found in '%s' directory.", dirPath);
- }
-
-- forkExecResult = ForkExecAndWaitCommand(cloudInitCommand);
-+ forkExecResult = ForkExecAndWaitCommand(cloudInitCommand, true);
- if (forkExecResult != 0) {
- sLog(log_info, "cloud-init is not installed");
- free(cfgFullPath);
-@@ -1194,7 +1194,7 @@ Deploy(const char* packageName)
- deployPkgStatus = CloudInitSetup(tmpDirPath);
- } else {
- sLog(log_info, "Executing traditional GOSC workflow");
-- deploymentResult = ForkExecAndWaitCommand(command);
-+ deploymentResult = ForkExecAndWaitCommand(command, false);
- free(command);
-
- if (deploymentResult != CUST_SUCCESS) {
-@@ -1260,7 +1260,7 @@ Deploy(const char* packageName)
- strcat(cleanupCommand, tmpDirPath);
-
- sLog(log_info, "Launching cleanup. \n");
-- if (ForkExecAndWaitCommand(cleanupCommand) != 0) {
-+ if (ForkExecAndWaitCommand(cleanupCommand, false) != 0) {
- sLog(log_warning, "Error while clean up tmp directory %s: (%s)",
- tmpDirPath, strerror (errno));
- }
-@@ -1289,7 +1289,7 @@ Deploy(const char* packageName)
- int rebootComandResult = 0;
- do {
- sLog(log_info, "Rebooting\n");
-- rebootComandResult = ForkExecAndWaitCommand("/sbin/telinit 6");
-+ rebootComandResult = ForkExecAndWaitCommand("/sbin/telinit 6", false);
- sleep(1);
- } while (rebootComandResult == 0);
- sLog(log_error, "telinit returned error %d\n", rebootComandResult);
-@@ -1499,12 +1499,13 @@ GetFormattedCommandLine(const char* command)
- * Fork off the command and wait for it to finish. Classical Linux/Unix
- * fork-and-exec.
- *
-- * @param [IN] command Command to execute
-+ * @param [IN] command Command to execute
-+ * @param [IN] ignoreStdErr If we ignore stderr when cmd's return code is 0
- * @return Return code from the process (or -1)
- *
- **/
- int
--ForkExecAndWaitCommand(const char* command)
-+ForkExecAndWaitCommand(const char* command, bool ignoreStdErr)
- {
- ProcessHandle hp;
- int retval;
-@@ -1522,14 +1523,30 @@ ForkExecAndWaitCommand(const char* command)
-
- Process_RunToComplete(hp, 100);
- sLog(log_info, "Customization command output: %s\n", Process_GetStdout(hp));
--
-- if(Process_GetExitCode(hp) == 0 && strlen(Process_GetStderr(hp)) > 0) {
-- // Assume command failed if it wrote to stderr, even if exitCode is 0
-- sLog(log_error, "Customization command failed: %s\n", Process_GetStderr(hp));
-- retval = -1;
-+ retval = Process_GetExitCode(hp);
-+
-+ if (retval == 0) {
-+ if (strlen(Process_GetStderr(hp)) > 0) {
-+ if (!ignoreStdErr) {
-+ // Assume command failed if it wrote to stderr, even if exitCode is 0
-+ sLog(log_error,
-+ "Customization command failed with stderr: %s\n",
-+ Process_GetStderr(hp));
-+ retval = -1;
-+ } else {
-+ // If we choose to ignore stderr, we do not return -1 when return
-+ // code is 0. e.g, PR2148977, "cloud-init -v" will return 0
-+ // even there is output in stderr
-+ sLog(log_info, "Ignoring stderr output: %s\n", Process_GetStderr(hp));
-+ }
-+ }
- } else {
-- retval = Process_GetExitCode(hp);
-+ sLog(log_error,
-+ "Customization command failed with exitcode: %d, stderr: %s\n",
-+ retval,
-+ Process_GetStderr(hp));
- }
-+
- Process_Destroy(hp);
- return retval;
- }
-diff --git a/libDeployPkg/linuxDeploymentUtilities.c b/libDeployPkg/linuxDeploymentUtilities.c
-index 83f942d..93e1b0a 100644
---- a/libDeployPkg/linuxDeploymentUtilities.c
-+++ b/libDeployPkg/linuxDeploymentUtilities.c
-@@ -1,5 +1,5 @@
- /*********************************************************
-- * Copyright (C) 2016-2017 VMware, Inc. All rights reserved.
-+ * Copyright (C) 2016-2018 VMware, Inc. All rights reserved.
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as published
-@@ -24,7 +24,6 @@
- #include <regex.h>
- #include "linuxDeploymentUtilities.h"
-
--extern int ForkExecAndWaitCommand(const char* command);
- extern LogFunction sLog;
-
- /**
---
-1.8.3.1
-
diff --git a/SOURCES/0003-hgfsPlugin-crash-fix.patch b/SOURCES/0003-hgfsPlugin-crash-fix.patch
deleted file mode 100644
index 3fde817..0000000
--- a/SOURCES/0003-hgfsPlugin-crash-fix.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 549817041fd5f6d8625431ccca94e41ebac86b55 Mon Sep 17 00:00:00 2001
-From: Miroslav Rezanina <mrezanin@redhat.com>
-Date: Tue, 16 Oct 2018 07:22:40 +0200
-Subject: hgfsPlugin crash fix
-
----
- open-vm-tools/services/plugins/hgfsServer/hgfsPlugin.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/services/plugins/hgfsServer/hgfsPlugin.c b/services/plugins/hgfsServer/hgfsPlugin.c
-index c5ef872..129fa75 100644
---- a/services/plugins/hgfsServer/hgfsPlugin.c
-+++ b/services/plugins/hgfsServer/hgfsPlugin.c
-@@ -1090,6 +1090,13 @@ ToolsOnLoad(ToolsAppCtx *ctx)
- }
-
- /*
-+ * If not running in a VMware VM, return NULL to disable the plugin.
-+ */
-+ if (!ctx->isVMware) {
-+ return NULL;
-+ }
-+
-+ /*
- * Check for VM is running in a hosted environment and if so initialize
- * the Shared Folders HGFS client redirector.
- */
---
-1.8.3.1
-
diff --git a/SOURCES/ovt-End-VGAuth-impersonation-in-the-case-of-error.patch b/SOURCES/ovt-End-VGAuth-impersonation-in-the-case-of-error.patch
new file mode 100644
index 0000000..2675bb8
--- /dev/null
+++ b/SOURCES/ovt-End-VGAuth-impersonation-in-the-case-of-error.patch
@@ -0,0 +1,64 @@
+From 65f14ca791ac6636ad7d8a3d59941e52a5e3188c Mon Sep 17 00:00:00 2001
+From: Cathy Avery <cavery@redhat.com>
+Date: Thu, 25 Jul 2019 12:32:24 +0200
+Subject: [PATCH 01/16] End VGAuth impersonation in the case of error.
+
+RH-Author: Cathy Avery <cavery@redhat.com>
+Message-id: <20190725123239.18274-2-cavery@redhat.com>
+Patchwork-id: 89711
+O-Subject: [RHEL8.1 open-vm-tools PATCH 01/16] End VGAuth impersonation in the case of error.
+Bugzilla: 1602648
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+
+commit 1535eb36e8293d753c29f1eaf6cd6d2165efb1ca
+Author: Oliver Kurth <okurth@vmware.com>
+Date: Tue Sep 4 15:40:58 2018 -0700
+
+ End VGAuth impersonation in the case of error.
+
+ * In GuestAuthPasswordAuthenticateImpersonate():
+ When VGAuth_UserHandleAccessToken fails, unimpersonation is not
+ being done. This can cause issues. Fixed it.
+
+ * In GuestAuthSAMLAuthenticateAndImpersonate(), fixed the following issues:
+ The 'newHandle' is not being freed which causes a memory leak.
+ When VGAuth_UserHandleAccessToken fails, unimpersonation is not
+ being done.
+
+Signed-off-by: Cathy Avery <cavery@redhat.com>
+
+Partial port: Only the parts of the patch that addesses the coverity defects were backported.
+
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ open-vm-tools/services/plugins/vix/vixTools.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/services/plugins/vix/vixTools.c b/services/plugins/vix/vixTools.c
+index 55b1f0a..2355beb 100644
+--- a/services/plugins/vix/vixTools.c
++++ b/services/plugins/vix/vixTools.c
+@@ -11630,8 +11630,8 @@ GuestAuthSAMLAuthenticateAndImpersonate(
+ {
+ #if SUPPORT_VGAUTH
+ VixError err;
+- char *token;
+- char *username;
++ char *token = NULL;
++ char *username = NULL;
+ VGAuthContext *ctx = NULL;
+ VGAuthError vgErr;
+ VGAuthUserHandle *newHandle = NULL;
+@@ -11742,6 +11742,8 @@ impersonate:
+ err = VIX_OK;
+
+ done:
++ Util_ZeroFreeString(token);
++ Util_ZeroFreeString(username);
+
+ return err;
+ #else
+--
+1.8.3.1
+
diff --git a/SOURCES/ovt-Fix-Coverity-reported-double-memory-free-errors.patch b/SOURCES/ovt-Fix-Coverity-reported-double-memory-free-errors.patch
new file mode 100644
index 0000000..f672730
--- /dev/null
+++ b/SOURCES/ovt-Fix-Coverity-reported-double-memory-free-errors.patch
@@ -0,0 +1,225 @@
+From d477b6e21915d5099018f4fc4b60f257bb593d72 Mon Sep 17 00:00:00 2001
+From: Cathy Avery <cavery@redhat.com>
+Date: Thu, 25 Jul 2019 12:32:33 +0200
+Subject: [PATCH 10/16] Fix Coverity-reported double memory free errors.
+
+RH-Author: Cathy Avery <cavery@redhat.com>
+Message-id: <20190725123239.18274-11-cavery@redhat.com>
+Patchwork-id: 89725
+O-Subject: [RHEL8.1 open-vm-tools PATCH 10/16] Fix Coverity-reported double memory free errors.
+Bugzilla: 1602648
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+
+commit 801df14f0e2b32aea17771bbd33d65140ff2361c
+Author: Oliver Kurth <okurth@vmware.com>
+Date: Wed May 8 15:27:19 2019 -0700
+
+ Fix Coverity-reported double memory free errors.
+
+ Similar double memory free errors were reported in each of two
+ functions, VixToolsListAuthAliases and VixToolsListMappedAliases.
+ The fixes for each function are similar: be consistent in using
+ tmpBuf2 (renamed tmpBuf) as the pointer to the overall buffer being
+ computed and tmpBuf (renamed nextBuf) as the "next" version of the
+ buffer. Specifically, in the computation of recordBuf following exit
+ from the for loop, use the variable formerly known as tmpBuf2 rather
+ than the one formerly known as tmpBuf.
+
+ The variables were renamed in an attempt to distinguish more clearly
+ between them and how they are used. Also, with these changes in
+ place, it's evident that there's no need to free nextBuf in the abort
+ case and as a result its scope can be limited.
+
+Signed-off-by: Cathy Avery <cavery@redhat.com>
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ open-vm-tools/services/plugins/vix/vixTools.c | 88 ++++++++++++++-------------
+ 1 file changed, 45 insertions(+), 43 deletions(-)
+
+diff --git a/services/plugins/vix/vixTools.c b/services/plugins/vix/vixTools.c
+index 2355beb..ef26742 100644
+--- a/services/plugins/vix/vixTools.c
++++ b/services/plugins/vix/vixTools.c
+@@ -9616,7 +9616,6 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN
+ char *destPtr;
+ char *endDestPtr;
+ char *tmpBuf = NULL;
+- char *tmpBuf2 = NULL;
+ char *recordBuf;
+ size_t recordSize;
+ char *escapedStr = NULL;
+@@ -9681,15 +9680,17 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN
+ err = VIX_E_OUT_OF_MEMORY;
+ goto abort;
+ }
+- tmpBuf2 = Str_Asprintf(NULL, "<record><pemCert>%s</pemCert>",
+- escapedStr);
++ tmpBuf = Str_Asprintf(NULL, "<record><pemCert>%s</pemCert>",
++ escapedStr);
+ free(escapedStr);
+ escapedStr = NULL;
+- if (tmpBuf2 == NULL) {
++ if (tmpBuf == NULL) {
+ err = VIX_E_OUT_OF_MEMORY;
+ goto abort;
+ }
+ for (j = 0; j < uaList[i].numInfos; j++) {
++ char *nextBuf;
++
+ if (uaList[i].infos[j].comment) {
+ escapedStr = VixToolsEscapeXMLString(uaList[i].infos[j].comment);
+ if (escapedStr == NULL) {
+@@ -9704,25 +9705,26 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN
+ goto abort;
+ }
+ }
+- tmpBuf = Str_Asprintf(NULL,
+- "%s"
+- "<alias>"
+- "<type>%d</type>"
+- "<name>%s</name>"
+- "<comment>%s</comment>"
+- "</alias>",
+- tmpBuf2,
+- (uaList[i].infos[j].subject.type == VGAUTH_SUBJECT_NAMED)
+- ? VIX_GUEST_AUTH_SUBJECT_TYPE_NAMED :
+- VIX_GUEST_AUTH_SUBJECT_TYPE_ANY,
+- escapedStr2 ? escapedStr2 : "",
+- escapedStr ? escapedStr : "");
+- if (tmpBuf == NULL) {
++ nextBuf = Str_Asprintf(NULL,
++ "%s"
++ "<alias>"
++ "<type>%d</type>"
++ "<name>%s</name>"
++ "<comment>%s</comment>"
++ "</alias>",
++ tmpBuf,
++ (uaList[i].infos[j].subject.type ==
++ VGAUTH_SUBJECT_NAMED) ?
++ VIX_GUEST_AUTH_SUBJECT_TYPE_NAMED :
++ VIX_GUEST_AUTH_SUBJECT_TYPE_ANY,
++ escapedStr2 ? escapedStr2 : "",
++ escapedStr ? escapedStr : "");
++ if (nextBuf == NULL) {
+ err = VIX_E_OUT_OF_MEMORY;
+ goto abort;
+ }
+- free(tmpBuf2);
+- tmpBuf2 = tmpBuf;
++ free(tmpBuf);
++ tmpBuf = nextBuf;
+ free(escapedStr);
+ escapedStr = NULL;
+ free(escapedStr2);
+@@ -9732,7 +9734,7 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN
+ "%s</record>",
+ tmpBuf);
+ free(tmpBuf);
+- tmpBuf = tmpBuf2 = NULL;
++ tmpBuf = NULL;
+ if (recordBuf == NULL) {
+ err = VIX_E_OUT_OF_MEMORY;
+ goto abort;
+@@ -9752,7 +9754,6 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN
+
+ abort:
+ free(tmpBuf);
+- free(tmpBuf2);
+ free(escapedStr);
+ free(escapedStr2);
+ VGAuth_FreeUserAliasList(num, uaList);
+@@ -9812,7 +9813,6 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN
+ char *destPtr;
+ char *endDestPtr;
+ char *tmpBuf = NULL;
+- char *tmpBuf2 = NULL;
+ char *recordBuf;
+ char *escapedStr = NULL;
+ char *escapedStr2 = NULL;
+@@ -9876,19 +9876,21 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN
+ err = VIX_E_OUT_OF_MEMORY;
+ goto abort;
+ }
+- tmpBuf2 = Str_Asprintf(NULL, "<record><pemCert>%s</pemCert>"
+- "<userName>%s</userName>",
+- escapedStr,
+- escapedStr2);
++ tmpBuf = Str_Asprintf(NULL, "<record><pemCert>%s</pemCert>"
++ "<userName>%s</userName>",
++ escapedStr,
++ escapedStr2);
+ g_free(escapedStr2);
+ g_free(escapedStr);
+ escapedStr = NULL;
+ escapedStr2 = NULL;
+- if (tmpBuf2 == NULL) {
++ if (tmpBuf == NULL) {
+ err = VIX_E_OUT_OF_MEMORY;
+ goto abort;
+ }
+ for (j = 0; j < maList[i].numSubjects; j++) {
++ char *nextBuf;
++
+ if (maList[i].subjects[j].type == VGAUTH_SUBJECT_NAMED) {
+ escapedStr = VixToolsEscapeXMLString(maList[i].subjects[j].val.name);
+ if (escapedStr == NULL) {
+@@ -9896,23 +9898,24 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN
+ goto abort;
+ }
+ }
+- tmpBuf = Str_Asprintf(NULL,
+- "%s"
+- "<alias>"
+- "<type>%d</type>"
+- "<name>%s</name>"
+- "</alias>",
+- tmpBuf2,
+- (maList[i].subjects[j].type == VGAUTH_SUBJECT_NAMED)
+- ? VIX_GUEST_AUTH_SUBJECT_TYPE_NAMED :
+- VIX_GUEST_AUTH_SUBJECT_TYPE_ANY,
++ nextBuf = Str_Asprintf(NULL,
++ "%s"
++ "<alias>"
++ "<type>%d</type>"
++ "<name>%s</name>"
++ "</alias>",
++ tmpBuf,
++ (maList[i].subjects[j].type ==
++ VGAUTH_SUBJECT_NAMED) ?
++ VIX_GUEST_AUTH_SUBJECT_TYPE_NAMED :
++ VIX_GUEST_AUTH_SUBJECT_TYPE_ANY,
+ escapedStr ? escapedStr : "");
+- if (tmpBuf == NULL) {
++ if (nextBuf == NULL) {
+ err = VIX_E_OUT_OF_MEMORY;
+ goto abort;
+ }
+- free(tmpBuf2);
+- tmpBuf2 = tmpBuf;
++ free(tmpBuf);
++ tmpBuf = nextBuf;
+ free(escapedStr);
+ escapedStr = NULL;
+ }
+@@ -9920,7 +9923,7 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN
+ "%s</record>",
+ tmpBuf);
+ free(tmpBuf);
+- tmpBuf = tmpBuf2 = NULL;
++ tmpBuf = NULL;
+ if (recordBuf == NULL) {
+ err = VIX_E_OUT_OF_MEMORY;
+ goto abort;
+@@ -9940,7 +9943,6 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN
+
+ abort:
+ free(tmpBuf);
+- free(tmpBuf2);
+ free(escapedStr);
+ free(escapedStr2);
+ VGAuth_FreeMappedAliasList(num, maList);
+--
+1.8.3.1
+
diff --git a/SOURCES/ovt-Fix-Coverity-reported-issues-in-i18n.c-code-VMTools-.patch b/SOURCES/ovt-Fix-Coverity-reported-issues-in-i18n.c-code-VMTools-.patch
new file mode 100644
index 0000000..b54af56
--- /dev/null
+++ b/SOURCES/ovt-Fix-Coverity-reported-issues-in-i18n.c-code-VMTools-.patch
@@ -0,0 +1,153 @@
+From bbfccc2561b125971d714baba5c4aa97e6fdd181 Mon Sep 17 00:00:00 2001
+From: Cathy Avery <cavery@redhat.com>
+Date: Thu, 25 Jul 2019 12:32:29 +0200
+Subject: [PATCH 06/16] Fix Coverity reported issues in i18n.c code - VMTools &
+ VGAuth
+
+RH-Author: Cathy Avery <cavery@redhat.com>
+Message-id: <20190725123239.18274-7-cavery@redhat.com>
+Patchwork-id: 89713
+O-Subject: [RHEL8.1 open-vm-tools PATCH 06/16] Fix Coverity reported issues in i18n.c code - VMTools & VGAuth
+Bugzilla: 1602648
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+
+commit 642d7a61db13969f9fb654ad1cc0d879bf680612
+Author: Oliver Kurth <okurth@vmware.com>
+Date: Tue Apr 30 13:24:25 2019 -0700
+
+ Fix Coverity reported issues in i18n.c code - VMTools & VGAuth
+
+ bora-vmsoft/apps/vmtoolsbib/i18n.c: MsgLoadCatalog()
+ - Coverity reported memory leak when an error is encountered parsing a
+ line from a message catalog.
+ - Second memory leak on error missed.
+
+ bora-vmsoft/vgauth/common/i18n.c: MsgLoadCatalog()
+ - Coverity reported some dead code.
+ - Missed reporting memory leak when error is encountered parsing a
+ line from a message catalog.
+
+Signed-off-by: Cathy Avery <cavery@redhat.com>
+
+Conflicts: Minor copyright
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ open-vm-tools/libvmtools/i18n.c | 10 ++++++----
+ open-vm-tools/vgauth/common/i18n.c | 19 +++++++++----------
+ 2 files changed, 15 insertions(+), 14 deletions(-)
+
+diff --git a/libvmtools/i18n.c b/libvmtools/i18n.c
+index e4803ab..7dc0092 100644
+--- a/libvmtools/i18n.c
++++ b/libvmtools/i18n.c
+@@ -1,5 +1,5 @@
+ /*********************************************************
+- * Copyright (C) 2010-2016 VMware, Inc. All rights reserved.
++ * Copyright (C) 2010-2019 VMware, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published
+@@ -604,7 +604,7 @@ MsgLoadCatalog(const char *path)
+
+ /*
+ * If not a continuation line and we have a name, break out of the
+- * inner loop to update the dictionaty.
++ * inner loop to update the dictionary.
+ */
+ if (!cont && name != NULL) {
+ g_free(line);
+@@ -624,6 +624,8 @@ MsgLoadCatalog(const char *path)
+ }
+
+ if (error) {
++ free(name);
++ free(value);
+ break;
+ }
+
+@@ -634,6 +636,8 @@ MsgLoadCatalog(const char *path)
+ !Unicode_IsBufferValid(value, strlen(value) + 1, STRING_ENCODING_UTF8)) {
+ g_warning("Invalid UTF-8 string in message catalog (key = %s)\n", name);
+ error = TRUE;
++ free(name);
++ free(value);
+ break;
+ }
+
+@@ -641,8 +645,6 @@ MsgLoadCatalog(const char *path)
+ HashTable_ReplaceOrInsert(dict, name, g_strdup(value));
+ free(name);
+ free(value);
+- name = NULL;
+- value = NULL;
+ }
+
+ if (eof) {
+diff --git a/vgauth/common/i18n.c b/vgauth/common/i18n.c
+index 85a435a..5580765 100644
+--- a/vgauth/common/i18n.c
++++ b/vgauth/common/i18n.c
+@@ -1,5 +1,5 @@
+ /*********************************************************
+- * Copyright (C) 2011-2017 VMware, Inc. All rights reserved.
++ * Copyright (C) 2011-2019 VMware, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published
+@@ -571,7 +571,6 @@ MsgLoadCatalog(const char *path)
+ g_free,
+ g_free);
+ for (;;) {
+- gboolean eof = FALSE;
+ char *name = NULL;
+ char *value = NULL;
+ gchar *line;
+@@ -593,7 +592,7 @@ MsgLoadCatalog(const char *path)
+ }
+
+ if (line == NULL) {
+- eof = TRUE;
++ /* This signifies EOF. */
+ break;
+ }
+
+@@ -619,6 +618,10 @@ MsgLoadCatalog(const char *path)
+ g_free(line);
+
+ if (error) {
++ /*
++ * If the local DictLL_UnmarshalLine() returns NULL, name and value
++ * will remain NULL pointers. No malloc'ed memory to free here.
++ */
+ break;
+ }
+
+@@ -630,6 +633,8 @@ MsgLoadCatalog(const char *path)
+ !g_utf8_validate(value, -1, NULL)) {
+ g_warning("Invalid UTF-8 string in message catalog (key = %s)\n", name);
+ error = TRUE;
++ g_free(name);
++ g_free(value);
+ break;
+ }
+
+@@ -637,14 +642,8 @@ MsgLoadCatalog(const char *path)
+ val = g_strcompress(value);
+ g_free(value);
+
+- // the hashtable takes ownership of the memory for 'name' and 'value'
++ // the hashtable takes ownership of the memory for 'name' and 'val'
+ g_hash_table_insert(dict, name, val);
+- name = NULL;
+- value = NULL;
+- }
+-
+- if (eof) {
+- break;
+ }
+ }
+
+--
+1.8.3.1
+
diff --git a/SOURCES/ovt-Fix-RH-Covscan-Coverity-reported-memory-leaks-in-too.patch b/SOURCES/ovt-Fix-RH-Covscan-Coverity-reported-memory-leaks-in-too.patch
new file mode 100644
index 0000000..860ee34
--- /dev/null
+++ b/SOURCES/ovt-Fix-RH-Covscan-Coverity-reported-memory-leaks-in-too.patch
@@ -0,0 +1,120 @@
+From 0b243aef3307a07fd12171dc82ee3d3b867c3f49 Mon Sep 17 00:00:00 2001
+From: Cathy Avery <cavery@redhat.com>
+Date: Thu, 25 Jul 2019 12:32:35 +0200
+Subject: [PATCH 12/16] Fix [RH Covscan] Coverity reported memory leaks in
+ toolboxcmd-stat.c.
+
+RH-Author: Cathy Avery <cavery@redhat.com>
+Message-id: <20190725123239.18274-13-cavery@redhat.com>
+Patchwork-id: 89724
+O-Subject: [RHEL8.1 open-vm-tools PATCH 12/16] Fix [RH Covscan] Coverity reported memory leaks in toolboxcmd-stat.c.
+Bugzilla: 1602648
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+
+commit 46cb6aa361cc8b1d287e3b9b77bf86819b4b1fc5
+Author: Oliver Kurth <okurth@vmware.com>
+Date: Wed May 22 13:09:37 2019 -0700
+
+ Fix [RH Covscan] Coverity reported memory leaks in toolboxcmd-stat.c.
+
+Signed-off-by: Cathy Avery <cavery@redhat.com>
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ open-vm-tools/toolbox/toolboxcmd-stat.c | 19 +++++++++++--------
+ 1 file changed, 11 insertions(+), 8 deletions(-)
+
+diff --git a/toolbox/toolboxcmd-stat.c b/toolbox/toolboxcmd-stat.c
+index 764e4ae..cdd3a70 100644
+--- a/toolbox/toolboxcmd-stat.c
++++ b/toolbox/toolboxcmd-stat.c
+@@ -1,5 +1,5 @@
+ /*********************************************************
+- * Copyright (C) 2008-2016 VMware, Inc. All rights reserved.
++ * Copyright (C) 2008-2016,2019 VMware, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published
+@@ -56,6 +56,7 @@ OpenHandle(VMGuestLibHandle *glHandle, // OUT: The guestlib handle
+ ToolsCmd_PrintErr(SU_(stat.openhandle.failed,
+ "OpenHandle failed: %s\n"),
+ VMGuestLib_GetErrorText(*glError));
++ *glHandle = NULL;
+ return EX_UNAVAILABLE;
+ }
+ *glError = VMGuestLib_UpdateInfo(*glHandle);
+@@ -63,6 +64,8 @@ OpenHandle(VMGuestLibHandle *glHandle, // OUT: The guestlib handle
+ ToolsCmd_PrintErr(SU_(stat.update.failed,
+ "UpdateInfo failed: %s\n"),
+ VMGuestLib_GetErrorText(*glError));
++ VMGuestLib_CloseHandle(*glHandle);
++ *glHandle = NULL;
+ return EX_TEMPFAIL;
+ }
+ return 0; // We don't return EXIT_SUCCESSS to indicate that this is not
+@@ -192,7 +195,7 @@ StatHostTime(void)
+ static int
+ StatGetSessionID(void)
+ {
+- int exitStatus = EXIT_SUCCESS;
++ int exitStatus;
+ uint64 session;
+ VMGuestLibHandle glHandle;
+ VMGuestLibError glError;
+@@ -236,7 +239,7 @@ StatGetSessionID(void)
+ static int
+ StatGetMemoryBallooned(void)
+ {
+- int exitStatus = EXIT_SUCCESS;
++ int exitStatus;
+ uint32 memBallooned;
+ VMGuestLibHandle glHandle;
+ VMGuestLibError glError;
+@@ -280,7 +283,7 @@ StatGetMemoryBallooned(void)
+ static int
+ StatGetMemoryReservation(void)
+ {
+- int exitStatus = EXIT_SUCCESS;
++ int exitStatus;
+ uint32 memReservation;
+ VMGuestLibHandle glHandle;
+ VMGuestLibError glError;
+@@ -325,7 +328,7 @@ StatGetMemoryReservation(void)
+ static int
+ StatGetMemorySwapped(void)
+ {
+- int exitStatus = EXIT_SUCCESS;
++ int exitStatus;
+ uint32 memSwapped;
+ VMGuestLibHandle glHandle;
+ VMGuestLibError glError;
+@@ -369,7 +372,7 @@ StatGetMemorySwapped(void)
+ static int
+ StatGetMemoryLimit(void)
+ {
+- int exitStatus = EXIT_SUCCESS;
++ int exitStatus;
+ uint32 memLimit;
+ VMGuestLibHandle glHandle;
+ VMGuestLibError glError;
+@@ -413,7 +416,7 @@ StatGetMemoryLimit(void)
+ static int
+ StatGetCpuReservation(void)
+ {
+- int exitStatus = EXIT_SUCCESS;
++ int exitStatus;
+ uint32 cpuReservation;
+ VMGuestLibHandle glHandle;
+ VMGuestLibError glError;
+@@ -457,7 +460,7 @@ StatGetCpuReservation(void)
+ static int
+ StatGetCpuLimit(void)
+ {
+- int exitStatus = EXIT_SUCCESS;
++ int exitStatus;
+ uint32 cpuLimit;
+ VMGuestLibHandle glHandle;
+ VMGuestLibError glError;
+--
+1.8.3.1
+
diff --git a/SOURCES/ovt-Fix-Using-uninitialized-value-issue-reported-by-Cove.patch b/SOURCES/ovt-Fix-Using-uninitialized-value-issue-reported-by-Cove.patch
new file mode 100644
index 0000000..321305c
--- /dev/null
+++ b/SOURCES/ovt-Fix-Using-uninitialized-value-issue-reported-by-Cove.patch
@@ -0,0 +1,58 @@
+From e94fc95c580ce75ccc34793ffb000d9765ebe3d3 Mon Sep 17 00:00:00 2001
+From: Cathy Avery <cavery@redhat.com>
+Date: Thu, 25 Jul 2019 12:32:36 +0200
+Subject: [PATCH 13/16] Fix 'Using uninitialized value' issue reported by
+ Coverity.
+
+RH-Author: Cathy Avery <cavery@redhat.com>
+Message-id: <20190725123239.18274-14-cavery@redhat.com>
+Patchwork-id: 89714
+O-Subject: [RHEL8.1 open-vm-tools PATCH 13/16] Fix 'Using uninitialized value' issue reported by Coverity.
+Bugzilla: 1602648
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+
+commit f456a5938662175b914ffcb53c6284835476268f
+Author: Oliver Kurth <okurth@vmware.com>
+Date: Mon Jun 17 11:41:37 2019 -0700
+
+ Fix 'Using uninitialized value' issue reported by Coverity.
+
+ * In a error code path, 'exitCode' variable is used without
+ any initialization. This issue was reported by the Coverity.
+ Fixed it by initializing the 'exitCode' to -1.
+
+ * While fixing this, moved the variables to the if block where
+ they are acutally used.
+
+Signed-off-by: Cathy Avery <cavery@redhat.com>
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ open-vm-tools/lib/procMgr/procMgrPosix.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/lib/procMgr/procMgrPosix.c b/lib/procMgr/procMgrPosix.c
+index 3ff98eb..fe26d42 100644
+--- a/lib/procMgr/procMgrPosix.c
++++ b/lib/procMgr/procMgrPosix.c
+@@ -1582,8 +1582,6 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line
+ ProcMgr_AsyncProc *asyncProc = NULL;
+ pid_t pid;
+ int fds[2];
+- Bool validExitCode = FALSE;
+- int exitCode;
+ pid_t resultPid;
+ int readFd, writeFd;
+
+@@ -1608,6 +1606,8 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line
+ int i, maxfd;
+ Bool status = TRUE;
+ pid_t childPid = -1;
++ Bool validExitCode = FALSE;
++ int exitCode = -1;
+
+ /*
+ * Child
+--
+1.8.3.1
+
diff --git a/SOURCES/ovt-Fix-a-Coverity-issue-reported-in-vgauth-serviceImpl-.patch b/SOURCES/ovt-Fix-a-Coverity-issue-reported-in-vgauth-serviceImpl-.patch
new file mode 100644
index 0000000..b937b75
--- /dev/null
+++ b/SOURCES/ovt-Fix-a-Coverity-issue-reported-in-vgauth-serviceImpl-.patch
@@ -0,0 +1,59 @@
+From d14e2604b04f1b6b28eaa281f7760c89b2d2b4eb Mon Sep 17 00:00:00 2001
+From: Cathy Avery <cavery@redhat.com>
+Date: Thu, 25 Jul 2019 12:32:38 +0200
+Subject: [PATCH 15/16] Fix a Coverity issue reported in
+ vgauth/serviceImpl/verify.c
+
+RH-Author: Cathy Avery <cavery@redhat.com>
+Message-id: <20190725123239.18274-16-cavery@redhat.com>
+Patchwork-id: 89718
+O-Subject: [RHEL8.1 open-vm-tools PATCH 15/16] Fix a Coverity issue reported in vgauth/serviceImpl/verify.c
+Bugzilla: 1602648
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+
+commit 0c6ad5edceca60dc05eb9f3b1ee6ac42dc0455ef
+Author: Oliver Kurth <okurth@vmware.com>
+Date: Wed Jul 3 14:28:56 2019 -0700
+
+ Fix a Coverity issue reported in vgauth/serviceImpl/verify.c
+
+Signed-off-by: Cathy Avery <cavery@redhat.com>
+
+Conflicts: Minor copyright change
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ open-vm-tools/vgauth/serviceImpl/verify.c | 10 ++--------
+ 1 file changed, 2 insertions(+), 8 deletions(-)
+
+diff --git a/vgauth/serviceImpl/verify.c b/vgauth/serviceImpl/verify.c
+index e9a7531..9f90a79 100644
+--- a/vgauth/serviceImpl/verify.c
++++ b/vgauth/serviceImpl/verify.c
+@@ -1,5 +1,5 @@
+ /*********************************************************
+- * Copyright (C) 2011-2017 VMware, Inc. All rights reserved.
++ * Copyright (C) 2011-2019 VMware, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published
+@@ -42,15 +42,9 @@
+ VGAuthError
+ ServiceInitVerify(void)
+ {
+- VGAuthError err;
+
+ CertVerify_Init();
+- err = SAML_Init();
+- if (err != VGAUTH_E_OK) {
+- goto done;
+- }
+-done:
+- return err;
++ return SAML_Init();
+ }
+
+
+--
+1.8.3.1
+
diff --git a/SOURCES/ovt-Fix-a-leak-if-VGAuth-setup-fails.-Coverity-issue.patch b/SOURCES/ovt-Fix-a-leak-if-VGAuth-setup-fails.-Coverity-issue.patch
new file mode 100644
index 0000000..d7b904a
--- /dev/null
+++ b/SOURCES/ovt-Fix-a-leak-if-VGAuth-setup-fails.-Coverity-issue.patch
@@ -0,0 +1,47 @@
+From 2b3c17a1036e1b0db85fef8b1033505949cf7079 Mon Sep 17 00:00:00 2001
+From: Cathy Avery <cavery@redhat.com>
+Date: Thu, 25 Jul 2019 12:32:26 +0200
+Subject: [PATCH 03/16] Fix a leak if VGAuth setup fails. Coverity issue
+
+RH-Author: Cathy Avery <cavery@redhat.com>
+Message-id: <20190725123239.18274-4-cavery@redhat.com>
+Patchwork-id: 89709
+O-Subject: [RHEL8.1 open-vm-tools PATCH 03/16] Fix a leak if VGAuth setup fails. Coverity issue
+Bugzilla: 1602648
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+
+commit 82169f198925c9aa27bd04fd665eac67396adbe7
+Author: Oliver Kurth <okurth@vmware.com>
+Date: Mon Apr 15 11:33:00 2019 -0700
+
+ Fix a leak if VGAuth setup fails. Coverity issue
+
+Signed-off-by: Cathy Avery <cavery@redhat.com>
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ open-vm-tools/vgauth/serviceImpl/service.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/vgauth/serviceImpl/service.c b/vgauth/serviceImpl/service.c
+index 6779530..d471652 100644
+--- a/vgauth/serviceImpl/service.c
++++ b/vgauth/serviceImpl/service.c
+@@ -1,5 +1,5 @@
+ /*********************************************************
+- * Copyright (C) 2011-2016 VMware, Inc. All rights reserved.
++ * Copyright (C) 2011-2016,2019 VMware, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published
+@@ -173,6 +173,7 @@ ServiceCreatePublicConnection(ServiceConnection **returnConn) // OUT
+
+ if (VGAUTH_E_OK != err) {
+ Warning("%s: failed to setup public listen channel\n", __FUNCTION__);
++ ServiceConnectionShutdown(newConn);
+ return err;
+ }
+
+--
+1.8.3.1
+
diff --git a/SOURCES/ovt-Fix-a-memory-leak-in-the-unicode-library.patch b/SOURCES/ovt-Fix-a-memory-leak-in-the-unicode-library.patch
new file mode 100644
index 0000000..802707f
--- /dev/null
+++ b/SOURCES/ovt-Fix-a-memory-leak-in-the-unicode-library.patch
@@ -0,0 +1,140 @@
+From e8686de42164135f78a0212e1bd8ad5b24ee60a0 Mon Sep 17 00:00:00 2001
+From: Cathy Avery <cavery@redhat.com>
+Date: Thu, 25 Jul 2019 12:32:30 +0200
+Subject: [PATCH 07/16] Fix a memory leak in the unicode library.
+
+RH-Author: Cathy Avery <cavery@redhat.com>
+Message-id: <20190725123239.18274-8-cavery@redhat.com>
+Patchwork-id: 89717
+O-Subject: [RHEL8.1 open-vm-tools PATCH 07/16] Fix a memory leak in the unicode library.
+Bugzilla: 1602648
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+
+commit 9e6e3afa5b5c3dc11c7aa79454ca4c8184c87bdf
+Author: Oliver Kurth <okurth@vmware.com>
+Date: Tue Apr 30 13:24:25 2019 -0700
+
+ Fix a memory leak in the unicode library.
+
+ Ensure that allocated strings are freed before returning a failure.
+
+ The ASSERTs have never been known to fire; a warning in a obj
+ build will help with debugging. The warning should "never" happen.
+
+Signed-off-by: Cathy Avery <cavery@redhat.com>
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ open-vm-tools/lib/unicode/unicodeICU.c | 30 +++++++++++++++++-------------
+ 1 file changed, 17 insertions(+), 13 deletions(-)
+
+diff --git a/lib/unicode/unicodeICU.c b/lib/unicode/unicodeICU.c
+index b63932e..b9b2dbb 100644
+--- a/lib/unicode/unicodeICU.c
++++ b/lib/unicode/unicodeICU.c
+@@ -1,5 +1,5 @@
+ /*********************************************************
+- * Copyright (C) 2008-2016 VMware, Inc. All rights reserved.
++ * Copyright (C) 2008-2019 VMware, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published
+@@ -275,7 +275,7 @@ Unicode_ToLower(const char *str, // IN
+ */
+
+ // Most lower-case operations don't change the length of the string.
+- utf8Dest = (char *)Util_SafeMalloc(destCapacity);
++ utf8Dest = Util_SafeMalloc(destCapacity);
+
+ caseMap = ucasemap_open(locale, 0, &status);
+ if (U_FAILURE(status)) {
+@@ -295,7 +295,7 @@ Unicode_ToLower(const char *str, // IN
+
+ // If we need a bigger buffer, then reallocate and retry.
+ destCapacity = destLen + 1;
+- utf8Dest = (char *)Util_SafeRealloc(utf8Dest, destCapacity);
++ utf8Dest = Util_SafeRealloc(utf8Dest, destCapacity);
+
+ status = U_ZERO_ERROR;
+ destLen = ucasemap_utf8ToLower(caseMap,
+@@ -311,8 +311,9 @@ Unicode_ToLower(const char *str, // IN
+ if (U_SUCCESS(status) && status != U_STRING_NOT_TERMINATED_WARNING) {
+ result = utf8Dest;
+ } else {
+- ASSERT(U_SUCCESS(status));
+- ASSERT(status != U_STRING_NOT_TERMINATED_WARNING);
++ DEBUG_ONLY(Warning("%s: Invalid UTF-8 string detected.\n",
++ __FUNCTION__));
++ free(utf8Dest);
+ }
+
+ return result;
+@@ -356,7 +357,7 @@ Unicode_ToUpper(const char *str, // IN
+ char *result = NULL;
+
+ // Most upper-case operations don't change the length of the string.
+- utf8Dest = (char *)Util_SafeMalloc(destCapacity);
++ utf8Dest = Util_SafeMalloc(destCapacity);
+
+ caseMap = ucasemap_open(locale, 0, &status);
+ if (U_FAILURE(status)) {
+@@ -376,7 +377,7 @@ Unicode_ToUpper(const char *str, // IN
+
+ // If we need a bigger buffer, then reallocate and retry.
+ destCapacity = destLen + 1;
+- utf8Dest = (char *)Util_SafeRealloc(utf8Dest, destCapacity);
++ utf8Dest = Util_SafeRealloc(utf8Dest, destCapacity);
+
+ status = U_ZERO_ERROR;
+ destLen = ucasemap_utf8ToUpper(caseMap,
+@@ -392,13 +393,15 @@ Unicode_ToUpper(const char *str, // IN
+ if (U_SUCCESS(status) && status != U_STRING_NOT_TERMINATED_WARNING) {
+ result = utf8Dest;
+ } else {
+- ASSERT(U_SUCCESS(status));
+- ASSERT(status != U_STRING_NOT_TERMINATED_WARNING);
++ DEBUG_ONLY(Warning("%s: Invalid UTF-8 string detected.\n",
++ __FUNCTION__));
++ free(utf8Dest);
+ }
+
+ return result;
+ }
+
++
+ /*
+ * "ucasemap_utf8ToTitle" is not in version 3.6 of the ICU library,
+ * which appears to be the default on many systems...
+@@ -447,7 +450,7 @@ Unicode_ToTitle(const char *str, // IN
+ char *result = NULL;
+
+ // Most title-case operations don't change the length of the string.
+- utf8Dest = (char *)Util_SafeMalloc(destCapacity);
++ utf8Dest = Util_SafeMalloc(destCapacity);
+
+ caseMap = ucasemap_open(locale, 0, &status);
+ if (U_FAILURE(status)) {
+@@ -467,7 +470,7 @@ Unicode_ToTitle(const char *str, // IN
+
+ // If we need a bigger buffer, then reallocate and retry.
+ destCapacity = destLen + 1;
+- utf8Dest = (char *)Util_SafeRealloc(utf8Dest, destCapacity);
++ utf8Dest = Util_SafeRealloc(utf8Dest, destCapacity);
+
+ status = U_ZERO_ERROR;
+ destLen = ucasemap_utf8ToTitle(caseMap,
+@@ -483,8 +486,9 @@ Unicode_ToTitle(const char *str, // IN
+ if (U_SUCCESS(status) && status != U_STRING_NOT_TERMINATED_WARNING) {
+ result = utf8Dest;
+ } else {
+- ASSERT(U_SUCCESS(status));
+- ASSERT(status != U_STRING_NOT_TERMINATED_WARNING);
++ DEBUG_ONLY(Warning("%s: Invalid UTF-8 string detected.\n",
++ __FUNCTION__));
++ free(utf8Dest);
+ }
+
+ return result;
+--
+1.8.3.1
+
diff --git a/SOURCES/ovt-Fix-a-trivial-Coverity-reported-memory-leak-in-vgaut.patch b/SOURCES/ovt-Fix-a-trivial-Coverity-reported-memory-leak-in-vgaut.patch
new file mode 100644
index 0000000..6ab2f46
--- /dev/null
+++ b/SOURCES/ovt-Fix-a-trivial-Coverity-reported-memory-leak-in-vgaut.patch
@@ -0,0 +1,52 @@
+From f5626146057b01e07c9491183bc09f8d190a1d4c Mon Sep 17 00:00:00 2001
+From: Cathy Avery <cavery@redhat.com>
+Date: Thu, 25 Jul 2019 12:32:31 +0200
+Subject: [PATCH 08/16] Fix a trivial Coverity-reported memory leak in
+ vgauth/cli/main.c.
+
+RH-Author: Cathy Avery <cavery@redhat.com>
+Message-id: <20190725123239.18274-9-cavery@redhat.com>
+Patchwork-id: 89715
+O-Subject: [RHEL8.1 open-vm-tools PATCH 08/16] Fix a trivial Coverity-reported memory leak in vgauth/cli/main.c.
+Bugzilla: 1602648
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+
+commit 544cf1363c78d1d8c75e57d560b3650b5f667c64
+Author: Oliver Kurth <okurth@vmware.com>
+Date: Wed May 8 15:27:18 2019 -0700
+
+ Fix a trivial Coverity-reported memory leak in vgauth/cli/main.c.
+
+ Call Pref_Shutdown to close the PrefHandle.
+
+Signed-off-by: Cathy Avery <cavery@redhat.com>
+
+Conflicts: Minor copyright issue
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ open-vm-tools/vgauth/cli/main.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/vgauth/cli/main.c b/vgauth/cli/main.c
+index 7209e95..6f69f19 100644
+--- a/vgauth/cli/main.c
++++ b/vgauth/cli/main.c
+@@ -1,5 +1,5 @@
+ /*********************************************************
+- * Copyright (C) 2011-2016 VMware, Inc. All rights reserved.
++ * Copyright (C) 2011-2019 VMware, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published
+@@ -658,6 +658,7 @@ next:
+ }
+
+ VGAuth_Shutdown(ctx);
++ Pref_Shutdown(prefs);
+ g_free(appName);
+ return (err == VGAUTH_E_OK) ? 0 : -1;
+ }
+--
+1.8.3.1
+
diff --git a/SOURCES/ovt-Fix-a-trivial-Coverity-reported-memory-leak.patch b/SOURCES/ovt-Fix-a-trivial-Coverity-reported-memory-leak.patch
new file mode 100644
index 0000000..ad1c11d
--- /dev/null
+++ b/SOURCES/ovt-Fix-a-trivial-Coverity-reported-memory-leak.patch
@@ -0,0 +1,52 @@
+From 98345ad1ae6960263f1e0c76cda6a45a2313d7e1 Mon Sep 17 00:00:00 2001
+From: Cathy Avery <cavery@redhat.com>
+Date: Thu, 25 Jul 2019 12:32:34 +0200
+Subject: [PATCH 11/16] Fix a trivial Coverity-reported memory leak.
+
+RH-Author: Cathy Avery <cavery@redhat.com>
+Message-id: <20190725123239.18274-12-cavery@redhat.com>
+Patchwork-id: 89722
+O-Subject: [RHEL8.1 open-vm-tools PATCH 11/16] Fix a trivial Coverity-reported memory leak.
+Bugzilla: 1602648
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+
+commit a5823224051da0318facf10e0732baa9f55334fc
+Author: Oliver Kurth <okurth@vmware.com>
+Date: Wed May 8 15:27:19 2019 -0700
+
+ Fix a trivial Coverity-reported memory leak.
+
+ If AuthLoadPAM doesn't find all the needed symbols from the pam
+ library, then dlclose the library, as is already done for
+ the same-named funtion in bora/lib/auth/authPosix.c.
+
+Signed-off-by: Cathy Avery <cavery@redhat.com>
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ open-vm-tools/vgauth/lib/authPosix.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/vgauth/lib/authPosix.c b/vgauth/lib/authPosix.c
+index dfaeb92..151e595 100644
+--- a/vgauth/lib/authPosix.c
++++ b/vgauth/lib/authPosix.c
+@@ -1,5 +1,5 @@
+ /*********************************************************
+- * Copyright (C) 2011-2017 VMware, Inc. All rights reserved.
++ * Copyright (C) 2011-2017,2019 VMware, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published
+@@ -128,7 +128,7 @@ AuthLoadPAM(void)
+ if (!symbol) {
+ Warning("PAM library does not contain required function: %s\n",
+ dlerror());
+-
++ dlclose(pam_library);
+ return FALSE;
+ }
+
+--
+1.8.3.1
+
diff --git a/SOURCES/ovt-Fix-memory-leak-in-GetFormattedCommandLine-function-.patch b/SOURCES/ovt-Fix-memory-leak-in-GetFormattedCommandLine-function-.patch
new file mode 100644
index 0000000..6b48206
--- /dev/null
+++ b/SOURCES/ovt-Fix-memory-leak-in-GetFormattedCommandLine-function-.patch
@@ -0,0 +1,80 @@
+From da6b1c1b22ce0386214bbc5395d4cc42529be4fb Mon Sep 17 00:00:00 2001
+From: Cathy Avery <cavery@redhat.com>
+Date: Thu, 25 Jul 2019 12:32:25 +0200
+Subject: [PATCH 02/16] Fix memory leak in GetFormattedCommandLine() function
+ (linuxDeployment.c)
+
+RH-Author: Cathy Avery <cavery@redhat.com>
+Message-id: <20190725123239.18274-3-cavery@redhat.com>
+Patchwork-id: 89712
+O-Subject: [RHEL8.1 open-vm-tools PATCH 02/16] Fix memory leak in GetFormattedCommandLine() function (linuxDeployment.c)
+Bugzilla: 1602648
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+
+commit d93219282ff7e89e3f581bf757dfd807c7568452
+Author: Oliver Kurth <okurth@vmware.com>
+Date: Thu Mar 28 12:42:59 2019 -0700
+
+ Fix memory leak in GetFormattedCommandLine() function (linuxDeployment.c)
+
+ 1. There are malloc() calls happening in a loop; this function returns
+ NULL when one of malloc fails. If a malloc call fails in the loop,
+ all memory allocated in previous iterations should be freed before
+ the return NULL.
+ 2. Clear allocated resources before return NULL in this file.
+ 3. Add NULL check following malloc calls in this file.
+ 4. Encapsulate %s in () only if %s is strerror(errno), otherwise encapsulate
+ %s in single quotes.
+ 5. End with \n in sLog.
+
+Signed-off-by: Cathy Avery <cavery@redhat.com>
+
+Partial port: Only the parts of the patch that addesses the coverity defects were backported.
+
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ open-vm-tools/libDeployPkg/linuxDeployment.c | 14 +++++++++++++-
+ 1 file changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/libDeployPkg/linuxDeployment.c b/libDeployPkg/linuxDeployment.c
+index 6e22aac..74b2f90 100644
+--- a/libDeployPkg/linuxDeployment.c
++++ b/libDeployPkg/linuxDeployment.c
+@@ -454,6 +454,8 @@ AddToList(struct List* head, const char* token)
+ l = malloc(sizeof(struct List));
+ if (!l) {
+ SetDeployError("Error allocating memory. (%s)", strerror(errno));
++ // clear allocated resource
++ free(data);
+ return NULL;
+ }
+
+@@ -1495,13 +1497,23 @@ GetFormattedCommandLine(const char* command)
+ args = malloc((ListSize(commandTokens) + 1) * sizeof(char*));
+ if (!args) {
+ SetDeployError("Error allocating memory.");
++ // clear resources
++ DeleteList(commandTokens);
+ return NULL;
+ }
+
+ for(l = commandTokens, i = 0; l; l = l->next, i++) {
+ char* arg = malloc(strlen(l->data) + 1);
+ if (!arg) {
+- SetDeployError("Error allocating memory.(%s)", strerror(errno));
++ unsigned int j;
++ SetDeployError("Error allocating memory. (%s)", strerror(errno));
++ // free allocated memories in previous iterations if any
++ for (j = 0; j < i; j++) {
++ free(args[j]);
++ }
++ free(args);
++ // clear resources
++ DeleteList(commandTokens);
+ return NULL;
+ }
+
+--
+1.8.3.1
+
diff --git a/SOURCES/ovt-Fix-memory-leak-in-SNEBuildHash-function.patch b/SOURCES/ovt-Fix-memory-leak-in-SNEBuildHash-function.patch
new file mode 100644
index 0000000..5b3b227
--- /dev/null
+++ b/SOURCES/ovt-Fix-memory-leak-in-SNEBuildHash-function.patch
@@ -0,0 +1,52 @@
+From ce0aed0b753b24891cf33463f69e0ceb953b826f Mon Sep 17 00:00:00 2001
+From: Cathy Avery <cavery@redhat.com>
+Date: Thu, 25 Jul 2019 12:32:28 +0200
+Subject: [PATCH 05/16] Fix memory leak in SNEBuildHash function.
+
+RH-Author: Cathy Avery <cavery@redhat.com>
+Message-id: <20190725123239.18274-6-cavery@redhat.com>
+Patchwork-id: 89716
+O-Subject: [RHEL8.1 open-vm-tools PATCH 05/16] Fix memory leak in SNEBuildHash function.
+Bugzilla: 1602648
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+
+commit 1b755d3e619ed40d8750532f10af5a1df6de6cda
+Author: Oliver Kurth <okurth@vmware.com>
+Date: Tue Apr 30 13:24:24 2019 -0700
+
+ Fix memory leak in SNEBuildHash function.
+
+ In a specific code path of the SNEBuildHash function, when the
+ environment variable is of the format VMWARE_*=[0|1], the value
+ is not freed. Fixed the memory leak.
+
+Signed-off-by: Cathy Avery <cavery@redhat.com>
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ open-vm-tools/lib/system/systemLinux.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/lib/system/systemLinux.c b/lib/system/systemLinux.c
+index c74d489..7d9798a 100644
+--- a/lib/system/systemLinux.c
++++ b/lib/system/systemLinux.c
+@@ -1,5 +1,5 @@
+ /*********************************************************
+- * Copyright (C) 1998-2018 VMware, Inc. All rights reserved.
++ * Copyright (C) 1998-2019 VMware, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published
+@@ -607,6 +607,8 @@ SNEBuildHash(const char **compatEnviron)
+ char *realValue = (value[0] == '0')
+ ? NULL
+ : Util_SafeStrdup(&value[1]);
++ free(value);
++ value = NULL;
+ HashTable_ReplaceOrInsert(environTable, realKey, realValue);
+ } else {
+ HashTable_LookupOrInsert(environTable, key, value);
+--
+1.8.3.1
+
diff --git a/SOURCES/ovt-Fix-minor-leak-in-FileRotateByRenumber-Coverity-scan.patch b/SOURCES/ovt-Fix-minor-leak-in-FileRotateByRenumber-Coverity-scan.patch
new file mode 100644
index 0000000..740b797
--- /dev/null
+++ b/SOURCES/ovt-Fix-minor-leak-in-FileRotateByRenumber-Coverity-scan.patch
@@ -0,0 +1,47 @@
+From f9dcf9c252d3d1cb76aebd838300bdf3e973e77b Mon Sep 17 00:00:00 2001
+From: Cathy Avery <cavery@redhat.com>
+Date: Thu, 25 Jul 2019 12:32:27 +0200
+Subject: [PATCH 04/16] Fix minor leak in FileRotateByRenumber - Coverity scan
+
+RH-Author: Cathy Avery <cavery@redhat.com>
+Message-id: <20190725123239.18274-5-cavery@redhat.com>
+Patchwork-id: 89720
+O-Subject: [RHEL8.1 open-vm-tools PATCH 04/16] Fix minor leak in FileRotateByRenumber - Coverity scan
+Bugzilla: 1602648
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+
+commit 85bc2e71dd7a855d3c533965859c1756deecc314
+Author: Oliver Kurth <okurth@vmware.com>
+Date: Mon Apr 15 11:33:00 2019 -0700
+
+ Fix minor leak in FileRotateByRenumber - Coverity scan
+
+Signed-off-by: Cathy Avery <cavery@redhat.com>
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ open-vm-tools/lib/file/file.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/lib/file/file.c b/lib/file/file.c
+index 2d1154b..7dae12c 100644
+--- a/lib/file/file.c
++++ b/lib/file/file.c
+@@ -1,5 +1,5 @@
+ /*********************************************************
+- * Copyright (C) 1998-2018 VMware, Inc. All rights reserved.
++ * Copyright (C) 1998-2019 VMware, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published
+@@ -2452,6 +2452,7 @@ FileRotateByRenumber(const char *filePath, // IN: full path to file
+ File_GetPathName(fullPathNoExt, &baseDir, &baseName);
+
+ if ((baseDir == NULL) || (*baseDir == '\0')) {
++ free(baseDir);
+ baseDir = Unicode_Duplicate(DIRSEPS);
+ }
+
+--
+1.8.3.1
+
diff --git a/SOURCES/ovt-Fix-two-coverity-issues-reported-by-a-customer.patch b/SOURCES/ovt-Fix-two-coverity-issues-reported-by-a-customer.patch
new file mode 100644
index 0000000..20772a9
--- /dev/null
+++ b/SOURCES/ovt-Fix-two-coverity-issues-reported-by-a-customer.patch
@@ -0,0 +1,61 @@
+From 86ec5be96b61f3b391711aab3aee0c4d85101b2f Mon Sep 17 00:00:00 2001
+From: Cathy Avery <cavery@redhat.com>
+Date: Thu, 25 Jul 2019 12:32:39 +0200
+Subject: [PATCH 16/16] Fix two coverity issues reported by a customer.
+
+RH-Author: Cathy Avery <cavery@redhat.com>
+Message-id: <20190725123239.18274-17-cavery@redhat.com>
+Patchwork-id: 89719
+O-Subject: [RHEL8.1 open-vm-tools PATCH 16/16] [Tools/dndcp] Fix two coverity issues reported by a customer.
+Bugzilla: 1602648
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+
+commit 04813113e28f6cfecf956166136bbad2a6c2a386
+Author: Oliver Kurth <okurth@vmware.com>
+Date: Sat Jul 20 17:15:19 2019 -0700
+
+ [Tools/dndcp] Fix two coverity issues reported by a customer.
+
+Signed-off-by: Cathy Avery <cavery@redhat.com>
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ open-vm-tools/services/plugins/dndcp/copyPasteUIX11.cpp | 14 +++++++++++---
+ 1 file changed, 11 insertions(+), 3 deletions(-)
+
+diff --git a/services/plugins/dndcp/copyPasteUIX11.cpp b/services/plugins/dndcp/copyPasteUIX11.cpp
+index 6c40b84..e9b9e26 100644
+--- a/services/plugins/dndcp/copyPasteUIX11.cpp
++++ b/services/plugins/dndcp/copyPasteUIX11.cpp
+@@ -1664,10 +1664,11 @@ CopyPasteUIX11::FileBlockMonitorThread(void *arg) // IN
+ }
+
+ int fd = open(params->fileBlockName.c_str(), O_RDONLY);
+- if (fd <= 0) {
+- g_debug("%s: Failed to open %s\n",
++ if (fd < 0) {
++ g_debug("%s: Failed to open %s, errno is %d\n",
+ __FUNCTION__,
+- params->fileBlockName.c_str());
++ params->fileBlockName.c_str(),
++ errno);
+ continue;
+ }
+
+@@ -1688,6 +1689,13 @@ CopyPasteUIX11::FileBlockMonitorThread(void *arg) // IN
+ } else {
+ g_debug("%s: Block is not added\n", __FUNCTION__);
+ }
++
++ if (close(fd) < 0) {
++ g_debug("%s: Failed to close %s, errno is %d\n",
++ __FUNCTION__,
++ params->fileBlockName.c_str(),
++ errno);
++ }
+ }
+ pthread_mutex_unlock(¶ms->fileBlockMutex);
+ return NULL;
+--
+1.8.3.1
+
diff --git a/SOURCES/ovt-Fixes-for-few-leaks-and-improved-error-handling.patch b/SOURCES/ovt-Fixes-for-few-leaks-and-improved-error-handling.patch
new file mode 100644
index 0000000..db5907c
--- /dev/null
+++ b/SOURCES/ovt-Fixes-for-few-leaks-and-improved-error-handling.patch
@@ -0,0 +1,174 @@
+From 46a724937bfbfe4fa4e64269f057c71893f25b30 Mon Sep 17 00:00:00 2001
+From: Cathy Avery <cavery@redhat.com>
+Date: Thu, 25 Jul 2019 12:32:32 +0200
+Subject: [PATCH 09/16] Fixes for few leaks and improved error handling.
+
+RH-Author: Cathy Avery <cavery@redhat.com>
+Message-id: <20190725123239.18274-10-cavery@redhat.com>
+Patchwork-id: 89723
+O-Subject: [RHEL8.1 open-vm-tools PATCH 09/16] Fixes for few leaks and improved error handling.
+Bugzilla: 1602648
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+
+commit 2bbd56da4314856dfc1a8fed2db5b55cd9ef8860
+Author: Oliver Kurth <okurth@vmware.com>
+Date: Wed May 8 15:27:18 2019 -0700
+
+ Fixes for few leaks and improved error handling.
+
+ Fix a memory leak detected by coverity scan. It is not critical,
+ but it is real in an error case when there is no end mark. While
+ fixing it, also enhanced code to handle different error cases
+ properly because we would want valid content to be decoded even
+ when there are invalid marks in the log file. Invalid log marks
+ are possible when vmware.log gets rotated in the middle of guest
+ logging.
+
+ While verifying the fix using valgrind, found a couple of more
+ leaks in panic and warning stubs. Addressed those as well.
+
+Signed-off-by: Cathy Avery <cavery@redhat.com>
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ open-vm-tools/lib/stubs/stub-panic.c | 3 ++-
+ open-vm-tools/lib/stubs/stub-warning.c | 5 ++--
+ open-vm-tools/xferlogs/xferlogs.c | 47 ++++++++++++++++++++++++++++------
+ 3 files changed, 44 insertions(+), 11 deletions(-)
+
+diff --git a/lib/stubs/stub-panic.c b/lib/stubs/stub-panic.c
+index 615a810..4b88f59 100644
+--- a/lib/stubs/stub-panic.c
++++ b/lib/stubs/stub-panic.c
+@@ -1,5 +1,5 @@
+ /*********************************************************
+- * Copyright (C) 2008 VMware, Inc. All rights reserved.
++ * Copyright (C) 2008,2019 VMware, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published
+@@ -43,6 +43,7 @@ Panic(const char *fmt, ...)
+
+ if (str != NULL) {
+ fputs(str, stderr);
++ free(str);
+ }
+
+ assert(FALSE);
+diff --git a/lib/stubs/stub-warning.c b/lib/stubs/stub-warning.c
+index c32fa69..3a49617 100644
+--- a/lib/stubs/stub-warning.c
++++ b/lib/stubs/stub-warning.c
+@@ -1,5 +1,5 @@
+ /*********************************************************
+- * Copyright (C) 2008-2016 VMware, Inc. All rights reserved.
++ * Copyright (C) 2008-2016,2019 VMware, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published
+@@ -24,6 +24,7 @@
+ */
+
+ #include <stdio.h>
++#include <stdlib.h>
+ #include "str.h"
+
+
+@@ -39,6 +40,6 @@ Warning(const char *fmt, ...)
+
+ if (str != NULL) {
+ fputs(str, stderr);
++ free(str);
+ }
+ }
+-
+diff --git a/xferlogs/xferlogs.c b/xferlogs/xferlogs.c
+index 9aa9b3a..d4a600f 100644
+--- a/xferlogs/xferlogs.c
++++ b/xferlogs/xferlogs.c
+@@ -184,8 +184,19 @@ extractFile(char *filename) //IN: vmx log filename e.g. vmware.log
+ char tstamp[32];
+ time_t now;
+
+- ASSERT(outfp == NULL);
+- ASSERT(state == NOT_IN_GUEST_LOGGING);
++ /*
++ * There could be multiple LOG_START_MARK in the log,
++ * close existing one before opening a new file.
++ */
++ if (outfp) {
++ ASSERT(state == IN_GUEST_LOGGING);
++ Warning("Found a new start mark before end mark for "
++ "previous one\n");
++ fclose(outfp);
++ outfp = NULL;
++ } else {
++ ASSERT(state == NOT_IN_GUEST_LOGGING);
++ }
+ DEBUG_ONLY(state = IN_GUEST_LOGGING);
+
+ /*
+@@ -234,23 +245,32 @@ extractFile(char *filename) //IN: vmx log filename e.g. vmware.log
+ ver = ver + sizeof "ver - " - 1;
+ version = strtol(ver, NULL, 0);
+ if (version != LOG_VERSION) {
+- Warning("input version %d doesnt match the\
++ Warning("Input version %d doesn't match the\
+ version of this binary %d", version, LOG_VERSION);
+ } else {
+- printf("reading file %s to %s \n", logInpFilename, fname);
++ printf("Reading file %s to %s \n", logInpFilename, fname);
+ if (!(outfp = fopen(fname, "wb"))) {
+ Warning("Error opening file %s\n", fname);
+ }
+ }
+ }
+ } else if (strstr(buf, LOG_END_MARK)) { // close the output file.
+- ASSERT(state == IN_GUEST_LOGGING);
++ /*
++ * Need to check outfp, because we might get LOG_END_MARK
++ * before LOG_START_MARK due to log rotation.
++ */
++ if (outfp) {
++ ASSERT(state == IN_GUEST_LOGGING);
++ fclose(outfp);
++ outfp = NULL;
++ } else {
++ ASSERT(state == NOT_IN_GUEST_LOGGING);
++ Warning("Reached file end mark without start mark\n");
++ }
+ DEBUG_ONLY(state = NOT_IN_GUEST_LOGGING);
+- fclose(outfp);
+- outfp = NULL;
+ } else { // write to the output file
+- ASSERT(state == IN_GUEST_LOGGING);
+ if (outfp) {
++ ASSERT(state == IN_GUEST_LOGGING);
+ ptrStr = strstr(buf, LOG_GUEST_MARK);
+ ptrStr += sizeof LOG_GUEST_MARK - 1;
+ if (Base64_Decode(ptrStr, base64Out, BUF_OUT_SIZE, &lenOut)) {
+@@ -260,10 +280,21 @@ extractFile(char *filename) //IN: vmx log filename e.g. vmware.log
+ } else {
+ Warning("Error decoding output %s\n", ptrStr);
+ }
++ } else {
++ ASSERT(state == NOT_IN_GUEST_LOGGING);
++ Warning("Missing file start mark\n");
+ }
+ }
+ }
+ }
++
++ /*
++ * We may need to close file in case LOG_END_MARK is missing.
++ */
++ if (outfp) {
++ ASSERT(state == IN_GUEST_LOGGING);
++ fclose(outfp);
++ }
+ fclose(fp);
+ }
+
+--
+1.8.3.1
+
diff --git a/SOURCES/ovt-copyPasteCompatX11.c-code-generating-unnecessary-Cov.patch b/SOURCES/ovt-copyPasteCompatX11.c-code-generating-unnecessary-Cov.patch
new file mode 100644
index 0000000..60360aa
--- /dev/null
+++ b/SOURCES/ovt-copyPasteCompatX11.c-code-generating-unnecessary-Cov.patch
@@ -0,0 +1,115 @@
+From d56ab64ed0b7a863cc2b0bf1dc78bbf3d3953226 Mon Sep 17 00:00:00 2001
+From: Cathy Avery <cavery@redhat.com>
+Date: Thu, 25 Jul 2019 12:32:37 +0200
+Subject: [PATCH 14/16] copyPasteCompatX11.c code generating unnecessary
+ Coverity warning
+
+RH-Author: Cathy Avery <cavery@redhat.com>
+Message-id: <20190725123239.18274-15-cavery@redhat.com>
+Patchwork-id: 89721
+O-Subject: [RHEL8.1 open-vm-tools PATCH 14/16] copyPasteCompatX11.c code generating unnecessary Coverity warning
+Bugzilla: 1602648
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+
+commit 9c30be3448c743e51718480543142bf833ea553a
+Author: Oliver Kurth <okurth@vmware.com>
+Date: Mon Jun 17 11:41:38 2019 -0700
+
+ copyPasteCompatX11.c code generating unnecessary Coverity warning
+
+ This patch aims to fix an issue found by Coverity Scan.
+
+ This issue is a False Positive, the outBuf is only freed in specific
+ scenario, so there is no 'BAD FREE'. But it's better to reconstruct the
+ related code to clear the SCA error.
+
+Signed-off-by: Cathy Avery <cavery@redhat.com>
+
+Conflicts: Minor copyright
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ .../services/plugins/dndcp/copyPasteCompatX11.c | 43 +++++++++-------------
+ 1 file changed, 17 insertions(+), 26 deletions(-)
+
+diff --git a/services/plugins/dndcp/copyPasteCompatX11.c b/services/plugins/dndcp/copyPasteCompatX11.c
+index d5a0fdf..3b2f2bc 100644
+--- a/services/plugins/dndcp/copyPasteCompatX11.c
++++ b/services/plugins/dndcp/copyPasteCompatX11.c
+@@ -1,5 +1,5 @@
+ /*********************************************************
+- * Copyright (C) 2005-2016 VMware, Inc. All rights reserved.
++ * Copyright (C) 2005-2019 VMware, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published
+@@ -579,50 +579,41 @@ CopyPasteSelectionGetCB(GtkWidget *widget, // IN: unused
+ return;
+ }
+
+- /* If it is text copy paste, return gHostClipboardBuf. */
++ GdkAtom target;
+ #ifndef GTK3
+- if (GDK_SELECTION_TYPE_STRING == selection_data->target ||
+- GDK_SELECTION_TYPE_UTF8_STRING == selection_data->target) {
++ target = selection_data->target;
+ #else
+- if (GDK_SELECTION_TYPE_STRING == gtk_selection_data_get_target(selection_data) ||
+- GDK_SELECTION_TYPE_UTF8_STRING == gtk_selection_data_get_target(selection_data)) {
++ target = gtk_selection_data_get_target(selection_data);
+ #endif
++
++ /* If it is text copy paste, return gHostClipboardBuf. */
++ if (GDK_SELECTION_TYPE_STRING == target ||
++ GDK_SELECTION_TYPE_UTF8_STRING == target) {
+ char *outBuf = gHostClipboardBuf;
++ char *outStringBuf = NULL;
+ size_t len = strlen(gHostClipboardBuf);
+
+ /*
+ * If target is GDK_SELECTION_TYPE_STRING, assume encoding is local code
+ * set. Convert from utf8 to local one.
+ */
+-#ifndef GTK3
+- if (GDK_SELECTION_TYPE_STRING == selection_data->target &&
+-#else
+- if (GDK_SELECTION_TYPE_STRING == gtk_selection_data_get_target(selection_data) &&
+-#endif
++ if (GDK_SELECTION_TYPE_STRING == target &&
+ !CodeSet_Utf8ToCurrent(gHostClipboardBuf,
+ strlen(gHostClipboardBuf),
+- &outBuf,
++ &outStringBuf,
+ &len)) {
+ g_debug("CopyPasteSelectionGetCB: can not convert to current codeset\n");
+ return;
+ }
+
+-#ifndef GTK3
+- gtk_selection_data_set(selection_data, selection_data->target, 8,
+-#else
+- gtk_selection_data_set(selection_data, gtk_selection_data_get_target(selection_data), 8,
+-#endif
+- outBuf, len);
+- g_debug("CopyPasteSelectionGetCB: Set text [%s]\n", outBuf);
+-
+-#ifndef GTK3
+- if (GDK_SELECTION_TYPE_STRING == selection_data->target) {
+-#else
+- if (GDK_SELECTION_TYPE_STRING == gtk_selection_data_get_target(selection_data)) {
+-#endif
+- free(outBuf);
++ if (outStringBuf != NULL) {
++ outBuf = outStringBuf;
+ }
+
++ gtk_selection_data_set(selection_data, target, 8, outBuf, len);
++ g_debug("CopyPasteSelectionGetCB: Set text [%s]\n", outBuf);
++
++ free(outStringBuf);
+ return;
+ }
+ }
+--
+1.8.3.1
+
diff --git a/SPECS/open-vm-tools.spec b/SPECS/open-vm-tools.spec
index 13759ec..7696902 100644
--- a/SPECS/open-vm-tools.spec
+++ b/SPECS/open-vm-tools.spec
@@ -20,15 +20,15 @@
%global _hardened_build 1
%global majorversion 10.3
-%global minorversion 0
-%global toolsbuild 8931395
+%global minorversion 10
+%global toolsbuild 12406962
%global toolsversion %{majorversion}.%{minorversion}
%global toolsdaemon vmtoolsd
%global vgauthdaemon vgauthd
Name: open-vm-tools
Version: %{toolsversion}
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: Open Virtual Machine Tools for virtual machines hosted on VMware
Group: Applications/System
License: GPLv2
@@ -39,8 +39,38 @@ Source2: %{toolsdaemon}.service
Source3: %{vgauthdaemon}.service
ExclusiveArch: x86_64
-Patch0002: 0002-Update-cloud-init-handling.patch
-Patch0003: 0003-hgfsPlugin-crash-fix.patch
+# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
+Patch2: ovt-End-VGAuth-impersonation-in-the-case-of-error.patch
+# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
+Patch3: ovt-Fix-memory-leak-in-GetFormattedCommandLine-function-.patch
+# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
+Patch4: ovt-Fix-a-leak-if-VGAuth-setup-fails.-Coverity-issue.patch
+# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
+Patch5: ovt-Fix-minor-leak-in-FileRotateByRenumber-Coverity-scan.patch
+# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
+Patch6: ovt-Fix-memory-leak-in-SNEBuildHash-function.patch
+# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
+Patch7: ovt-Fix-Coverity-reported-issues-in-i18n.c-code-VMTools-.patch
+# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
+Patch8: ovt-Fix-a-memory-leak-in-the-unicode-library.patch
+# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
+Patch9: ovt-Fix-a-trivial-Coverity-reported-memory-leak-in-vgaut.patch
+# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
+Patch10: ovt-Fixes-for-few-leaks-and-improved-error-handling.patch
+# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
+Patch11: ovt-Fix-Coverity-reported-double-memory-free-errors.patch
+# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
+Patch12: ovt-Fix-a-trivial-Coverity-reported-memory-leak.patch
+# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
+Patch13: ovt-Fix-RH-Covscan-Coverity-reported-memory-leaks-in-too.patch
+# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
+Patch14: ovt-Fix-Using-uninitialized-value-issue-reported-by-Cove.patch
+# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
+Patch15: ovt-copyPasteCompatX11.c-code-generating-unnecessary-Cov.patch
+# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
+Patch16: ovt-Fix-a-Coverity-issue-reported-in-vgauth-serviceImpl-.patch
+# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
+Patch17: ovt-Fix-two-coverity-issues-reported-by-a-customer.patch
BuildRequires: autoconf
BuildRequires: automake
@@ -133,8 +163,22 @@ machines.
%prep
%setup -q -n %{name}-%{version}-%{toolsbuild}
-%patch0002 -p1
-%patch0003 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
+%patch10 -p1
+%patch11 -p1
+%patch12 -p1
+%patch13 -p1
+%patch14 -p1
+%patch15 -p1
+%patch16 -p1
+%patch17 -p1
%build
# Required for regenerating configure script when
@@ -305,10 +349,30 @@ fi
%{_bindir}/vmware-vgauth-smoketest
%changelog
-* Tue Jan 08 2019 Miroslav Rezanina <mrezanin@redhat.com> - 10.3.0-2.el8
-- ovt-Enable-cloud-init-by-default-to-change-the-systemd-u.patch [bz#1660713]
-- Resolves: bz#1660713
- ([ESXi][RHEL8.0]Enable cloud-init by default to change the systemd unit file vmtoolsd.service)
+* Thu Aug 01 2019 Miroslav Rezanina <mrezanin@redhat.com> - 10.3.10-3
+- ovt-End-VGAuth-impersonation-in-the-case-of-error.patch [bz#1602648]
+- ovt-Fix-memory-leak-in-GetFormattedCommandLine-function-.patch [bz#1602648]
+- ovt-Fix-a-leak-if-VGAuth-setup-fails.-Coverity-issue.patch [bz#1602648]
+- ovt-Fix-minor-leak-in-FileRotateByRenumber-Coverity-scan.patch [bz#1602648]
+- ovt-Fix-memory-leak-in-SNEBuildHash-function.patch [bz#1602648]
+- ovt-Fix-Coverity-reported-issues-in-i18n.c-code-VMTools-.patch [bz#1602648]
+- ovt-Fix-a-memory-leak-in-the-unicode-library.patch [bz#1602648]
+- ovt-Fix-a-trivial-Coverity-reported-memory-leak-in-vgaut.patch [bz#1602648]
+- ovt-Fixes-for-few-leaks-and-improved-error-handling.patch [bz#1602648]
+- ovt-Fix-Coverity-reported-double-memory-free-errors.patch [bz#1602648]
+- ovt-Fix-a-trivial-Coverity-reported-memory-leak.patch [bz#1602648]
+- ovt-Fix-RH-Covscan-Coverity-reported-memory-leaks-in-too.patch [bz#1602648]
+- ovt-Fix-Using-uninitialized-value-issue-reported-by-Cove.patch [bz#1602648]
+- ovt-copyPasteCompatX11.c-code-generating-unnecessary-Cov.patch [bz#1602648]
+- ovt-Fix-a-Coverity-issue-reported-in-vgauth-serviceImpl-.patch [bz#1602648]
+- ovt-Fix-two-coverity-issues-reported-by-a-customer.patch [bz#1602648]
+- Resolves: bz#1602648
+ ([ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package)
+
+* Tue Jun 04 2019 Miroslav Rezanina <mrezanin@redhat.com> - 10.3.10-2
+- Rebase to 10.3.10 [bz#1702784]
+- Resolves: bz#1702784
+ (Rebase open-vm-tools to 10.3.10)
* Tue Oct 16 2018 Miroslav Rezanina <mrezanin@redhat.com> - 10.3.0-1
- Rebase to 10.3.0 [bz#1626578]
@@ -317,6 +381,8 @@ fi
* Mon May 14 2018 Miroslav Rezanina <mrezanin@redhat.com> - 10.2.5-2
- Updated RHEL version
+- Resolves: bz#1527233
+ ([ESXi][RHEL7.5]Rebase open-vm-tools to 10.2.5)
* Wed May 09 2018 Ravindra Kumar <ravindrakumar@vmware.com> - 10.2.5-2
- Use tirpc for Fedora 28 onwards.