packages/util-linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!315 [sync] PR-314: sync community patches

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @yue-yuankun 
Signed-off-by: @yue-yuankun
This commit is contained in:
openeuler-ci-bot 2024-12-13 08:24:10 +00:00 committed by Gitee
commit 14eebad757
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
3 changed files with 92 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
backport-sys-utils-save_adjtime-fix-memory-leak.patch Normal file
View File

@ -0,0 +1,42 @@
From 4e4fd6a5fc84b8dc172e1ea67b28064c67376d1a Mon Sep 17 00:00:00 2001
From: Maks Mishin <maks.mishinFZ@gmail.com>
Date: Thu, 17 Oct 2024 07:14:26 +0300
Subject: [PATCH] sys-utils: (save_adjtime): fix memory leak
Dynamic memory, referenced by 'content', is allocated by calling function 'xasprintf'
and lost when function returns.
Found by the static analyzer Svace.
Reference:https://github.com/util-linux/util-linux/commit/4e4fd6a5fc84b8dc172e1ea67b28064c67376d1a
Conflict:NA
---
sys-utils/hwclock.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/sys-utils/hwclock.c b/sys-utils/hwclock.c
index cea249eb..9e3a957a 100644
--- a/sys-utils/hwclock.c
+++ b/sys-utils/hwclock.c
@@ -917,6 +917,7 @@ static int save_adjtime(const struct hwclock_control *ctl,
fp = fopen(ctl->adj_file_name, "w");
if (fp == NULL) {
warn(_("cannot open %s"), ctl->adj_file_name);
+ free(content);
return EXIT_FAILURE;
}
@@ -925,9 +926,11 @@ static int save_adjtime(const struct hwclock_control *ctl,
if (rc) {
warn(_("cannot update %s"), ctl->adj_file_name);
+ free(content);
return EXIT_FAILURE;
}
}
+ free(content);
return EXIT_SUCCESS;
}
--
2.33.0

39
backport-sys-utils-setpriv-fix-potential-memory-leak.patch Normal file
View File

@ -0,0 +1,39 @@
From 8f15d94a21cbc6886bdf2474e6e1bb507cab1149 Mon Sep 17 00:00:00 2001
From: Maks Mishin <maks.mishinFZ@gmail.com>
Date: Thu, 10 Oct 2024 20:23:49 +0300
Subject: [PATCH] sys-utils: (setpriv): fix potential memory leak
Dynamic memory, referenced by 'buf' is allocated by calling function 'xstrdup'
add then changed by calling of strsep function.
The free(buf) call is incorrect if buf != NULL, and points to some
place inside or outside the source string.
Reference:https://github.com/util-linux/util-linux/commit/8f15d94a21cbc6886bdf2474e6e1bb507cab1149
Conflict:NA
---
sys-utils/setpriv.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/sys-utils/setpriv.c b/sys-utils/setpriv.c
index bd188e4d..5899552d 100644
--- a/sys-utils/setpriv.c
+++ b/sys-utils/setpriv.c
@@ -578,6 +578,7 @@ static void do_caps(enum cap_type type, const char *caps)
static void parse_securebits(struct privctx *opts, const char *arg)
{
char *buf = xstrdup(arg);
+ char *source_buf = buf;
char *c;
opts->have_securebits = 1;
@@ -631,7 +632,7 @@ static void parse_securebits(struct privctx *opts, const char *arg)
opts->securebits |= SECBIT_KEEP_CAPS; /* We need it, and it's reset on exec */
- free(buf);
+ free(source_buf);
}
static void do_selinux_label(const char *label)
--
2.33.0

12
util-linux.spec
View File

@ -3,7 +3,7 @@
Name: util-linux Name: util-linux
Version: 2.37.2 Version: 2.37.2
Release: 38 Release: 39
Summary: A random collection of Linux utilities Summary: A random collection of Linux utilities
License: GPLv2 and GPLv2+ and LGPLv2+ and BSD with advertising and Public Domain License: GPLv2 and GPLv2+ and LGPLv2+ and BSD with advertising and Public Domain
URL: https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git URL: https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git
@ -159,6 +159,8 @@ Patch6137: backport-lsmem-make-lsmem-to-check-for-the-nodes-more-robust.pat
Patch6138: backport-cfdisk-fix-possible-integer-overflow-coverity-scan.patch Patch6138: backport-cfdisk-fix-possible-integer-overflow-coverity-scan.patch
Patch6139: backport-more-make-sure-we-have-data-on-stderr.patch Patch6139: backport-more-make-sure-we-have-data-on-stderr.patch
Patch6140: backport-libblkid-apfs-validate-checksums.patch Patch6140: backport-libblkid-apfs-validate-checksums.patch
Patch6141: backport-sys-utils-setpriv-fix-potential-memory-leak.patch
Patch6142: backport-sys-utils-save_adjtime-fix-memory-leak.patch
Patch9000: Add-check-to-resolve-uname26-version-test-failed.patch Patch9000: Add-check-to-resolve-uname26-version-test-failed.patch
Patch9001: SKIPPED-no-root-permissions-test.patch Patch9001: SKIPPED-no-root-permissions-test.patch
@ -537,6 +539,14 @@ fi
%{_mandir}/man8/{swapoff.8*,swapon.8*,switch_root.8*,umount.8*,wdctl.8.gz,wipefs.8*,zramctl.8*} %{_mandir}/man8/{swapoff.8*,swapon.8*,switch_root.8*,umount.8*,wdctl.8.gz,wipefs.8*,zramctl.8*}
%changelog %changelog
* Thu Dec 12 2024 zhangyao <zhangyao108@huawei.com> - 2.37.2-39
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:sync community patches
[add] backport-sys-utils-setpriv-fix-potential-memory-leak.patch
backport-sys-utils-save_adjtime-fix-memory-leak.patch
* Mon Nov 04 2024 zhangyao <zhangyao108@huawei.com> - 2.37.2-38 * Mon Nov 04 2024 zhangyao <zhangyao108@huawei.com> - 2.37.2-38
- Type:bugfix - Type:bugfix
- CVE:NA - CVE:NA