import UBI libeconf-0.4.1-4.el9

SOURCES/0002-cmake-no-install-html.patch

@@ -0,0 +1,12 @@
+diff --git a/doc/CMakeLists.txt b/doc/CMakeLists.txt
+index 726183a..8da1f45 100644
+--- a/doc/CMakeLists.txt
++++ b/doc/CMakeLists.txt
+@@ -18,7 +18,6 @@ if(BUILD_DOCUMENTATION)
+         COMMENT "Generating API documentation with Doxygen"
+         VERBATIM)
+ 
+-    install(DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/html DESTINATION share/doc)
+ endif()
+ 
+ install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/man/libeconf.3 DESTINATION ${CMAKE_INSTALL_MANDIR}/man3)

SOURCES/0003-Fix-static-analyzer-detected-issues.patch

@@ -0,0 +1,54 @@
+diff --git a/lib/libeconf.c b/lib/libeconf.c
+index d7de070..c6a7c73 100644
+--- a/lib/libeconf.c
++++ b/lib/libeconf.c
+@@ -158,7 +158,7 @@ econf_err econf_readDirsHistory(econf_file ***key_files,
+ {
+   const char *suffix, *default_dirs[3] = {NULL, NULL, NULL};
+   char *distfile, *etcfile, *cp;
+-  econf_file *key_file;
++  econf_file *key_file = NULL;
+   econf_err error;
+ 
+   *size = 0;
+@@ -267,8 +267,12 @@ econf_err econf_readDirsHistory(econf_file ***key_files,
+     const char *conf_dirs[] = {  NULL, /* "/conf.d/", ".d/", "/", */ NULL};
+     char *project_path = combine_strings(default_dirs[i], project_name, '/');
+     char *suffix_d = malloc (strlen(suffix) + 4); /* + strlen(".d/") */
+-    if (suffix_d == NULL)
++    if (suffix_d == NULL) {
++      free(project_path);
++      free(*key_files);
++      *key_files = NULL;
+       return ECONF_NOMEM;
++    }
+     cp = stpcpy(suffix_d, suffix);
+     stpcpy(cp, ".d");
+     conf_dirs[0] = suffix_d;
+diff --git a/lib/libeconf_ext.c b/lib/libeconf_ext.c
+index aafba45..6155a0c 100644
+--- a/lib/libeconf_ext.c
++++ b/lib/libeconf_ext.c
+@@ -86,15 +86,19 @@ econf_getExtValue(econf_file *kf, const char *group,
+   {
+     /* one quoted string only */
+     (*result)->values = realloc ((*result)->values, sizeof (char*) * ++n_del);
+-    if ((*result)->values == NULL)
++    if ((*result)->values == NULL) {
++      econf_freeExtValue(*result);
+       return ECONF_NOMEM; /* memory allocation failed */
++    }
+     (*result)->values[n_del-1] = strdup(value_string);
+   } else {
+     /* splitting into a character array */
+     while ((line = strsep(&value_string, "\n")) != NULL) {
+       (*result)->values = realloc ((*result)->values, sizeof (char*) * ++n_del);
+-      if ((*result)->values == NULL)
+-	return ECONF_NOMEM; /* memory allocation failed */
++      if ((*result)->values == NULL) {
++        econf_freeExtValue(*result);
++	      return ECONF_NOMEM; /* memory allocation failed */
++      }
+       (*result)->values[n_del-1] = strdup(trim(line));
+     }
+   }

SPECS/libeconf.spec

@@ -5,7 +5,7 @@
 
 Name:           libeconf
 Version:        0.4.1
-Release:        3%{?dist}
+Release:        4%{?dist}
 Summary:        Enhanced config file parser library
 
 License:        MIT
@@ -15,6 +15,9 @@ Source0:        %{url}/archive/%{version}/%{name}-%{version}.tar.gz
 
 ### Patches ###
 Patch0001: 0001-getfilecontents-buffer-overflow.patch
+Patch0002: 0002-cmake-no-install-html.patch
+# https://github.com/openSUSE/libeconf/commit/7c5d0a7198eb97104952e56e43c37eb337c3cf21
+Patch0003: 0003-Fix-static-analyzer-detected-issues.patch
 
 BuildRequires:  cmake >= 3.12
 BuildRequires:  gcc
@@ -80,6 +83,9 @@ configuration files from applications that use %{name}.
 
 
 %changelog
+* Thu Apr 11 2024 Iker Pedrosa <ipedrosa@redhat.com> - 0.4.1-4
+- Fix static analyzer detected issues. Resolves: RHEL-24989
+
 * Wed Jun  7 2023 Iker Pedrosa <ipedrosa@redhat.com> - 0.4.1-3
 - Fix stack-based buffer overflow in read_file(). Resolves: #2212467 (CVE-2023-22652)