Resolves: #1685217 - fix double free on read error

2019-06-11 09:32:03 +02:00 · 2019-06-11 09:32:03 +02:00 · 3af112df01
commit 3af112df01
parent e2b7f4ec8a
2 changed files with 33 additions and 1 deletions
--- a/file-5.37-double-free.patch
+++ b/file-5.37-double-free.patch
@ -0,0 +1,26 @@
+From 23c6cde85e411d72b13b1d10d45fc664c3da6a5d Mon Sep 17 00:00:00 2001
+From: Christos Zoulas <christos@zoulas.com>
+Date: Mon, 10 Jun 2019 21:35:26 +0000
+Subject: [PATCH] Set buffer to NULL to prevent double free (Kamil Dudka at redhat)
+
+Upstream-commit: d13204e8da43f1d8a98cf3f74591cde02ecdb2f7
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ src/buffer.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/buffer.c b/src/buffer.c
+index 6d8967d2..0a27e578 100644
+--- a/src/buffer.c
+++ b/src/buffer.c
+@@ -77,6 +77,7 @@ buffer_fill(const struct buffer *bb)
+ 	b->eoff = b->st.st_size - b->elen;
+ 	if (pread(b->fd, b->ebuf, b->elen, b->eoff) == -1) {
+ 		free(b->ebuf);
+		b->ebuf = NULL;
+ 		goto out;
+ 	}
+ 
+-- 
+2.20.1
+
--- a/file.spec
+++ b/file.spec
@ -15,7 +15,7 @@
 Summary: A utility for determining file types
 Name: file
 Version: 5.37
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: BSD
 Source0: ftp://ftp.astron.com/pub/file/file-%{version}.tar.gz

@ -26,6 +26,9 @@ Patch0: file-localmagic.patch
 Patch1: file-4.17-rpm-name.patch
 Patch2: file-5.04-volume_key.patch

+# fix double free on read error (#1685217)
+Patch14: file-5.37-double-free.patch
+
 URL: http://www.darwinsys.com/file/
 Requires: file-libs = %{version}-%{release}
 BuildRequires: zlib-devel
@ -202,6 +205,9 @@ cd %{py3dir}
 %endif

 %changelog
+* Tue Jun 11 2019 Kamil Dudka <kdudka@redhat.com> - 5.37-2
+- fix double free on read error (#1685217)
+
 * Fri May 17 2019 Kamil Dudka <kdudka@redhat.com> - 5.37-1
 - update to new version 5.37