|
 |
f02bdd |
From a0d5ed656f09ab5da547058366cd5f45584ba7b6 Mon Sep 17 00:00:00 2001
|
|
|
f02bdd |
From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
|
|
|
f02bdd |
Date: Fri, 31 Jul 2020 10:38:17 +0200
|
|
|
f02bdd |
Subject: [PATCH] Plug a memory leak
|
|
|
f02bdd |
|
|
|
f02bdd |
==12029== at 0x483A809: malloc (vg_replace_malloc.c:307)
|
|
|
f02bdd |
==12029== by 0x51F1386: realpath@@GLIBC_2.3 (in /usr/lib64/libc-2.31.so)
|
|
|
f02bdd |
==12029== by 0x489F8CA: oscap_realpath (util.c:251)
|
|
|
f02bdd |
==12029== by 0x495E6EF: rpmverify_collect (rpmverifyfile_probe.c:248)
|
|
|
f02bdd |
==12029== by 0x495F461: rpmverifyfile_probe_main (rpmverifyfile_probe.c:543)
|
|
|
f02bdd |
==12029== by 0x4935598: probe_worker (worker.c:1090)
|
|
|
f02bdd |
==12029== by 0x4932F10: probe_worker_runfn (worker.c:81)
|
|
|
f02bdd |
==12029== by 0x4CDA431: start_thread (in /usr/lib64/libpthread-2.31.so)
|
|
|
f02bdd |
==12029== by 0x52A8912: clone (in /usr/lib64/libc-2.31.so)
|
|
|
f02bdd |
|
|
|
f02bdd |
==12029== at 0x483CCE8: realloc (vg_replace_malloc.c:834)
|
|
|
f02bdd |
==12029== by 0x4D9DCD8: rrealloc (in /usr/lib64/librpmio.so.9.0.1)
|
|
|
f02bdd |
==12029== by 0x4D25B88: headerFormat (in /usr/lib64/librpm.so.9.0.1)
|
|
|
f02bdd |
==12029== by 0x495E467: rpmverify_collect (rpmverifyfile_probe.c:230)
|
|
|
f02bdd |
==12029== by 0x495F461: rpmverifyfile_probe_main
|
|
|
f02bdd |
(rpmverifyfile_probe.c:543)
|
|
|
f02bdd |
==12029== by 0x4935598: probe_worker (worker.c:1090)
|
|
|
f02bdd |
==12029== by 0x4932F10: probe_worker_runfn (worker.c:81)
|
|
|
f02bdd |
==12029== by 0x4CDA431: start_thread (in
|
|
|
f02bdd |
/usr/lib64/libpthread-2.31.so)
|
|
|
f02bdd |
==12029== by 0x52A8912: clone (in /usr/lib64/libc-2.31.so)
|
|
|
f02bdd |
|
|
|
f02bdd |
Resolves: RHBZ#1861301
|
|
|
f02bdd |
---
|
|
|
f02bdd |
src/OVAL/probes/unix/linux/rpmverifyfile.c | 24 ++++++++++++++++------
|
|
|
f02bdd |
1 file changed, 18 insertions(+), 6 deletions(-)
|
|
|
f02bdd |
|
|
|
f02bdd |
diff --git a/src/OVAL/probes/unix/linux/rpmverifyfile.c b/src/OVAL/probes/unix/linux/rpmverifyfile.c
|
|
|
f02bdd |
index e17f1612b..781d071ab 100644
|
|
|
f02bdd |
--- a/src/OVAL/probes/unix/linux/rpmverifyfile.c
|
|
|
f02bdd |
+++ b/src/OVAL/probes/unix/linux/rpmverifyfile.c
|
|
|
f02bdd |
@@ -61,10 +61,10 @@
|
|
|
f02bdd |
|
|
|
f02bdd |
struct rpmverify_res {
|
|
|
f02bdd |
char *name; /**< package name */
|
|
|
f02bdd |
- const char *epoch;
|
|
|
f02bdd |
- const char *version;
|
|
|
f02bdd |
- const char *release;
|
|
|
f02bdd |
- const char *arch;
|
|
|
f02bdd |
+ char *epoch;
|
|
|
f02bdd |
+ char *version;
|
|
|
f02bdd |
+ char *release;
|
|
|
f02bdd |
+ char *arch;
|
|
|
f02bdd |
char *file; /**< filepath */
|
|
|
f02bdd |
char extended_name[1024];
|
|
|
f02bdd |
rpmVerifyAttrs vflags; /**< rpm verify flags */
|
|
|
f02bdd |
@@ -273,14 +273,14 @@ static int rpmverify_collect(probe_ctx *ctx,
|
|
|
f02bdd |
free(current_file_realpath);
|
|
|
f02bdd |
continue;
|
|
|
f02bdd |
}
|
|
|
f02bdd |
- res.file = current_file_realpath ? current_file_realpath : strdup(current_file);
|
|
|
f02bdd |
+ res.file = current_file_realpath ? oscap_strdup(current_file_realpath) : oscap_strdup(current_file);
|
|
|
f02bdd |
break;
|
|
|
f02bdd |
case OVAL_OPERATION_PATTERN_MATCH:
|
|
|
f02bdd |
ret = pcre_exec(re, NULL, current_file, strlen(current_file), 0, 0, NULL, 0);
|
|
|
f02bdd |
|
|
|
f02bdd |
switch(ret) {
|
|
|
f02bdd |
case 0: /* match */
|
|
|
f02bdd |
- res.file = strdup(current_file);
|
|
|
f02bdd |
+ res.file = oscap_strdup(current_file);
|
|
|
f02bdd |
break;
|
|
|
f02bdd |
case -1:
|
|
|
f02bdd |
/* mismatch */
|
|
|
f02bdd |
@@ -300,12 +300,18 @@ static int rpmverify_collect(probe_ctx *ctx,
|
|
|
f02bdd |
free(current_file_realpath);
|
|
|
f02bdd |
goto ret;
|
|
|
f02bdd |
}
|
|
|
f02bdd |
+ free(current_file_realpath);
|
|
|
f02bdd |
|
|
|
f02bdd |
if (rpmVerifyFile(g_rpm.rpmts, fi, &res.vflags, omit) != 0)
|
|
|
f02bdd |
res.vflags = RPMVERIFY_FAILURES;
|
|
|
f02bdd |
|
|
|
f02bdd |
if (callback(ctx, &res) != 0) {
|
|
|
f02bdd |
ret = 0;
|
|
|
f02bdd |
+ free(res.name);
|
|
|
f02bdd |
+ free(res.epoch);
|
|
|
f02bdd |
+ free(res.version);
|
|
|
f02bdd |
+ free(res.release);
|
|
|
f02bdd |
+ free(res.arch);
|
|
|
f02bdd |
free(res.file);
|
|
|
f02bdd |
goto ret;
|
|
|
f02bdd |
}
|
|
|
f02bdd |
@@ -314,6 +320,12 @@ static int rpmverify_collect(probe_ctx *ctx,
|
|
|
f02bdd |
|
|
|
f02bdd |
rpmfiFree(fi);
|
|
|
f02bdd |
}
|
|
|
f02bdd |
+
|
|
|
f02bdd |
+ free(res.name);
|
|
|
f02bdd |
+ free(res.epoch);
|
|
|
f02bdd |
+ free(res.version);
|
|
|
f02bdd |
+ free(res.release);
|
|
|
f02bdd |
+ free(res.arch);
|
|
|
f02bdd |
}
|
|
|
f02bdd |
|
|
|
f02bdd |
match = rpmdbFreeIterator (match);
|
|
|
f02bdd |
--
|
|
|
f02bdd |
2.26.2
|
|
|
f02bdd |
|