Fix a memory leak in select_next_target()
Resolves: RHEL-35699
This commit is contained in:
		
							parent
							
								
									9730f27436
								
							
						
					
					
						commit
						35383c4fdf
					
				
							
								
								
									
										69
									
								
								0001-Fix-a-memory-leak-in-select_next_target.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										69
									
								
								0001-Fix-a-memory-leak-in-select_next_target.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,69 @@ | ||||
| From 3c85711f35b987bd0ce17dd0fbaa0d9f2521c444 Mon Sep 17 00:00:00 2001 | ||||
| From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com> | ||||
| Date: Thu, 11 Jul 2024 15:40:03 +0200 | ||||
| Subject: [PATCH] Fix a memory leak in select_next_target() | ||||
| MIME-Version: 1.0 | ||||
| Content-Type: text/plain; charset=UTF-8 | ||||
| Content-Transfer-Encoding: 8bit | ||||
| 
 | ||||
| If a next target URL was found (non-NULL full_url) and then a transfer was | ||||
| canceled or an off-line mode was requested, full_url string was not freed and a | ||||
| memory leaked. | ||||
| 
 | ||||
| Discovered with Covscan: | ||||
| 
 | ||||
|     16. librepo-1.18.0/librepo/downloader.c:891:13: alloc_fn: Storage is returned from allocation function "g_strdup_inline". | ||||
|     17. librepo-1.18.0/librepo/downloader.c:891:13: var_assign: Assigning: "full_url" = storage returned from "g_strdup_inline(target->target->path)". | ||||
|     22. librepo-1.18.0/librepo/downloader.c:919:9: noescape: Resource "full_url" is not freed or pointed-to in "lr_is_local_path". | ||||
|     24. librepo-1.18.0/librepo/downloader.c:924:13: noescape: Assuming resource "full_url" is not freed or pointed-to as ellipsis argument to "g_debug". | ||||
|     28. librepo-1.18.0/librepo/downloader.c:956:17: leaked_storage: Variable "full_url" going out of scope leaks the storage it points to. | ||||
|     #   954|                               "and no local URL is available", | ||||
|     #   955|                               target->target->path); | ||||
|     #   956|->                 return FALSE; | ||||
|     #   957|               } | ||||
|     #   958|           } | ||||
| 
 | ||||
|     16. librepo-1.18.0/librepo/downloader.c:891:13: alloc_fn: Storage is returned from allocation function "g_strdup_inline". | ||||
|     17. librepo-1.18.0/librepo/downloader.c:891:13: var_assign: Assigning: "full_url" = storage returned from "g_strdup_inline(target->target->path)". | ||||
|     22. librepo-1.18.0/librepo/downloader.c:919:9: noescape: Resource "full_url" is not freed or pointed-to in "lr_is_local_path". | ||||
|     24. librepo-1.18.0/librepo/downloader.c:924:13: noescape: Assuming resource "full_url" is not freed or pointed-to as ellipsis argument to "g_debug". | ||||
|     27. librepo-1.18.0/librepo/downloader.c:946:21: leaked_storage: Variable "full_url" going out of scope leaks the storage it points to. | ||||
|     #   944|                       g_set_error(err, LR_DOWNLOADER_ERROR, LRE_CBINTERRUPTED, | ||||
|     #   945|                               "Interrupted by LR_CB_ERROR from end callback"); | ||||
|     #   946|->                     return FALSE; | ||||
|     #   947|                   } | ||||
|     #   948|               } | ||||
| 
 | ||||
| This patch fixes it. | ||||
| 
 | ||||
| The bug was introduced in 1.7.14 version | ||||
| (08e4810fcdd753ce4728bd88b252f7b3d34b2cdb commit). | ||||
| 
 | ||||
| Signed-off-by: Petr Písař <ppisar@redhat.com> | ||||
| ---
 | ||||
|  librepo/downloader.c | 2 ++ | ||||
|  1 file changed, 2 insertions(+) | ||||
| 
 | ||||
| diff --git a/librepo/downloader.c b/librepo/downloader.c
 | ||||
| index 364c0af..40dbeb2 100644
 | ||||
| --- a/librepo/downloader.c
 | ||||
| +++ b/librepo/downloader.c
 | ||||
| @@ -943,6 +943,7 @@ select_next_target(LrDownload *dd,
 | ||||
|                              "from end callback", __func__); | ||||
|                      g_set_error(err, LR_DOWNLOADER_ERROR, LRE_CBINTERRUPTED, | ||||
|                              "Interrupted by LR_CB_ERROR from end callback"); | ||||
| +                    g_free(full_url);
 | ||||
|                      return FALSE; | ||||
|                  } | ||||
|              } | ||||
| @@ -953,6 +954,7 @@ select_next_target(LrDownload *dd,
 | ||||
|                              "Cannot download %s: Offline mode is specified " | ||||
|                              "and no local URL is available", | ||||
|                              target->target->path); | ||||
| +                g_free(full_url);
 | ||||
|                  return FALSE; | ||||
|              } | ||||
|          } | ||||
| -- 
 | ||||
| 2.45.2 | ||||
| 
 | ||||
| @ -36,6 +36,7 @@ License:        LGPL-2.1-or-later | ||||
| URL:            https://github.com/rpm-software-management/librepo | ||||
| Source0:        %{url}/archive/%{version}/%{name}-%{version}.tar.gz | ||||
| Patch0:         0001-Use-rpm-sequoia-on-RHEL-10.patch | ||||
| Patch1:         0001-Fix-a-memory-leak-in-select_next_target.patch | ||||
| 
 | ||||
| BuildRequires:  cmake | ||||
| BuildRequires:  gcc | ||||
| @ -130,6 +131,7 @@ Python 3 bindings for the librepo library. | ||||
| %changelog | ||||
| * Mon Jul 15 2024 Petr Pisar <ppisar@redhat.com> - 1.18.0-2 | ||||
| - Use librpmio instead of gpgme for handling PGP keys (RHEL-47106) | ||||
| - Fix a memory leak in select_next_target() (RHEL-35699) | ||||
| 
 | ||||
| * Tue Jul 02 2024 Evan Goode <egoode@redhat.com> - 1.18.0-1 | ||||
| - Update to 1.18.0 (RHEL-35699) | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user