fix potential memory leak introduced in previous commit

2014-02-25 12:50:01 +01:00 · 2014-02-25 12:50:01 +01:00 · bae10229bd
commit bae10229bd
parent e5bf395e32
2 changed files with 25 additions and 2 deletions
--- a/file-5.14-CVE-2014-1943.patch
+++ b/file-5.14-CVE-2014-1943.patch
@ -38,7 +38,7 @@ index 4641c8b..e902c15 100644
 			if ((ms->flags & MAGIC_DEBUG) != 0)
 				(void)fprintf(stderr, "softmagic %d\n", m);
 diff --git a/src/softmagic.c b/src/softmagic.c
-index 108d419..ee4b831 100644
+index 108d419..d543f87 100644
 --- a/src/softmagic.c
 +++ b/src/softmagic.c
@@ -41,6 +41,7 @@ FILE_RCSID("@(#)$File: softmagic.c,v 1.165 2013/03/07 02:22:24 christos Exp $")
@ -86,3 +86,23 @@ index 108d419..ee4b831 100644
 		if ((ms->flags & MAGIC_DEBUG) != 0)
 			fprintf(stderr, "indirect @offs=%u[%d]\n", offset, rv);
 		rbuf = ms->o.buf;
+@@ -1722,12 +1725,16 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m,
+ 		ms->offset = soffset;
+ 		if (rv == 1) {
+ 			if ((ms->flags & (MAGIC_MIME|MAGIC_APPLE)) == 0 &&
+-			    file_printf(ms, m->desc, offset) == -1)
+			    file_printf(ms, m->desc, offset) == -1) {
+				free(rbuf);
+ 				return -1;
+-			if (file_printf(ms, "%s", rbuf) == -1)
+			}
+			if (file_printf(ms, "%s", rbuf) == -1) {
+				free(rbuf);
+ 				return -1;
+-			free(rbuf);
+			}
+ 		}
+		free(rbuf);
+ 		return rv;
+ 
+ 	case FILE_USE:
--- a/file.spec
+++ b/file.spec
@ -4,7 +4,7 @@
 Summary: A utility for determining file types
 Name: file
 Version: 5.14
-Release: 15%{?dist}
+Release: 16%{?dist}
 License: BSD
 Group: Applications/File
 Source0: ftp://ftp.astron.com/pub/file/file-%{version}.tar.gz
@ -196,6 +196,9 @@ cd %{py3dir}
 %endif

 %changelog
+* Tue Feb 25 2014 Jan Kaluza <jkaluza@redhat.com> - 5.14-16
+- fix potential memory leak introduced in previous commit
+
 * Tue Feb 18 2014 Jan Kaluza <jkaluza@redhat.com> - 5.14-15
 - fix #1065837 - fix for CVE-2014-1943