diff --git a/SOURCES/CVE-2019-18874.patch b/SOURCES/CVE-2019-18874.patch new file mode 100644 index 0000000..d94d768 --- /dev/null +++ b/SOURCES/CVE-2019-18874.patch @@ -0,0 +1,600 @@ +diff --git a/psutil/_psutil_aix.c b/psutil/_psutil_aix.c +index 916254d..37a1fb2 100644 +--- a/psutil/_psutil_aix.c ++++ b/psutil/_psutil_aix.c +@@ -158,8 +158,8 @@ psutil_proc_name_and_args(PyObject *self, PyObject *args) { + py_retlist = Py_BuildValue("OO", py_name, py_args); + if (!py_retlist) + goto error; +- Py_DECREF(py_name); +- Py_DECREF(py_args); ++ Py_CLEAR(py_name); ++ Py_CLEAR(py_args); + return py_retlist; + + error: +@@ -389,10 +389,10 @@ psutil_users(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_username); +- Py_DECREF(py_tty); +- Py_DECREF(py_hostname); +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_username); ++ Py_CLEAR(py_tty); ++ Py_CLEAR(py_hostname); ++ Py_CLEAR(py_tuple); + } + endutxent(); + +@@ -449,9 +449,9 @@ psutil_disk_partitions(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_dev); +- Py_DECREF(py_mountp); +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_dev); ++ Py_CLEAR(py_mountp); ++ Py_CLEAR(py_tuple); + mt = getmntent(file); + } + endmntent(file); +diff --git a/psutil/_psutil_bsd.c b/psutil/_psutil_bsd.c +index 9a2ed04..3dc04e0 100644 +--- a/psutil/_psutil_bsd.c ++++ b/psutil/_psutil_bsd.c +@@ -152,7 +152,7 @@ psutil_pids(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_pid)) + goto error; +- Py_DECREF(py_pid); ++ Py_CLEAR(py_pid); + proclist++; + } + free(orig_address); +@@ -507,8 +507,8 @@ psutil_proc_open_files(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_path); +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_path); ++ Py_CLEAR(py_tuple); + } + } + free(freep); +@@ -670,9 +670,9 @@ psutil_disk_partitions(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_dev); +- Py_DECREF(py_mountp); +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_dev); ++ Py_CLEAR(py_mountp); ++ Py_CLEAR(py_tuple); + } + + free(fs); +@@ -765,7 +765,7 @@ psutil_net_io_counters(PyObject *self, PyObject *args) { + goto error; + if (PyDict_SetItemString(py_retdict, ifc_name, py_ifc_info)) + goto error; +- Py_DECREF(py_ifc_info); ++ Py_CLEAR(py_ifc_info); + } + else { + continue; +@@ -840,10 +840,10 @@ psutil_users(PyObject *self, PyObject *args) { + fclose(fp); + goto error; + } +- Py_DECREF(py_username); +- Py_DECREF(py_tty); +- Py_DECREF(py_hostname); +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_username); ++ Py_CLEAR(py_tty); ++ Py_CLEAR(py_hostname); ++ Py_CLEAR(py_tuple); + } + + fclose(fp); +@@ -883,10 +883,10 @@ psutil_users(PyObject *self, PyObject *args) { + endutxent(); + goto error; + } +- Py_DECREF(py_username); +- Py_DECREF(py_tty); +- Py_DECREF(py_hostname); +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_username); ++ Py_CLEAR(py_tty); ++ Py_CLEAR(py_hostname); ++ Py_CLEAR(py_tuple); + } + + endutxent(); +diff --git a/psutil/_psutil_linux.c b/psutil/_psutil_linux.c +index d1f0d14..00212ba 100644 +--- a/psutil/_psutil_linux.c ++++ b/psutil/_psutil_linux.c +@@ -232,9 +232,9 @@ psutil_disk_partitions(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_dev); +- Py_DECREF(py_mountp); +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_dev); ++ Py_CLEAR(py_mountp); ++ Py_CLEAR(py_tuple); + } + endmntent(file); + return py_retlist; +@@ -488,10 +488,10 @@ psutil_users(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_username); +- Py_DECREF(py_tty); +- Py_DECREF(py_hostname); +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_username); ++ Py_CLEAR(py_tty); ++ Py_CLEAR(py_hostname); ++ Py_CLEAR(py_tuple); + } + endutent(); + return py_retlist; +diff --git a/psutil/_psutil_osx.c b/psutil/_psutil_osx.c +index 55dd64c..37f5284 100644 +--- a/psutil/_psutil_osx.c ++++ b/psutil/_psutil_osx.c +@@ -795,7 +795,7 @@ psutil_per_cpu_times(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_cputime)) + goto error; +- Py_DECREF(py_cputime); ++ Py_CLEAR(py_cputime); + } + + ret = vm_deallocate(mach_task_self(), (vm_address_t)info_array, +@@ -977,9 +977,9 @@ psutil_disk_partitions(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_dev); +- Py_DECREF(py_mountp); +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_dev); ++ Py_CLEAR(py_mountp); ++ Py_CLEAR(py_tuple); + } + + free(fs); +@@ -1055,7 +1055,6 @@ psutil_proc_threads(PyObject *self, PyObject *args) { + } + + for (j = 0; j < thread_count; j++) { +- py_tuple = NULL; + thread_info_count = THREAD_INFO_MAX; + kr = thread_info(thread_list[j], THREAD_BASIC_INFO, + (thread_info_t)thinfo_basic, &thread_info_count); +@@ -1076,7 +1075,7 @@ psutil_proc_threads(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_tuple); + } + + ret = vm_deallocate(task, (vm_address_t)thread_list, +@@ -1185,10 +1184,8 @@ psutil_proc_open_files(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_tuple); +- py_tuple = NULL; +- Py_DECREF(py_path); +- py_path = NULL; ++ Py_CLEAR(py_tuple); ++ Py_CLEAR(py_path); + // --- /construct python list + } + } +@@ -1368,7 +1365,7 @@ psutil_proc_connections(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_tuple); + } + else if (family == AF_UNIX) { + py_laddr = PyUnicode_DecodeFSDefault( +@@ -1390,9 +1387,9 @@ psutil_proc_connections(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_tuple); +- Py_DECREF(py_laddr); +- Py_DECREF(py_raddr); ++ Py_CLEAR(py_tuple); ++ Py_CLEAR(py_laddr); ++ Py_CLEAR(py_raddr); + } + } + } +@@ -1513,7 +1510,7 @@ psutil_net_io_counters(PyObject *self, PyObject *args) { + goto error; + if (PyDict_SetItemString(py_retdict, ifc_name, py_ifc_info)) + goto error; +- Py_DECREF(py_ifc_info); ++ Py_CLEAR(py_ifc_info); + } + else { + continue; +@@ -1686,7 +1683,7 @@ psutil_disk_io_counters(PyObject *self, PyObject *args) { + goto error; + if (PyDict_SetItemString(py_retdict, disk_name, py_disk_info)) + goto error; +- Py_DECREF(py_disk_info); ++ Py_CLEAR(py_disk_info); + + CFRelease(parent_dict); + IOObjectRelease(parent); +@@ -1748,10 +1745,10 @@ psutil_users(PyObject *self, PyObject *args) { + endutxent(); + goto error; + } +- Py_DECREF(py_username); +- Py_DECREF(py_tty); +- Py_DECREF(py_hostname); +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_username); ++ Py_CLEAR(py_tty); ++ Py_CLEAR(py_hostname); ++ Py_CLEAR(py_tuple); + } + + endutxent(); +diff --git a/psutil/_psutil_posix.c b/psutil/_psutil_posix.c +index cc82727..6d9212a 100644 +--- a/psutil/_psutil_posix.c ++++ b/psutil/_psutil_posix.c +@@ -324,11 +324,11 @@ psutil_net_if_addrs(PyObject* self, PyObject* args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_tuple); +- Py_DECREF(py_address); +- Py_DECREF(py_netmask); +- Py_DECREF(py_broadcast); +- Py_DECREF(py_ptp); ++ Py_CLEAR(py_tuple); ++ Py_CLEAR(py_address); ++ Py_CLEAR(py_netmask); ++ Py_CLEAR(py_broadcast); ++ Py_CLEAR(py_ptp); + } + + freeifaddrs(ifaddr); +diff --git a/psutil/_psutil_sunos.c b/psutil/_psutil_sunos.c +index c667364..ff635f6 100644 +--- a/psutil/_psutil_sunos.c ++++ b/psutil/_psutil_sunos.c +@@ -214,8 +214,8 @@ psutil_proc_environ(PyObject *self, PyObject *args) { + if (PyDict_SetItem(py_retdict, py_envname, py_envval) < 0) + goto error; + +- Py_DECREF(py_envname); +- Py_DECREF(py_envval); ++ Py_CLEAR(py_envname); ++ Py_CLEAR(py_envval); + } + + psutil_free_cstrings_array(env, env_count); +@@ -576,10 +576,10 @@ psutil_users(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_username); +- Py_DECREF(py_tty); +- Py_DECREF(py_hostname); +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_username); ++ Py_CLEAR(py_tty); ++ Py_CLEAR(py_hostname); ++ Py_CLEAR(py_tuple); + } + endutxent(); + +@@ -635,9 +635,9 @@ psutil_disk_partitions(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_dev); +- Py_DECREF(py_mountp); +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_dev); ++ Py_CLEAR(py_mountp); ++ Py_CLEAR(py_tuple); + } + fclose(file); + return py_retlist; +@@ -688,8 +688,7 @@ psutil_per_cpu_times(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_cputime)) + goto error; +- Py_DECREF(py_cputime); +- py_cputime = NULL; ++ Py_CLEAR(py_cputime); + } + } + +@@ -745,7 +744,7 @@ psutil_disk_io_counters(PyObject *self, PyObject *args) { + if (PyDict_SetItemString(py_retdict, ksp->ks_name, + py_disk_info)) + goto error; +- Py_DECREF(py_disk_info); ++ Py_CLEAR(py_disk_info); + } + } + ksp = ksp->ks_next; +@@ -880,8 +879,8 @@ psutil_proc_memory_maps(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_path); +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_path); ++ Py_CLEAR(py_tuple); + + // increment pointer + p += 1; +@@ -996,7 +995,7 @@ psutil_net_io_counters(PyObject *self, PyObject *args) { + goto error; + if (PyDict_SetItemString(py_retdict, ksp->ks_name, py_ifc_info)) + goto error; +- Py_DECREF(py_ifc_info); ++ Py_CLEAR(py_ifc_info); + goto next; + + next: +@@ -1189,7 +1188,7 @@ psutil_net_connections(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_tuple); + } + } + #if defined(AF_INET6) +@@ -1232,7 +1231,7 @@ psutil_net_connections(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_tuple); + } + } + #endif +@@ -1240,7 +1239,7 @@ psutil_net_connections(PyObject *self, PyObject *args) { + else if (mibhdr->level == MIB2_UDP || mibhdr->level == MIB2_UDP_ENTRY) { + ude = (mib2_udpEntry_t *)databuf.buf; + num_ent = mibhdr->len / sizeof(mib2_udpEntry_t); +- assert(num_ent * sizeof(mib2_udpEntry_t) == mibhdr->len); ++ assert(num_ent * sizeof(mib2_udpEntry_t) == mibhdr.len); + for (i = 0; i < num_ent; i++, ude++) { + #ifdef NEW_MIB_COMPLIANT + processed_pid = ude->udpCreationProcess; +@@ -1271,7 +1270,7 @@ psutil_net_connections(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_tuple); + } + } + #if defined(AF_INET6) +@@ -1304,7 +1303,7 @@ psutil_net_connections(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_tuple); + } + } + #endif +@@ -1477,7 +1476,7 @@ psutil_net_if_stats(PyObject* self, PyObject* args) { + goto error; + if (PyDict_SetItemString(py_retdict, ksp->ks_name, py_ifc_info)) + goto error; +- Py_DECREF(py_ifc_info); ++ Py_CLEAR(py_ifc_info); + } + } + +diff --git a/psutil/_psutil_windows.c b/psutil/_psutil_windows.c +index 81d1b4a..adef70c 100644 +--- a/psutil/_psutil_windows.c ++++ b/psutil/_psutil_windows.c +@@ -307,7 +307,7 @@ psutil_pids(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_pid)) + goto error; +- Py_DECREF(py_pid); ++ Py_CLEAR(py_pid); + } + + // free C array allocated for PIDs +@@ -1019,7 +1019,7 @@ psutil_per_cpu_times(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_tuple); + } + + free(sppi); +@@ -1237,7 +1237,7 @@ psutil_proc_threads(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_tuple); + + CloseHandle(hThread); + } +@@ -1695,7 +1695,7 @@ psutil_net_connections(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_conn_tuple)) + goto error; +- Py_DECREF(py_conn_tuple); ++ Py_CLEAR(py_conn_tuple); + } + } + else { +@@ -1792,7 +1792,7 @@ psutil_net_connections(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_conn_tuple)) + goto error; +- Py_DECREF(py_conn_tuple); ++ Py_CLEAR(py_conn_tuple); + } + } + else { +@@ -1866,7 +1866,7 @@ psutil_net_connections(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_conn_tuple)) + goto error; +- Py_DECREF(py_conn_tuple); ++ Py_CLEAR(py_conn_tuple); + } + } + else { +@@ -1939,7 +1939,7 @@ psutil_net_connections(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_conn_tuple)) + goto error; +- Py_DECREF(py_conn_tuple); ++ Py_CLEAR(py_conn_tuple); + } + } + else { +@@ -2331,8 +2331,8 @@ psutil_net_io_counters(PyObject *self, PyObject *args) { + goto error; + if (PyDict_SetItem(py_retdict, py_nic_name, py_nic_info)) + goto error; +- Py_XDECREF(py_nic_name); +- Py_XDECREF(py_nic_info); ++ Py_CLEAR(py_nic_name); ++ Py_CLEAR(py_nic_info); + + free(pIfRow); + pCurrAddresses = pCurrAddresses->Next; +@@ -2446,7 +2446,7 @@ psutil_disk_io_counters(PyObject *self, PyObject *args) { + goto error; + if (PyDict_SetItemString(py_retdict, szDeviceDisplay, py_tuple)) + goto error; +- Py_XDECREF(py_tuple); ++ Py_CLEAR(py_tuple); + + next: + CloseHandle(hDevice); +@@ -2603,7 +2603,7 @@ psutil_disk_partitions(PyObject *self, PyObject *args) { + goto error; + } + +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_tuple); + + // Continue looking for more mount points + mp_flag = FindNextVolumeMountPoint(mp_h, mp_buf, MAX_PATH); +@@ -2628,7 +2628,7 @@ psutil_disk_partitions(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_tuple); ++ Py_CLEAR(py_tuple); + goto next; + + next: +@@ -2758,9 +2758,9 @@ psutil_users(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_XDECREF(py_username); +- Py_XDECREF(py_address); +- Py_XDECREF(py_tuple); ++ Py_CLEAR(py_username); ++ Py_CLEAR(py_address); ++ Py_CLEAR(py_tuple); + } + + WTSFreeMemory(sessions); +@@ -2992,8 +2992,8 @@ psutil_proc_memory_maps(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_tuple); +- Py_DECREF(py_str); ++ Py_CLEAR(py_tuple); ++ Py_CLEAR(py_str); + } + previousAllocationBase = basicInfo.AllocationBase; + baseAddress = (PCHAR)baseAddress + basicInfo.RegionSize; +@@ -3043,8 +3043,8 @@ psutil_ppid_map(PyObject *self, PyObject *args) { + goto error; + if (PyDict_SetItem(py_retdict, py_pid, py_ppid)) + goto error; +- Py_DECREF(py_pid); +- Py_DECREF(py_ppid); ++ Py_CLEAR(py_pid); ++ Py_CLEAR(py_ppid); + } while (Process32Next(handle, &pe)); + } + +@@ -3147,8 +3147,8 @@ psutil_net_if_addrs(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_tuple); +- Py_DECREF(py_mac_address); ++ Py_CLEAR(py_tuple); ++ Py_CLEAR(py_mac_address); + } + + // find out the IP address associated with the NIC +@@ -3224,14 +3224,14 @@ psutil_net_if_addrs(PyObject *self, PyObject *args) { + goto error; + if (PyList_Append(py_retlist, py_tuple)) + goto error; +- Py_DECREF(py_tuple); +- Py_DECREF(py_address); +- Py_DECREF(py_netmask); ++ Py_CLEAR(py_tuple); ++ Py_CLEAR(py_address); ++ Py_CLEAR(py_netmask); + + pUnicast = pUnicast->Next; + } + } +- Py_DECREF(py_nic_name); ++ Py_CLEAR(py_nic_name); + pCurrAddresses = pCurrAddresses->Next; + } + +@@ -3351,8 +3351,8 @@ psutil_net_if_stats(PyObject *self, PyObject *args) { + goto error; + if (PyDict_SetItem(py_retdict, py_nic_name, py_ifc_info)) + goto error; +- Py_DECREF(py_nic_name); +- Py_DECREF(py_ifc_info); ++ Py_CLEAR(py_nic_name); ++ Py_CLEAR(py_ifc_info); + } + + free(pIfTable); diff --git a/SPECS/python-psutil.spec b/SPECS/python-psutil.spec index 7eb5669..06cf958 100644 --- a/SPECS/python-psutil.spec +++ b/SPECS/python-psutil.spec @@ -13,17 +13,17 @@ Name: python-%{srcname} Version: 5.4.3 -Release: 10%{?dist} +Release: 11%{?dist} Summary: %{sum} License: BSD URL: https://github.com/giampaolo/psutil Source0: https://github.com/giampaolo/psutil/archive/release-%{version}.tar.gz#/%{srcname}-%{version}.tar.gz -# -# Disable upstream failing test -# https://github.com/giampaolo/psutil/issues/946 -# -#Patch0: psutil-5.4.3-disable-broken-tests.patch + +# Fix CVE-2019-18874: double free because of refcount mishandling +# Resolved upstream: https://github.com/giampaolo/psutil/commit/7d512c8e4442a896d56505be3e78f1156f443465 +# and https://github.com/giampaolo/psutil/commit/3a9bccfd2c6d2e6538298cd3892058b1204056e0 +Patch0: CVE-2019-18874.patch BuildRequires: procps-ng @@ -71,7 +71,7 @@ ifconfig, nice, ionice, iostat, iotop, uptime, pidof, tty, who, taskset, pmap. %prep -%autosetup -p0 -n %{srcname}-release-%{version} +%autosetup -p1 -n %{srcname}-release-%{version} # Remove shebangs find psutil -name \*.py | while read file; do @@ -119,6 +119,10 @@ done %changelog +* Mon Jul 26 2021 Charalampos Stratakis - 5.4.3-11 +- Security fix for CVE-2019-18874: double free because of refcount mishandling +Resolves: rhbz#1772014 + * Mon Aug 05 2019 Athos Ribeiro - 5.4.3-10 - Smoke tests shall only run unicode tests