Merged update from upstream sources

This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/libreport.git#4eeb8e1577a388094f992f5eacaf7b31a6a8ac04
2020-11-03 16:17:34 +00:00 · 2020-11-03 16:17:34 +00:00 · 62a7e24c27
commit 62a7e24c27
parent ee3db5a602
2 changed files with 53 additions and 1 deletions
--- a/0008-rhbz-Fix-a-double-free-condition.patch
+++ b/0008-rhbz-Fix-a-double-free-condition.patch
@ -0,0 +1,48 @@
+From 9cdf0f9123ee39c7cb32a276371b2fd95f0df5ac Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Mat=C4=9Bj=20Grabovsk=C3=BD?= <mgrabovs@redhat.com>
+Date: Mon, 2 Nov 2020 11:45:23 +0100
+Subject: [PATCH] rhbz: Fix a double-free condition
+
+The `cc` string must not be freed after the variable goes out of scope
+since it's appended to `cc_list`. (`g_list_append()` does not copy its
+input.) We only need to free the last string in the loop, which is an
+empty string.
+
+The bug was introduced in 7aba6e53.
+
+Resolves rhbz#1893595
+---
+ src/plugins/rhbz.c | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/src/plugins/rhbz.c b/src/plugins/rhbz.c
+index 8a2ded79..e0d7a091 100644
+--- a/src/plugins/rhbz.c
+++ b/src/plugins/rhbz.c
+@@ -406,18 +406,20 @@ GList *rhbz_bug_cc(xmlrpc_value* result_xml)
+         if (!item)
+             continue;
+ 
+-        g_autofree const char* cc = NULL;
+-        xmlrpc_read_string(&env, item, &cc);
+        char *cc = NULL;
+        xmlrpc_read_string(&env, item, (const char **)&cc);
+         xmlrpc_DECREF(item);
+         if (env.fault_occurred)
+             abrt_xmlrpc_die(&env);
+ 
+         if (*cc != '\0')
+         {
+-            cc_list = g_list_append(cc_list, (char*)cc);
+            cc_list = g_list_append(cc_list, cc);
+             log_debug("member on cc is %s", cc);
+             continue;
+         }
+
+        free(cc);
+     }
+     xmlrpc_DECREF(cc_member);
+     return cc_list;
+-- 
+2.26.2
+
--- a/libreport.spec
+++ b/libreport.spec
@ -15,7 +15,7 @@
 Summary: Generic library for reporting various problems
 Name: libreport
 Version: 2.14.0
-Release: 11%{?dist}
+Release: 12%{?dist}
 License: GPLv2+
 URL: https://abrt.readthedocs.org/
 Source: https://github.com/abrt/%{name}/archive/%{version}/%{name}-%{version}.tar.gz
@ -27,6 +27,7 @@ Patch3: 0004-gui-wizard-gtk-Fix-a-segfault-and-memory-leak.patch
 Patch4: 0005-gui-wizard-gtk-Fix-segfault.patch
 Patch5: 0006-event_config-Null-autofree-pointers-before-returning.patch
 Patch6: 0007-gui-wizard-gtk-Don-t-autofree-URL-string.patch
+Patch7: 0008-rhbz-Fix-a-double-free-condition.patch

 BuildRequires: %{dbus_devel}
 BuildRequires: gtk3-devel
@ -667,6 +668,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
 %endif

 %changelog
+* Tue Nov 03 2020 Matěj Grabovský <mgrabovs@redhat.com> - 2.14.0-12
+- Add fix for https://bugzilla.redhat.com/show_bug.cgi?id=1893595
+
 * Fri Oct 09 2020 Matěj Grabovský <mgrabovs@redhat.com> - 2.14.0-11
 - Add fix for https://bugzilla.redhat.com/show_bug.cgi?id=1882328