Plug resource leak of nums utarray

Resolves: RHEL-32067
This commit is contained in:
Christian Hergert 2024-06-12 13:30:00 -07:00
parent ccd2e8b046
commit 82aacd4cdb
2 changed files with 45 additions and 1 deletions

View File

@ -16,7 +16,7 @@ editors.}
Name: editorconfig
Summary: Parser for EditorConfig files written in C
Version: 0.12.7
Release: 1%{?dist}
Release: 2%{?dist}
# The entire source is BSD-2-Clause, except:
# BSD-3-Clause: src/lib/ini.h
@ -34,6 +34,8 @@ License: BSD-2-Clause AND BSD-3-Clause AND BSD-1-Clause
URL: https://github.com/editorconfig/editorconfig-core-c
Source0: %{url}/archive/v%{version}/%{srcname}-%{version}.tar.gz
Patch0: plug-leak-nums-utarray.patch
BuildRequires: cmake
BuildRequires: doxygen
BuildRequires: gcc
@ -139,6 +141,9 @@ rm %{buildroot}/%{_libdir}/libeditorconfig_static.a
%changelog
* Wed Jun 12 2024 Christian Hergert <chergert@redhat.com> - 0.12.7-2
- Add patch to plug resource leak of nums utarray
* Wed Apr 03 2024 Benjamin A. Beasley <code@musicinmybrain.net> - 0.12.7-1
- Update to 0.12.7 (close RHBZ#2272370)

View File

@ -0,0 +1,39 @@
From ca14e1521e52981d94fbd35d7e8fcbc32c45fa50 Mon Sep 17 00:00:00 2001
From: Christian Hergert <chergert@redhat.com>
Date: Wed, 12 Jun 2024 13:21:49 -0700
Subject: [PATCH] lib/ec_glob: plug leak of nums utarray
---
src/lib/ec_glob.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/lib/ec_glob.c b/src/lib/ec_glob.c
index c2b83cf..9bfaf9e 100644
--- a/src/lib/ec_glob.c
+++ b/src/lib/ec_glob.c
@@ -53,16 +53,20 @@ static const UT_icd ut_int_pair_icd = {sizeof(int_pair),NULL,NULL,NULL};
#define STRING_CAT(p, string, end) do { \
size_t string_len = strlen(string); \
assert(end > p); \
- if (string_len >= (size_t)(end - p)) \
+ if (string_len >= (size_t)(end - p)) { \
+ utarray_free(nums); \
return -1; \
+ } \
strcat(p, string); \
p += string_len; \
} while(0)
/* safely add a char to a string then move the pointer to the end */
#define ADD_CHAR(string, new_chr, end) do { \
- if (string + 1 >= end) \
+ if (string + 1 >= end) { \
+ utarray_free(nums); \
return -1; \
+ } \
*(string ++) = new_chr; \
} while(0)
--
2.45.1