Fix memory leaks reported by static analysis

libgcrypt-1.11.0-covscan.patch

@@ -0,0 +1,109 @@
+From 03a0535661186ba1cf853a6b43ff2b2a5e42a3ea Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jjelen@redhat.com>
+Date: Thu, 25 Jul 2024 14:21:04 +0200
+Subject: [PATCH 2/3] sexp: Avoid memory leaks on invalid input
+
+* src/sexp.c (_gcry_hex2buffer): Free buffer on error.
+--
+
+Signed-off-by: Jakub Jelen <jjelen@redhat.com>
+---
+ src/sexp.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/sexp.c b/src/sexp.c
+index b15cb486..60ddcbc3 100644
+--- a/src/sexp.c
++++ b/src/sexp.c
+@@ -2715,7 +2715,10 @@ _gcry_hex2buffer (const char *string, size_t *r_length)
+   for (s=string; *s; s +=2 )
+     {
+       if (!hexdigitp (s) || !hexdigitp (s+1))
+-        return NULL;           /* Invalid hex digits. */
++        {
++          xfree(buffer);
++          return NULL;           /* Invalid hex digits. */
++        }
+       ((unsigned char*)buffer)[length++] = xtoi_2 (s);
+     }
+   *r_length = length;
+-- 
+GitLab
+
+
+From 45d77a0ed6dcacbfaf6e72f6402705f4635e5cf8 Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jjelen@redhat.com>
+Date: Thu, 25 Jul 2024 14:32:19 +0200
+Subject: [PATCH 3/3] ecdh: Avoid memory leaks
+
+* cipher/ecc-ecdh.c (_gcry_ecc_curve_keypair): Free buffer on exit path.
+  (_gcry_ecc_curve_mul_point): Free buffer on all exit paths.
+--
+
+Signed-off-by: Jakub Jelen <jjelen@redhat.com>
+---
+ cipher/ecc-ecdh.c | 13 ++++++-------
+ 1 file changed, 6 insertions(+), 7 deletions(-)
+
+diff --git a/cipher/ecc-ecdh.c b/cipher/ecc-ecdh.c
+index 8be57b72..c690d221 100644
+--- a/cipher/ecc-ecdh.c
++++ b/cipher/ecc-ecdh.c
+@@ -153,6 +153,7 @@ _gcry_ecc_curve_keypair (const char *curve,
+           buf = _gcry_mpi_get_buffer (mpi_k, 0, &len, NULL);
+           memset (seckey, 0, nbytes - len);
+           memcpy (seckey + nbytes - len, buf, len);
++          xfree (buf);
+         }
+       else /* p - y >= p */
+         mpi_free (negative);
+@@ -168,15 +169,14 @@ _gcry_ecc_curve_keypair (const char *curve,
+           if (len != 1 + 2*nbytes)
+             {
+               err = GPG_ERR_INV_ARG;
+-              mpi_free (y);
+             }
+           else
+             {
+               /* (x,y) in SEC1 point encoding.  */
+               memcpy (pubkey, buf, len);
+-              xfree (buf);
+-              mpi_free (y);
+             }
++          xfree (buf);
++          mpi_free (y);
+         }
+     }
+   else /* MPI_EC_MONTGOMERY */
+@@ -293,15 +293,14 @@ _gcry_ecc_curve_mul_point (const char *curve,
+           if (len != 1 + 2*nbytes)
+             {
+               err = GPG_ERR_INV_ARG;
+-              mpi_free (y);
+             }
+           else
+             {
+               /* (x,y) in SEC1 point encoding.  */
+               memcpy (result, buf, len);
+-              xfree (buf);
+-              mpi_free (y);
+             }
++          xfree (buf);
++          mpi_free (y);
+         }
+     }
+   else                          /* MPI_EC_MONTGOMERY */
+@@ -318,8 +317,8 @@ _gcry_ecc_curve_mul_point (const char *curve,
+             {
+               /* x in little endian.  */
+               memcpy (result, buf, nbytes);
+-              xfree (buf);
+             }
++          xfree (buf);
+         }
+     }
+   mpi_free (x);
+-- 
+GitLab
+
+

libgcrypt.spec

@@ -24,6 +24,8 @@ Source2: https://gnupg.org/signature_key.asc
 Patch1: libgcrypt-1.10.1-annobin.patch
 # https://dev.gnupg.org/T7167
 Patch2: libgcrypt-1.11.0-Disable-SHA3-s390x-acceleration-for-CSHAKE.patch
+# https://gitlab.com/redhat-crypto/libgcrypt/libgcrypt-mirror/-/merge_requests/20
+Patch3: libgcrypt-1.11.0-covscan.patch
 
 %global gcrylibdir %{_libdir}
 %global gcrysoname libgcrypt.so.20
@@ -59,6 +61,7 @@ applications using libgcrypt.
 %setup -q
 %patch 1 -p1
 %patch 2 -p1
+%patch 3 -p1
 
 %build
 # should be all algorithms except SM3 and SM4, aria