Review covscan issues

.gpm.metadata

@@ -0,0 +1 @@
+79c4c5f4af8000f0bcea98f189b5ecf8b2c94dff gpm-1.20.7.tar.xz

gpm-1.20.7-covscan.patch

@@ -0,0 +1,115 @@
+diff --git a/src/daemon/check_uniqueness.c b/src/daemon/check_uniqueness.c
+index 4972413..d0eb4e4 100644
+--- a/src/daemon/check_uniqueness.c
++++ b/src/daemon/check_uniqueness.c
+@@ -36,6 +36,7 @@ void check_uniqueness(void)
+ 
+    if((fp = fopen(GPM_NODE_PID, "r")) != NULL) {
+       fscanf(fp, "%d", &old_pid);
++      fclose(fp);
+       if (kill(old_pid,0) == -1) {
+          gpm_report(GPM_PR_INFO,GPM_MESS_STALE_PID, GPM_NODE_PID);
+          unlink(GPM_NODE_PID);
+diff --git a/src/lib/liblow.c b/src/lib/liblow.c
+index 8b40b71..d197dae 100644
+--- a/src/lib/liblow.c
++++ b/src/lib/liblow.c
+@@ -250,9 +250,9 @@ int Gpm_Open(Gpm_Connect *conn, int flag)
+          memcpy(tty, consolename, strlen(consolename)-1);
+          sprintf(&tty[strlen(consolename) - 1], "%i", flag);
+       } else if (flag==0) { /* use your current vc */ 
+-         if (isatty(0)) tty = ttyname(0);             /* stdin */
+-         if (!tty && isatty(1)) tty = ttyname(1);     /* stdout */
+-         if (!tty && isatty(2)) tty = ttyname(2);     /* stderr */
++         if (isatty(0) && ttyname(0)) tty = strdup(ttyname(0));             /* stdin */
++         if (!tty && isatty(1) && ttyname(1)) tty = strdup(ttyname(1));     /* stdout */
++         if (!tty && isatty(2) && ttyname(2)) tty = strdup(ttyname(2));     /* stderr */
+          if (tty == NULL) {
+             gpm_report(GPM_PR_ERR,"checking tty name failed");
+             goto err;
+@@ -373,10 +373,12 @@ int Gpm_Open(Gpm_Connect *conn, int flag)
+ #endif
+ 
+    }
++   if (tty) free(tty);
+    return gpm_fd;
+ 
+   /*....................................... Error: free all memory */
+    err:
++   if (tty) free(tty);
+    if (gpm_is_disabled < 2) /* be quiet if no gpmctl socket found */
+       gpm_report(GPM_PR_ERR,"Oh, oh, it's an error! possibly I die! ");
+    while(gpm_stack) {
+diff --git a/src/lib/report-lib.c b/src/lib/report-lib.c
+index 03230b4..ff74b8c 100644
+--- a/src/lib/report-lib.c
++++ b/src/lib/report-lib.c
+@@ -63,5 +63,6 @@ void gpm_report(int line, const char *file, int stat, const char *text, ... )
+    fprintf(stderr,"\n");
+ #endif
+ 
++   va_end(ap);
+    if(stat == GPM_STAT_OOPS) exit(1);  /* may a lib function call exit ???? */
+ }
+diff --git a/src/mice.c b/src/mice.c
+index 6cbd491..090dfed 100644
+--- a/src/mice.c
++++ b/src/mice.c
+@@ -905,7 +905,7 @@ static int M_wacom(Gpm_Event *state, unsigned char *data)
+    } else {                                               /* Relative Mode */
+       /* Treshold; if greather then treat tool as first time in proximity */
+       if( abs(x-ox)>(wmaxx/wcmodell[WacomModell].treshold) 
+-       || abs(y-oy)>(wmaxy/wcmodell[WacomModell].treshold) ) ox=x; oy=y;
++       || abs(y-oy)>(wmaxy/wcmodell[WacomModell].treshold) ) { ox=x; oy=y; }
+ 
+       state->dx= (x-ox) / (wmaxx / win.ws_col / wcmodell[WacomModell].treshold);
+       state->dy= (y-oy) / (wmaxy / win.ws_row / wcmodell[WacomModell].treshold);
+diff --git a/src/prog/gpm-root.y b/src/prog/gpm-root.y
+index 76c896c..ded326a 100644
+--- a/src/prog/gpm-root.y
++++ b/src/prog/gpm-root.y
+@@ -555,12 +555,15 @@ int f_jptty(int mode, DrawItem *self, int uid)
+          } /*if*/
+          if (ioctl(fd, VT_ACTIVATE, i)<0) {
+             gpm_report(GPM_PR_ERR, "%s: %s", consolename,strerror(errno));
++            close(fd);
+             return 1;
+          } /*if*/
+          if (ioctl(fd, VT_WAITACTIVE, i)<0) {
+             gpm_report(GPM_PR_ERR, "%s: %s", consolename,strerror(errno));
++            close(fd);
+             return 1;
+          }
++         close(fd);
+       default: return 0;
+    }
+    return 0; /* silly gcc -Wall */
+@@ -586,14 +589,17 @@ int f_mktty(int mode, DrawItem *self, int uid)
+          } /*if*/
+          if (ioctl(fd, VT_OPENQRY, &vc)<0) {
+             gpm_report(GPM_PR_ERR, "%s: %s",consolename, strerror(errno));
++            close(fd);
+             return 1;
+          } /*if*/
+          switch(pid=fork()) {
+ 	         case -1:
+                gpm_report(GPM_PR_ERR, "fork(): %s", strerror(errno));
++               close(fd);
+                return 1;
+ 	         case 0: /* child: exec getty */
+ 	            sprintf(name,"tty%i",vc);
++                    close(fd);
+ 	            execl("/sbin/mingetty","mingetty",name,(char *)NULL);
+ 	            exit(1); /* shouldn't happen */
+             default: /* father: jump to the tty */
+@@ -601,8 +607,10 @@ int f_mktty(int mode, DrawItem *self, int uid)
+                                                                       ,pid,vc);
+ 	            consolepids[vc]=pid;
+ 	            sprintf(self->arg,"%i",vc);
++                    close(fd);
+ 	            return f_jptty(mode,self,uid);
+ 	      }
++         close(fd);
+       default: return 0;
+    }
+    return 0;

gpm.spec

@@ -1,7 +1,7 @@
 Summary: A mouse server for the Linux console
 Name: gpm
 Version: 1.20.7
-Release: 28%{?dist}
+Release: 29%{?dist}
 License: GPLv2 and OFSFDL
 URL: http://www.nico.schottelius.org/software/gpm/
 #URL2 : http://freecode.com/projects/gpm
@@ -23,9 +23,10 @@ Patch2: gpm-1.20.1-lib-silent.patch
 Patch4: gpm-1.20.5-close-fds.patch
 Patch5: gpm-1.20.1-weak-wgetch.patch
 Patch7: gpm-1.20.7-rhbz-668480-gpm-types-7-manpage-fixes.patch
+Patch8: gpm-1.20.7-covscan.patch
 
 # Disabled, need to be reviewed
-Patch9: gpm-1.20.6-capability.patch
+#Patch9: gpm-1.20.6-capability.patch
 
 Requires(post): systemd info
 Requires(preun): systemd info
@@ -79,7 +80,8 @@ mouse support to text-based Linux applications.
 %patch2 -p1 -b .lib-silent
 %patch4 -p1 -b .close-fds
 %patch5 -p1 -b .weak-wgetch
-%patch7 -p1
+%patch7 -p1 -b .manpage
+%patch8 -p1 -b .covscan
 #patch9 -p1 -b .capability
 
 %build
@@ -151,6 +153,10 @@ rm -rf %{buildroot}%{_mandir}
 %{_libdir}/libgpm.a
 
 %changelog
+* Mon Aug 16 2021 Jiri Kucera <jkucera@redhat.com> - 1.20.7-29
+- Review covscan issues
+  Resolves: #1938733
+
 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.20.7-28
 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
   Related: rhbz#1991688