Fix memory leak in fsck

Upstream fix for this is part of d58057bd9b2f4a24b874a69975ea186466937360 So when we rebase to 1.1.4 we should drop this patch. Fix convscan problem RESOURCE_LEAK (CWE-772): [#def10] [important] exfatprogs-1.1.3/fsck/fsck.c:792: alloc_fn: Storage is returned from allocation function "malloc". exfatprogs-1.1.3/fsck/fsck.c:792: var_assign: Assigning: "boot_sect" = storage returned from "malloc(512UL)". exfatprogs-1.1.3/fsck/fsck.c:796: noescape: Resource "boot_sect" is not freed or pointed-to in "exfat_read". exfatprogs-1.1.3/fsck/fsck.c:799: leaked_storage: Variable "boot_sect" Resolves: rhbz#2077816 Signed-off-by: Pavel Reichl <preichl@redhat.com>
2022-05-09 22:09:48 +02:00 · 2022-05-09 22:09:48 +02:00 · e223325d9c
commit e223325d9c
parent 40f367272c
2 changed files with 17 additions and 3 deletions
--- a/0001-fsck-fix-memory-leak.patch
+++ b/0001-fsck-fix-memory-leak.patch
@ -0,0 +1,10 @@
+--- a/fsck/fsck.c	2021-11-17 10:13:55.729267514 +0100
+++ b/fsck/fsck.c	2022-05-10 12:19:36.397415101 +0200
+@@ -796,6 +796,7 @@
+ 	if (exfat_read(exfat->blk_dev->dev_fd, boot_sect,
+ 		       sizeof(*boot_sect), 0) != (ssize_t)sizeof(*boot_sect)) {
+ 		exfat_err("failed to read Main boot sector\n");
+		free(boot_sect);
+ 		return -EIO;
+ 	}
+ 
--- a/exfatprogs.spec
+++ b/exfatprogs.spec
@ -1,11 +1,12 @@
 Name:           exfatprogs
 Version:        1.1.3
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        Userspace utilities for exFAT filesystems
 License:        GPLv2
 URL:            https://github.com/%{name}/%{name}

 Source0:        %{url}/releases/download/%{version}/%{name}-%{version}.tar.xz
+Patch0:         0001-fsck-fix-memory-leak.patch

 BuildRequires:  autoconf
 BuildRequires:  automake
@ -17,7 +18,7 @@ BuildRequires:  make
 Utilities for formatting and repairing exFAT filesystems.

 %prep
-%autosetup
+%autosetup -p1

 %build
 autoreconf -vif
@ -44,7 +45,10 @@ autoreconf -vif
 %{_mandir}/man8/tune.exfat.*

 %changelog
-* Wed Apr 20 2022 Pavel Reichl <preichl@redhat.com> - 1.1.2-3
+* Mon May 09 2022 Pavel Reichl <preichl@redhat.com> - 1.1.3-2
+- Fix memomry leak
+
+* Wed Apr 20 2022 Pavel Reichl <preichl@redhat.com> - 1.1.3-1
 - Rebase

 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.1.2-2