From 7b33eb7bf82a041aa68bd418622359a5c082fa3d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavol=20=C5=BD=C3=A1=C4=8Dik?= <pzacik@redhat.com>
Date: Thu, 23 May 2024 13:54:07 +0200
Subject: [PATCH] Patch bugs found by static analysers

---
 libcpuid-fix-cpuid_get_hypervisor.patch       | 13 ++++++++
 libcpuid-fix-handle-leaks-in-rdmsr-c.patch    | 33 +++++++++++++++++++
 ...id-prevent-intel_fn11-array-overruns.patch | 13 ++++++++
 libcpuid.spec                                 | 15 +++++++--
 4 files changed, 72 insertions(+), 2 deletions(-)
 create mode 100644 libcpuid-fix-cpuid_get_hypervisor.patch
 create mode 100644 libcpuid-fix-handle-leaks-in-rdmsr-c.patch
 create mode 100644 libcpuid-prevent-intel_fn11-array-overruns.patch

diff --git a/libcpuid-fix-cpuid_get_hypervisor.patch b/libcpuid-fix-cpuid_get_hypervisor.patch
new file mode 100644
index 0000000..6b16b00
--- /dev/null
+++ b/libcpuid-fix-cpuid_get_hypervisor.patch
@@ -0,0 +1,13 @@
+diff --git a/libcpuid/cpuid_main.c b/libcpuid/cpuid_main.c
+index 791e18d..111f43f 100644
+--- a/libcpuid/cpuid_main.c
++++ b/libcpuid/cpuid_main.c
+@@ -1748,7 +1748,7 @@ hypervisor_vendor_t cpuid_get_hypervisor(struct cpu_raw_data_t* raw, struct cpu_
+ 	};
+ 
+ 	if (!data) {
+-		if ((r = cpu_identify(raw, data)) < 0)
++		if ((r = cpu_identify(raw, &mydata)) < 0)
+ 			return HYPERVISOR_UNKNOWN;
+ 		data = &mydata;
+ 	}
diff --git a/libcpuid-fix-handle-leaks-in-rdmsr-c.patch b/libcpuid-fix-handle-leaks-in-rdmsr-c.patch
new file mode 100644
index 0000000..8649eb7
--- /dev/null
+++ b/libcpuid-fix-handle-leaks-in-rdmsr-c.patch
@@ -0,0 +1,33 @@
+diff --git a/libcpuid/rdmsr.c b/libcpuid/rdmsr.c
+index 7269652..0bb29c3 100644
+--- a/libcpuid/rdmsr.c
++++ b/libcpuid/rdmsr.c
+@@ -96,6 +96,7 @@ struct msr_driver_t* cpu_msr_driver_open_core(unsigned core_num)
+ 	handle = (struct msr_driver_t*) malloc(sizeof(struct msr_driver_t));
+ 	if (!handle) {
+ 		cpuid_set_error(ERR_NO_MEM);
++		close(fd);
+ 		return NULL;
+ 	}
+ 	handle->fd = fd;
+@@ -1069,8 +1070,10 @@ int msr_serialize_raw_data(struct msr_driver_t* handle, const char* filename)
+ 
+ 	/* Get cached decoded CPUID information */
+ 	id = get_cached_cpuid();
+-	if (id->vendor == VENDOR_UNKNOWN)
++	if (id->vendor == VENDOR_UNKNOWN) {
++		fclose(f);
+ 		return cpuid_get_error();
++	}
+ 
+ 	/* Get CPU stock speed */
+ 	if (cpu_clock == 0)
+@@ -1082,7 +1085,7 @@ int msr_serialize_raw_data(struct msr_driver_t* handle, const char* filename)
+ 		case VENDOR_HYGON:
+ 		case VENDOR_AMD:   msr = amd_msr;   break;
+ 		case VENDOR_INTEL: msr = intel_msr; break;
+-		default: return cpuid_set_error(ERR_CPU_UNKN);
++		default: fclose(f); return cpuid_set_error(ERR_CPU_UNKN);
+ 	}
+ 
+ 	/* Print raw MSR values */
diff --git a/libcpuid-prevent-intel_fn11-array-overruns.patch b/libcpuid-prevent-intel_fn11-array-overruns.patch
new file mode 100644
index 0000000..b98b807
--- /dev/null
+++ b/libcpuid-prevent-intel_fn11-array-overruns.patch
@@ -0,0 +1,13 @@
+diff --git a/libcpuid/recog_intel.c b/libcpuid/recog_intel.c
+index e385a7c..a091843 100644
+--- a/libcpuid/recog_intel.c
++++ b/libcpuid/recog_intel.c
+@@ -721,7 +721,7 @@ static int decode_intel_extended_topology(struct cpu_raw_data_t* raw, struct cpu
+ {
+ 	int i, level_type, num_smt = -1, num_core = -1;
+ 
+-	for (i = 0; (raw->intel_fn11[i][EAX] != 0x0) && (raw->intel_fn11[i][EBX] != 0x0) && (i < MAX_INTELFN11_LEVEL); i++) {
++	for (i = 0; (i < MAX_INTELFN11_LEVEL) && (raw->intel_fn11[i][EAX] != 0x0) && (raw->intel_fn11[i][EBX] != 0x0); i++) {
+ 		level_type = EXTRACTS_BITS(raw->intel_fn11[i][ECX], 15, 8);
+ 		switch (level_type) {
+ 			case 0x01:
diff --git a/libcpuid.spec b/libcpuid.spec
index 7d45737..392b6bd 100644
--- a/libcpuid.spec
+++ b/libcpuid.spec
@@ -1,12 +1,17 @@
 Name:           libcpuid
 Version:        0.6.5
-Release:        2%{?dist}
+Release:        3%{?dist}
 Summary:        Provides CPU identification for x86
 License:        BSD-2-Clause
 URL:            https://github.com/anrieff/libcpuid
 Source0:        https://github.com/anrieff/libcpuid/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
 ExcludeArch:    aarch64 %arm ppc64le ppc64 s390x
 
+# https://github.com/anrieff/libcpuid/pull/199
+Patch0: %{name}-fix-handle-leaks-in-rdmsr-c.patch
+Patch1: %{name}-fix-cpuid_get_hypervisor.patch
+Patch2: %{name}-prevent-intel_fn11-array-overruns.patch
+
 BuildRequires:  automake
 BuildRequires:  autoconf
 BuildRequires:  doxygen
@@ -29,7 +34,7 @@ For details about the programming API, please see the docs
 on the project's site (http://libcpuid.sourceforge.net/)
 
 %prep
-%autosetup -n %{name}-%{version}
+%autosetup -p1 -n %{name}-%{version}
 
 %build
 autoreconf -vfi
@@ -56,6 +61,12 @@ rm %{buildroot}%{_libdir}/*.la
 %{_mandir}/man3/*.3.*
 
 %changelog
+* Thu May 23 2024 Pavol Žáčik <pzacik@redhat.com> - 0.6.5-3
+- Patch bugs found by static analysis tools
+- Add %%{name}-fix-handle-leaks-in-rdmsr-c.patch
+- Add %%{name}-fix-cpuid_get_hypervisor.patch
+- Add %%{name}-prevent-intel_fn11-array-overruns.patch
+
 * Thu May 09 2024 Pavol Žáčik <pzacik@redhat.com> - 0.6.5-2
 - Specify license using an SPDX identifier