From 46c9a277519a57fe7193049cb15f9c5193a76e61 Mon Sep 17 00:00:00 2001
From: Ales Ledvinka <aledvink@redhat.com>
Date: Fri, 14 Dec 2012 11:10:11 +0100
Subject: [PATCH] fixing minor leaks and multiple password querry annoyance

---
 ipmitool-1.8.12f-minleak.patch | 163 +++++++++++++++++++++++++++++++++
 ipmitool-1.8.12f-passarg.patch |  86 +++++++++++++++++
 ipmitool.spec                  |  17 +++-
 3 files changed, 263 insertions(+), 3 deletions(-)
 create mode 100644 ipmitool-1.8.12f-minleak.patch
 create mode 100644 ipmitool-1.8.12f-passarg.patch

diff --git a/ipmitool-1.8.12f-minleak.patch b/ipmitool-1.8.12f-minleak.patch
new file mode 100644
index 0000000..d5e8079
--- /dev/null
+++ b/ipmitool-1.8.12f-minleak.patch
@@ -0,0 +1,163 @@
+diff -up ./lib/ipmi_main.c.minleaks ./lib/ipmi_main.c
+--- ./lib/ipmi_main.c.minleaks	2012-12-12 11:44:02.177217050 +0100
++++ ./lib/ipmi_main.c	2012-12-12 12:18:11.967076191 +0100
+@@ -387,6 +387,7 @@ ipmi_main(int argc, char ** argv,
+ 	uint32_t timeout = 0;
+ 	int authtype = -1;
+ 	char * tmp = NULL;
++	char * tmpe = NULL;
+ 	char * hostname = NULL;
+ 	char * username = NULL;
+ 	char * password = NULL;
+@@ -412,6 +413,8 @@ ipmi_main(int argc, char ** argv,
+ 	{
+ 		switch (argflag) {
+ 		case 'I':
++			if (intfname)
++				free(intfname);
+ 			intfname = strdup(optarg);
+ 			if (intfname == NULL) {
+ 				lprintf(LOG_ERR, "%s: malloc failure", progname);
+@@ -489,6 +492,8 @@ ipmi_main(int argc, char ** argv,
+ 			csv_output = 1;
+ 			break;
+ 		case 'H':
++			if (hostname)
++				free(hostname);
+ 			hostname = strdup(optarg);
+ 			if (hostname == NULL) {
+ 				lprintf(LOG_ERR, "%s: malloc failure", progname);
+@@ -504,6 +509,8 @@ ipmi_main(int argc, char ** argv,
+ 						"from file %s", optarg);
+ 			break;
+ 		case 'a':
++			if (tmp)
++				free(tmp);
+ #ifdef HAVE_GETPASSPHRASE
+ 			tmp = getpassphrase("Password: ");
+ #else
+@@ -520,6 +527,8 @@ ipmi_main(int argc, char ** argv,
+ 			}
+ 			break;
+ 		case 'k':
++			if (kgkey)
++				free(kgkey);
+ 			kgkey = strdup(optarg);
+ 			if (kgkey == NULL) {
+ 				lprintf(LOG_ERR, "%s: malloc failure", progname);
+@@ -527,10 +536,10 @@ ipmi_main(int argc, char ** argv,
+ 			}
+ 			break;
+ 		case 'K':
+-			if ((tmp = getenv("IPMI_KGKEY"))) {
++			if ((tmpe = getenv("IPMI_KGKEY"))) {
+ 				if (kgkey)
+ 					free(kgkey);
+-				kgkey = strdup(tmp);
++				kgkey = strdup(tmpe);
+ 				if (kgkey == NULL) {
+ 					lprintf(LOG_ERR, "%s: malloc failure", progname);
+ 					goto out_free;
+@@ -540,6 +549,8 @@ ipmi_main(int argc, char ** argv,
+ 			}
+ 			break;
+ 		case 'y':
++			if (kgkey)
++				free(kgkey);
+ 			kgkey = ipmi_parse_hex(optarg);
+ 			if (kgkey == NULL) {
+ 				goto out_free;
+@@ -547,14 +558,14 @@ ipmi_main(int argc, char ** argv,
+ 			break;
+ 		case 'Y':
+ #ifdef HAVE_GETPASSPHRASE
+-			tmp = getpassphrase("Key: ");
++			tmpe = getpassphrase("Key: ");
+ #else
+-			tmp = getpass("Key: ");
++			tmpe = getpass("Key: ");
+ #endif
+-			if (tmp != NULL) {
++			if (tmpe != NULL) {
+ 				if (kgkey)
+ 					free(kgkey);
+-				kgkey = strdup(tmp);
++				kgkey = strdup(tmpe);
+ 				if (kgkey == NULL) {
+ 					lprintf(LOG_ERR, "%s: malloc failure", progname);
+ 					goto out_free;
+@@ -562,6 +573,8 @@ ipmi_main(int argc, char ** argv,
+ 			}
+ 			break;
+ 		case 'U':
++			if (username)
++				free(username);
+ 			if (strlen(optarg) > 16) {
+ 				lprintf(LOG_ERR, "Username is too long (> 16 bytes)");
+ 				goto out_free;
+@@ -573,6 +586,8 @@ ipmi_main(int argc, char ** argv,
+ 			}
+ 			break;
+ 		case 'S':
++			if (sdrcache)
++				free(sdrcache);
+ 			sdrcache = strdup(optarg);
+ 			if (sdrcache == NULL) {
+ 				lprintf(LOG_ERR, "%s: malloc failure", progname);
+@@ -581,6 +596,8 @@ ipmi_main(int argc, char ** argv,
+ 			break;
+ #ifdef ENABLE_ALL_OPTIONS
+ 		case 'o':
++			if (oemtype)
++				free(oemtype);
+ 			oemtype = strdup(optarg);
+ 			if (oemtype == NULL) {
+ 				lprintf(LOG_ERR, "%s: malloc failure", progname);
+@@ -595,10 +612,14 @@ ipmi_main(int argc, char ** argv,
+ 			break;
+ 		case 'g':
+ 			/* backwards compatible oem hack */
++			if (oemtype)
++				free(oemtype);
+ 			oemtype = strdup("intelwv2");
+ 			break;
+ 		case 's':
+ 			/* backwards compatible oem hack */
++			if (oemtype)
++				free(oemtype);
+ 			oemtype = strdup("supermicro");
+ 			break;
+ 		case 'P':
+@@ -615,19 +636,19 @@ ipmi_main(int argc, char ** argv,
+ 			memset(optarg, 'X', i);
+ 			break;
+ 		case 'E':
+-			if ((tmp = getenv("IPMITOOL_PASSWORD"))) {
++			if ((tmpe = getenv("IPMITOOL_PASSWORD"))) {
+ 				if (password)
+ 					free(password);
+-				password = strdup(tmp);
++				password = strdup(tmpe);
+ 				if (password == NULL) {
+ 					lprintf(LOG_ERR, "%s: malloc failure", progname);
+ 					goto out_free;
+ 				}
+ 			}
+-			else if ((tmp = getenv("IPMI_PASSWORD"))) {
++			else if ((tmpe = getenv("IPMI_PASSWORD"))) {
+ 				if (password)
+ 					free(password);
+-				password = strdup(tmp);
++				password = strdup(tmpe);
+ 				if (password == NULL) {
+ 					lprintf(LOG_ERR, "%s: malloc failure", progname);
+ 					goto out_free;
+@@ -697,6 +718,8 @@ ipmi_main(int argc, char ** argv,
+ 			sol_escape_char = optarg[0];
+ 			break;
+ 		case 'O':
++			if (seloem)
++				free(seloem);
+ 			seloem = strdup(optarg);
+ 			if (seloem == NULL) {
+ 				lprintf(LOG_ERR, "%s: malloc failure", progname);
diff --git a/ipmitool-1.8.12f-passarg.patch b/ipmitool-1.8.12f-passarg.patch
new file mode 100644
index 0000000..a172159
--- /dev/null
+++ b/ipmitool-1.8.12f-passarg.patch
@@ -0,0 +1,86 @@
+diff -up ./lib/ipmi_main.c.passarg ./lib/ipmi_main.c
+--- ./lib/ipmi_main.c.passarg	2012-12-13 16:47:34.585182645 +0100
++++ ./lib/ipmi_main.c	2012-12-13 16:57:12.023739444 +0100
+@@ -403,6 +403,7 @@ ipmi_main(int argc, char ** argv,
+ 	int argflag, i, found;
+ 	int rc = -1;
+ 	char sol_escape_char = SOL_ESCAPE_CHARACTER_DEFAULT;
++	int querrypass = 0;
+ 
+ 	/* save program name */
+ 	progname = strrchr(argv[0], '/');
+@@ -501,6 +502,7 @@ ipmi_main(int argc, char ** argv,
+ 			}
+ 			break;
+ 		case 'f':
++			querrypass = 0;
+ 			if (password)
+ 				free(password);
+ 			password = ipmi_password_file_read(optarg);
+@@ -509,22 +511,7 @@ ipmi_main(int argc, char ** argv,
+ 						"from file %s", optarg);
+ 			break;
+ 		case 'a':
+-			if (tmp)
+-				free(tmp);
+-#ifdef HAVE_GETPASSPHRASE
+-			tmp = getpassphrase("Password: ");
+-#else
+-			tmp = getpass("Password: ");
+-#endif
+-			if (tmp != NULL) {
+-				if (password)
+-					free(password);
+-				password = strdup(tmp);
+-				if (password == NULL) {
+-					lprintf(LOG_ERR, "%s: malloc failure", progname);
+-					goto out_free;
+-				}
+-			}
++			querrypass = 1;
+ 			break;
+ 		case 'k':
+ 			if (kgkey)
+@@ -623,6 +610,7 @@ ipmi_main(int argc, char ** argv,
+ 			oemtype = strdup("supermicro");
+ 			break;
+ 		case 'P':
++			querrypass = 0;
+ 			if (password)
+ 				free(password);
+ 			password = strdup(optarg);
+@@ -636,6 +624,7 @@ ipmi_main(int argc, char ** argv,
+ 			memset(optarg, 'X', i);
+ 			break;
+ 		case 'E':
++			querrypass = 0;
+ 			if ((tmpe = getenv("IPMITOOL_PASSWORD"))) {
+ 				if (password)
+ 					free(password);
+@@ -755,6 +744,26 @@ ipmi_main(int argc, char ** argv,
+ 		}
+ 	}
+ 
++	/* ask for password once and only if going to use it */
++	if (querrypass) {
++		if (tmp)
++			free(tmp);
++#ifdef HAVE_GETPASSPHRASE
++		tmp = getpassphrase("Password: ");
++#else
++		tmp = getpass("Password: ");
++#endif
++		if (tmp != NULL) {
++			if (password)
++				free(password);
++			password = strdup(tmp);
++			if (password == NULL) {
++				lprintf(LOG_ERR, "%s: malloc failure", progname);
++				goto out_free;
++			}
++		}
++	}
++
+ 	/* check for command before doing anything */
+ 	if (argc-optind > 0 &&
+ 			strncmp(argv[optind], "help", 4) == 0) {
diff --git a/ipmitool.spec b/ipmitool.spec
index fe2e193..2d3f890 100644
--- a/ipmitool.spec
+++ b/ipmitool.spec
@@ -1,7 +1,7 @@
 Name:         ipmitool
 Summary:      Utility for IPMI control
 Version:      1.8.12
-Release:      12%{?dist}
+Release:      13%{?dist}
 License:      BSD
 Group:        System Environment/Base
 URL:          http://ipmitool.sourceforge.net/
@@ -35,10 +35,14 @@ Patch7: ipmitool-1.8.12-bigendian2.patch
 Patch8: ipmitool-1.8.12-ciper-suite-default.patch
 # http://sourceforge.net/tracker/?func=detail&aid=3588726&group_id=95200&atid=610550
 Patch9: ipmitool-1.8.12-activate-core.patch
-# todo
+# two in one tracker https://sourceforge.net/tracker/?func=detail&aid=3595176&group_id=95200&atid=610550
 Patch10: ipmitool-1.8.12f-toolman.patch
-# todo
+# two in one tracker https://sourceforge.net/tracker/?func=detail&aid=3595176&group_id=95200&atid=610550
 Patch11: ipmitool-1.8.12f-manoverr.patch
+# https://sourceforge.net/tracker/?func=detail&aid=3595188&group_id=95200&atid=610550
+Patch12: ipmitool-1.8.12f-minleak.patch
+# https://sourceforge.net/tracker/?func=detail&aid=3595612&group_id=95200&atid=610550
+Patch13: ipmitool-1.8.12f-passarg.patch
 
 %description
 This package contains a utility for interfacing with devices that support
@@ -86,6 +90,8 @@ for the host OS to use.
 %patch9 -p1 -b .noactivate
 %patch10 -p1 -b .toolman
 %patch11 -p0 -b .manoverr
+%patch12 -p1 -b .minleak
+%patch13 -p1 -b .passarg
 
 for f in AUTHORS ChangeLog; do
     iconv -f iso-8859-1 -t utf8 < ${f} > ${f}.utf8
@@ -159,6 +165,11 @@ install -Dm 755 %{SOURCE6} %{buildroot}%{_libexecdir}/exchange-bmc-os-info
 
 
 %changelog
+* Fri Dec 14 2012 Ales Ledvinka <aledvink@redhat.com> 1.8.12-13
+- fixed argument parsing leaks
+- ask user for password only once and do so only when interactive password
+  is the chosen password method.
+
 * Thu Dec 13 2012 Praveen K Paladugu <praveen_paladugu@dell.com> - 1.8.12-12
 - Removed the extra symbols in the patch, as the build is failing.