From 7f83cb7f3f75d3b66ca7f5993fcaa43d07bcefe4 Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Tue, 28 Apr 2020 04:58:21 -0400
Subject: [PATCH] import libXpm-3.5.12-8.el8

---
 ...-fclose-instead-of-close-in-error-pa.patch | 40 +++++++++++++++++++
 SPECS/libXpm.spec                             |  8 +++-
 2 files changed, 47 insertions(+), 1 deletion(-)
 create mode 100644 SOURCES/0001-After-fdopen-use-fclose-instead-of-close-in-error-pa.patch

diff --git a/SOURCES/0001-After-fdopen-use-fclose-instead-of-close-in-error-pa.patch b/SOURCES/0001-After-fdopen-use-fclose-instead-of-close-in-error-pa.patch
new file mode 100644
index 0000000..e14c0af
--- /dev/null
+++ b/SOURCES/0001-After-fdopen-use-fclose-instead-of-close-in-error-pa.patch
@@ -0,0 +1,40 @@
+From e00066fb973a1796dd3989e356e17c8b51add521 Mon Sep 17 00:00:00 2001
+From: Alan Coopersmith <alan.coopersmith@oracle.com>
+Date: Sun, 30 Sep 2018 15:09:29 -0700
+Subject: [PATCH 1/3] After fdopen(), use fclose() instead of close() in error
+ path
+
+Found by Oracle's Parfait 2.2 static analyzer:
+
+Error: File Leak
+   File Leak [file-ptr-leak]:
+      Leaked File fp
+        at line 94 of lib/libXpm/src/RdFToBuf.c in function 'XpmReadFileToBuffer
+'.
+          fp initialized at line 86 with fdopen
+          fp leaks when len < 0 at line 92.
+
+Introduced-by: commit 8b3024e6871ce50b34bf2dff924774bd654703bc
+
+Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
+---
+ src/RdFToBuf.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/RdFToBuf.c b/src/RdFToBuf.c
+index 69e3347d24f2..1b386f81fde3 100644
+--- a/src/RdFToBuf.c
++++ b/src/RdFToBuf.c
+@@ -90,7 +90,7 @@ XpmReadFileToBuffer(
+     }
+     len = stats.st_size;
+     if (len < 0 || len >= SIZE_MAX) {
+-	close(fd);
++	fclose(fp);
+ 	return XpmOpenFailed;
+     }
+     ptr = (char *) XpmMalloc(len + 1);
+-- 
+2.23.0
+
diff --git a/SPECS/libXpm.spec b/SPECS/libXpm.spec
index 1fd7d4c..7dc27c8 100644
--- a/SPECS/libXpm.spec
+++ b/SPECS/libXpm.spec
@@ -1,7 +1,7 @@
 Summary: X.Org X11 libXpm runtime library
 Name: libXpm
 Version: 3.5.12
-Release: 7%{?dist}
+Release: 8%{?dist}
 License: MIT
 Group: System Environment/Libraries
 URL: http://www.x.org
@@ -13,6 +13,8 @@ BuildRequires: autoconf automake libtool
 BuildRequires: gettext
 BuildRequires: pkgconfig(xext) pkgconfig(xt) pkgconfig(xau)
 
+Patch0: 0001-After-fdopen-use-fclose-instead-of-close-in-error-pa.patch
+
 %description
 X.Org X11 libXpm runtime library
 
@@ -26,6 +28,7 @@ X.Org X11 libXpm development package
 
 %prep
 %setup -q
+%patch0 -p1 -b .covscan
 
 %build
 autoreconf -v --install --force
@@ -59,6 +62,9 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
 #%{_mandir}/man1/*.1x*
 
 %changelog
+* Mon Dec 09 2019 Benjamin Tissoires <benjamin.tissoires@redhat.com> 3.5.12-8%{?dist}
+- add covscan fixes (#1602606)
+
 * Thu Jul 05 2018 Adam Jackson <ajax@redhat.com> - 3.5.12-7
 - Drop useless %%defattr