|
|
4def80 |
From 4ef60df7edfdd7a49a565494142f86d93f9268b3 Mon Sep 17 00:00:00 2001
|
|
|
4def80 |
From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
|
|
|
4def80 |
Date: Fri, 31 Jul 2020 10:38:17 +0200
|
|
|
4def80 |
Subject: [PATCH] Plug a memory leak
|
|
|
4def80 |
|
|
|
4def80 |
==12029== at 0x483A809: malloc (vg_replace_malloc.c:307)
|
|
|
4def80 |
==12029== by 0x51F1386: realpath@@GLIBC_2.3 (in /usr/lib64/libc-2.31.so)
|
|
|
4def80 |
==12029== by 0x489F8CA: oscap_realpath (util.c:251)
|
|
|
4def80 |
==12029== by 0x495E6EF: rpmverify_collect (rpmverifyfile_probe.c:248)
|
|
|
4def80 |
==12029== by 0x495F461: rpmverifyfile_probe_main (rpmverifyfile_probe.c:543)
|
|
|
4def80 |
==12029== by 0x4935598: probe_worker (worker.c:1090)
|
|
|
4def80 |
==12029== by 0x4932F10: probe_worker_runfn (worker.c:81)
|
|
|
4def80 |
==12029== by 0x4CDA431: start_thread (in /usr/lib64/libpthread-2.31.so)
|
|
|
4def80 |
==12029== by 0x52A8912: clone (in /usr/lib64/libc-2.31.so)
|
|
|
4def80 |
|
|
|
4def80 |
==12029== at 0x483CCE8: realloc (vg_replace_malloc.c:834)
|
|
|
4def80 |
==12029== by 0x4D9DCD8: rrealloc (in /usr/lib64/librpmio.so.9.0.1)
|
|
|
4def80 |
==12029== by 0x4D25B88: headerFormat (in /usr/lib64/librpm.so.9.0.1)
|
|
|
4def80 |
==12029== by 0x495E467: rpmverify_collect (rpmverifyfile_probe.c:230)
|
|
|
4def80 |
==12029== by 0x495F461: rpmverifyfile_probe_main
|
|
|
4def80 |
(rpmverifyfile_probe.c:543)
|
|
|
4def80 |
==12029== by 0x4935598: probe_worker (worker.c:1090)
|
|
|
4def80 |
==12029== by 0x4932F10: probe_worker_runfn (worker.c:81)
|
|
|
4def80 |
==12029== by 0x4CDA431: start_thread (in
|
|
|
4def80 |
/usr/lib64/libpthread-2.31.so)
|
|
|
4def80 |
==12029== by 0x52A8912: clone (in /usr/lib64/libc-2.31.so)
|
|
|
4def80 |
|
|
|
4def80 |
Resolves: RHBZ#1861301
|
|
|
4def80 |
---
|
|
|
4def80 |
.../probes/unix/linux/rpmverifyfile_probe.c | 24 ++++++++++++++-----
|
|
|
4def80 |
1 file changed, 18 insertions(+), 6 deletions(-)
|
|
|
4def80 |
|
|
|
4def80 |
diff --git a/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c b/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c
|
|
|
4def80 |
index c86818e72..57d69f552 100644
|
|
|
4def80 |
--- a/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c
|
|
|
4def80 |
+++ b/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c
|
|
|
4def80 |
@@ -61,10 +61,10 @@
|
|
|
4def80 |
|
|
|
4def80 |
struct rpmverify_res {
|
|
|
4def80 |
char *name; /**< package name */
|
|
|
4def80 |
- const char *epoch;
|
|
|
4def80 |
- const char *version;
|
|
|
4def80 |
- const char *release;
|
|
|
4def80 |
- const char *arch;
|
|
|
4def80 |
+ char *epoch;
|
|
|
4def80 |
+ char *version;
|
|
|
4def80 |
+ char *release;
|
|
|
4def80 |
+ char *arch;
|
|
|
4def80 |
char *file; /**< filepath */
|
|
|
4def80 |
char extended_name[1024];
|
|
|
4def80 |
rpmVerifyAttrs vflags; /**< rpm verify flags */
|
|
|
4def80 |
@@ -272,14 +272,14 @@ static int rpmverify_collect(probe_ctx *ctx,
|
|
|
4def80 |
free(current_file_realpath);
|
|
|
4def80 |
continue;
|
|
|
4def80 |
}
|
|
|
4def80 |
- res.file = current_file_realpath ? current_file_realpath : strdup(current_file);
|
|
|
4def80 |
+ res.file = current_file_realpath ? oscap_strdup(current_file_realpath) : oscap_strdup(current_file);
|
|
|
4def80 |
break;
|
|
|
4def80 |
case OVAL_OPERATION_PATTERN_MATCH:
|
|
|
4def80 |
ret = pcre_exec(re, NULL, current_file, strlen(current_file), 0, 0, NULL, 0);
|
|
|
4def80 |
|
|
|
4def80 |
switch(ret) {
|
|
|
4def80 |
case 0: /* match */
|
|
|
4def80 |
- res.file = strdup(current_file);
|
|
|
4def80 |
+ res.file = oscap_strdup(current_file);
|
|
|
4def80 |
break;
|
|
|
4def80 |
case -1:
|
|
|
4def80 |
/* mismatch */
|
|
|
4def80 |
@@ -299,12 +299,18 @@ static int rpmverify_collect(probe_ctx *ctx,
|
|
|
4def80 |
free(current_file_realpath);
|
|
|
4def80 |
goto ret;
|
|
|
4def80 |
}
|
|
|
4def80 |
+ free(current_file_realpath);
|
|
|
4def80 |
|
|
|
4def80 |
if (rpmVerifyFile(g_rpm->rpmts, fi, &res.vflags, omit) != 0)
|
|
|
4def80 |
res.vflags = RPMVERIFY_FAILURES;
|
|
|
4def80 |
|
|
|
4def80 |
if (callback(ctx, &res) != 0) {
|
|
|
4def80 |
ret = 0;
|
|
|
4def80 |
+ free(res.name);
|
|
|
4def80 |
+ free(res.epoch);
|
|
|
4def80 |
+ free(res.version);
|
|
|
4def80 |
+ free(res.release);
|
|
|
4def80 |
+ free(res.arch);
|
|
|
4def80 |
free(res.file);
|
|
|
4def80 |
goto ret;
|
|
|
4def80 |
}
|
|
|
4def80 |
@@ -313,6 +319,12 @@ static int rpmverify_collect(probe_ctx *ctx,
|
|
|
4def80 |
|
|
|
4def80 |
rpmfiFree(fi);
|
|
|
4def80 |
}
|
|
|
4def80 |
+
|
|
|
4def80 |
+ free(res.name);
|
|
|
4def80 |
+ free(res.epoch);
|
|
|
4def80 |
+ free(res.version);
|
|
|
4def80 |
+ free(res.release);
|
|
|
4def80 |
+ free(res.arch);
|
|
|
4def80 |
}
|
|
|
4def80 |
|
|
|
4def80 |
match = rpmdbFreeIterator (match);
|
|
|
4def80 |
--
|
|
|
4def80 |
2.26.2
|
|
|
4def80 |
|