From 0c0d5fde55ff96f0e7b3e028edefafb5573ba34a Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Feb 16 2021 06:10:58 +0000
Subject: import rpm-4.14.3-13.el8


---

diff --git a/SOURCES/rpm-4.14.3-add-fapolicyd-rpm-plugin.patch b/SOURCES/rpm-4.14.3-add-fapolicyd-rpm-plugin.patch
index 36a5b19..3a9e808 100644
--- a/SOURCES/rpm-4.14.3-add-fapolicyd-rpm-plugin.patch
+++ b/SOURCES/rpm-4.14.3-add-fapolicyd-rpm-plugin.patch
@@ -340,3 +340,39 @@ index 000000000..50f50155c
 -- 
 2.29.2
 
+commit c66cee32e74ce1e507c031605e3d7b2c1391a52c
+Author: Radovan Sroka <rsroka@redhat.com>
+Date:   Wed Feb 10 17:04:55 2021 +0100
+
+    Fixed issues find by coverity
+    
+    - enhance the check for the file descriptor fd because 0 is also a valid
+    descriptor
+    
+    - added free() for sha so it doesn't leak memory for every file that is
+    processed
+    
+    Signed-off-by: Radovan Sroka <rsroka@redhat.com>
+
+diff --git a/plugins/fapolicyd.c b/plugins/fapolicyd.c
+index 50f50155c..48f65ae11 100644
+--- a/plugins/fapolicyd.c
++++ b/plugins/fapolicyd.c
+@@ -58,7 +58,7 @@ static rpmRC open_fifo(struct fapolicyd_data* state)
+     return RPMRC_OK;
+ 
+  bad:
+-    if (fd > 0)
++    if (fd >= 0)
+         close(fd);
+     return RPMRC_FAIL;
+ }
+@@ -176,6 +176,8 @@ static rpmRC fapolicyd_fsm_file_prepare(rpmPlugin plugin, rpmfi fi,
+     snprintf(buffer, 4096, "%s %lu %64s\n", dest, size, sha);
+     (void) write_fifo(&fapolicyd_state, buffer);
+ 
++    free(sha);
++
+  end:
+     return RPMRC_OK;
+ }
diff --git a/SPECS/rpm.spec b/SPECS/rpm.spec
index 1e663ad..09c2d5c 100644
--- a/SPECS/rpm.spec
+++ b/SPECS/rpm.spec
@@ -30,7 +30,7 @@
 
 %global rpmver 4.14.3
 #global snapver rc2
-%global rel 12
+%global rel 13
 
 %global srcver %{version}%{?snapver:-%{snapver}}
 %global srcdir %{?snapver:testing}%{!?snapver:%{name}-%(echo %{version} | cut -d'.' -f1-2).x}
@@ -454,6 +454,7 @@ done;
     --with-cap \
     --with-acl \
     %{?with_ndb: --enable-ndb} \
+    %{!?with_libarchive: --without-archive} \
     %{?with_libimaevm: --with-imaevm} \
     %{?with_zstd: --enable-zstd} \
     %{?with_lmdb: --enable-lmdb} \
@@ -552,7 +553,9 @@ make check || cat tests/rpmtests.log
 %attr(0644, root, root) %verify(not md5 size mtime) %ghost %config(missingok,noreplace) /var/lib/rpm/*
 
 %{_bindir}/rpm
+%if %{with libarchive}
 %{_bindir}/rpm2archive
+%endif
 %{_bindir}/rpm2cpio
 %{_bindir}/rpmdb
 %{_bindir}/rpmkeys
@@ -678,6 +681,10 @@ make check || cat tests/rpmtests.log
 %doc doc/librpm/html/*
 
 %changelog
+* Fri Feb 12 2021 Michal Domonkos <mdomonko@redhat.com> - 4.14.3-13
+- Fix minor issues found by COVSCAN in fapolicyd plugin
+- Actually honor libarchive bcond at configure time (#1902887)
+
 * Tue Feb 09 2021 Michal Domonkos <mdomonko@redhat.com> - 4.14.3-12
 - Bump up the limit of signature header to 64MB (#1918777)
 - Add fapolicyd plugin (#1923167)