From 7c941dbcde86cd03b1468424c4c7d581fed1395e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 3 Jun 2019 10:22:23 +0200 Subject: [PATCH] Fix coverity issues MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Fabiano Fidêncio --- ...db-Avoid-dereference-of-null-pointer.patch | 62 +++++++++++++ ...Avoid-use-of-memory-after-it-s-freed.patch | 50 ++++++++++ ...p-_create_from_location_async_helper.patch | 92 +++++++++++++++++++ libosinfo.spec | 10 +- 4 files changed, 213 insertions(+), 1 deletion(-) create mode 100644 0001-db-Avoid-dereference-of-null-pointer.patch create mode 100644 0002-tree-Avoid-use-of-memory-after-it-s-freed.patch create mode 100644 0003-tree-Cleanup-_create_from_location_async_helper.patch diff --git a/0001-db-Avoid-dereference-of-null-pointer.patch b/0001-db-Avoid-dereference-of-null-pointer.patch new file mode 100644 index 0000000..e6947a8 --- /dev/null +++ b/0001-db-Avoid-dereference-of-null-pointer.patch @@ -0,0 +1,62 @@ +From cb509ad153a35053e1e003d73fd0ece53bd2c3d8 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= +Date: Tue, 21 May 2019 13:01:26 +0200 +Subject: [PATCH 1/3] db: Avoid dereference of null pointer +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +As any consumer of libosinfo API may pass NULL as the @matched argument +of compare_tree(), the current code could be dereferencing a NULL +pointer when calling `osinfo_tree_set_os()`. + +In order to avoid doing so, let's set the os to the OsinfoTree at the +moment the @matched argument is set. + +Signed-off-by: Fabiano Fidêncio +Reviewed-by: Cole Robinson +(cherry picked from commit 949ad5e05480470ba1a5913fbec538314807dfc2) +--- + osinfo/osinfo_db.c | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +diff --git a/osinfo/osinfo_db.c b/osinfo/osinfo_db.c +index b7da2b7..c4cd1e4 100644 +--- a/osinfo/osinfo_db.c ++++ b/osinfo/osinfo_db.c +@@ -790,6 +790,7 @@ static gboolean compare_tree(OsinfoTree *tree, + OsinfoTreeList *tree_list = osinfo_os_get_tree_list(os); + GList *trees = osinfo_list_get_elements(OSINFO_LIST(tree_list)); + GList *tree_iter; ++ gboolean found = FALSE; + + for (tree_iter = trees; tree_iter; tree_iter = tree_iter->next) { + OsinfoTree *os_tree = OSINFO_TREE(tree_iter->data); +@@ -820,8 +821,11 @@ static gboolean compare_tree(OsinfoTree *tree, + match_regex(os_treeinfo_version, treeinfo_version) && + match_regex(os_treeinfo_arch, treeinfo_arch)) { + *ret_os = os; +- if (matched != NULL) ++ if (matched != NULL) { + *matched = os_tree; ++ osinfo_tree_set_os(*matched, *ret_os); ++ found = TRUE; ++ } + break; + } + } +@@ -829,10 +833,8 @@ static gboolean compare_tree(OsinfoTree *tree, + g_list_free(trees); + g_object_unref(tree_list); + +- if (*ret_os != NULL) { +- osinfo_tree_set_os(*matched, *ret_os); ++ if (found) + return TRUE; +- } + } + + return FALSE; +-- +2.21.0 + diff --git a/0002-tree-Avoid-use-of-memory-after-it-s-freed.patch b/0002-tree-Avoid-use-of-memory-after-it-s-freed.patch new file mode 100644 index 0000000..d607cf9 --- /dev/null +++ b/0002-tree-Avoid-use-of-memory-after-it-s-freed.patch @@ -0,0 +1,50 @@ +From d1baaf2946513be06f97ab66e7845e14073add3d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= +Date: Tue, 21 May 2019 13:29:18 +0200 +Subject: [PATCH 2/3] tree: Avoid use of memory after it's freed +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +We've been passing data->location as the @url argument of +osinfo_tree_create_from_location_async_helper(), freeing it and trying +to g_strdup() it as the new content of data->location. + +In order to avoid doing so, let's set the data->location only once, in +the first caller of osinfo_tree_create_from_location_async_helper(), as +its content is always going to be the same doesn't matter the treeinfo +format to be used with. + +Signed-off-by: Fabiano Fidêncio +Reviewed-by: Cole Robinson +(cherry picked from commit d7bc838a96acf5f058e13d2b49157b4ba396cd87) +--- + osinfo/osinfo_tree.c | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/osinfo/osinfo_tree.c b/osinfo/osinfo_tree.c +index 88a2d6e..ab498f0 100644 +--- a/osinfo/osinfo_tree.c ++++ b/osinfo/osinfo_tree.c +@@ -702,9 +702,6 @@ osinfo_tree_create_from_location_async_helper(const gchar *url, + g_clear_object(&data->file); + data->file = g_file_new_for_uri(location); + +- g_free(data->location); +- data->location = g_strdup(url); +- + g_free(data->treeinfo); + data->treeinfo = g_strdup(treeinfo); + +@@ -740,6 +737,8 @@ void osinfo_tree_create_from_location_async(const gchar *location, + user_data); + g_task_set_priority(data->res, priority); + ++ data->location = g_strdup(location); ++ + osinfo_tree_create_from_location_async_helper(location, + ".treeinfo", + cancellable, +-- +2.21.0 + diff --git a/0003-tree-Cleanup-_create_from_location_async_helper.patch b/0003-tree-Cleanup-_create_from_location_async_helper.patch new file mode 100644 index 0000000..c5d4de8 --- /dev/null +++ b/0003-tree-Cleanup-_create_from_location_async_helper.patch @@ -0,0 +1,92 @@ +From 97d60a2e53439d6ad1a462267c3bdf0f09a6f7c8 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= +Date: Tue, 21 May 2019 13:33:27 +0200 +Subject: [PATCH 3/3] tree: Cleanup _create_from_location_async_helper() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +There's no need to pass neither the URL nor the cancellable to this +function as those can be taken directly from data. + +Signed-off-by: Fabiano Fidêncio +Reviewed-by: Cole Robinson +(cherry picked from commit dfda02598034737610b69fdd08d62f62cbf5b0cb) +--- + osinfo/osinfo_tree.c | 27 ++++++++------------------- + 1 file changed, 8 insertions(+), 19 deletions(-) + +diff --git a/osinfo/osinfo_tree.c b/osinfo/osinfo_tree.c +index ab498f0..0f14276 100644 +--- a/osinfo/osinfo_tree.c ++++ b/osinfo/osinfo_tree.c +@@ -631,10 +631,8 @@ static OsinfoTree *load_keyinfo(const gchar *location, + } + + static void +-osinfo_tree_create_from_location_async_helper(const gchar *url, +- const gchar *treeinfo, +- GCancellable *cancellable, +- CreateFromLocationAsyncData *data); ++osinfo_tree_create_from_location_async_helper(CreateFromLocationAsyncData *data, ++ const gchar *treeinfo); + + static void on_location_read(GObject *source, + GAsyncResult *res, +@@ -657,10 +655,7 @@ static void on_location_read(GObject *source, + /* It means no ".treeinfo" file has been found. Try again, this time + * looking for a "treeinfo" file. */ + if (g_str_equal(data->treeinfo, ".treeinfo")) { +- osinfo_tree_create_from_location_async_helper(data->location, +- "treeinfo", +- g_task_get_cancellable(data->res), +- data); ++ osinfo_tree_create_from_location_async_helper(data, "treeinfo"); + return; + } + +@@ -687,17 +682,14 @@ static void on_location_read(GObject *source, + } + + static void +-osinfo_tree_create_from_location_async_helper(const gchar *url, +- const gchar *treeinfo, +- GCancellable *cancellable, +- CreateFromLocationAsyncData *data) ++osinfo_tree_create_from_location_async_helper(CreateFromLocationAsyncData *data, ++ const gchar *treeinfo) + { + gchar *location; + +- g_return_if_fail(url != NULL); + g_return_if_fail(treeinfo != NULL); + +- location = g_strdup_printf("%s/%s", url, treeinfo); ++ location = g_strdup_printf("%s/%s", data->location, treeinfo); + + g_clear_object(&data->file); + data->file = g_file_new_for_uri(location); +@@ -706,7 +698,7 @@ osinfo_tree_create_from_location_async_helper(const gchar *url, + data->treeinfo = g_strdup(treeinfo); + + g_file_load_contents_async(data->file, +- cancellable, ++ g_task_get_cancellable(data->res), + on_location_read, + data); + g_free(location); +@@ -739,10 +731,7 @@ void osinfo_tree_create_from_location_async(const gchar *location, + + data->location = g_strdup(location); + +- osinfo_tree_create_from_location_async_helper(location, +- ".treeinfo", +- cancellable, +- data); ++ osinfo_tree_create_from_location_async_helper(data, ".treeinfo"); + } + + +-- +2.21.0 + diff --git a/libosinfo.spec b/libosinfo.spec index c429a15..ac4055d 100644 --- a/libosinfo.spec +++ b/libosinfo.spec @@ -3,11 +3,16 @@ Summary: A library for managing OS information for virtualization Name: libosinfo Version: 1.5.0 -Release: 1%{?dist}%{?extra_release} +Release: 2%{?dist}%{?extra_release} License: LGPLv2+ Source: https://releases.pagure.io/%{name}/%{name}-%{version}.tar.gz URL: https://libosinfo.org/ +### Patches ### +Patch0001: 0001-db-Avoid-dereference-of-null-pointer.patch +Patch0002: 0002-tree-Avoid-use-of-memory-after-it-s-freed.patch +Patch0003: 0003-tree-Cleanup-_create_from_location_async_helper.patch + BuildRequires: gettext-devel BuildRequires: glib2-devel BuildRequires: libxml2-devel >= 2.6.0 @@ -97,6 +102,9 @@ fi %{_datadir}/vala/vapi/libosinfo-1.0.vapi %changelog +* Mon Jun 03 2019 Fabiano Fidêncio - 1.5.0-2 +- Fix coverity issues + * Thu May 09 2019 Fabiano Fidêncio - 1.5.0-1 - Update to 1.5.0 release