Merged update from upstream sources
This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/libreport.git#4eeb8e1577a388094f992f5eacaf7b31a6a8ac04
This commit is contained in:
DistroBaker
parent
ee3db5a602
commit
62a7e24c27
|
|
@ -0,0 +1,48 @@
|
|||
From 9cdf0f9123ee39c7cb32a276371b2fd95f0df5ac Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Mat=C4=9Bj=20Grabovsk=C3=BD?= <mgrabovs@redhat.com>
|
||||
Date: Mon, 2 Nov 2020 11:45:23 +0100
|
||||
Subject: [PATCH] rhbz: Fix a double-free condition
|
||||
|
||||
The `cc` string must not be freed after the variable goes out of scope
|
||||
since it's appended to `cc_list`. (`g_list_append()` does not copy its
|
||||
input.) We only need to free the last string in the loop, which is an
|
||||
empty string.
|
||||
|
||||
The bug was introduced in 7aba6e53.
|
||||
|
||||
Resolves rhbz#1893595
|
||||
---
|
||||
src/plugins/rhbz.c | 8 +++++---
|
||||
1 file changed, 5 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/plugins/rhbz.c b/src/plugins/rhbz.c
|
||||
index 8a2ded79..e0d7a091 100644
|
||||
--- a/src/plugins/rhbz.c
|
||||
+++ b/src/plugins/rhbz.c
|
||||
@@ -406,18 +406,20 @@ GList *rhbz_bug_cc(xmlrpc_value* result_xml)
|
||||
if (!item)
|
||||
continue;
|
||||
|
||||
- g_autofree const char* cc = NULL;
|
||||
- xmlrpc_read_string(&env, item, &cc);
|
||||
+ char *cc = NULL;
|
||||
+ xmlrpc_read_string(&env, item, (const char **)&cc);
|
||||
xmlrpc_DECREF(item);
|
||||
if (env.fault_occurred)
|
||||
abrt_xmlrpc_die(&env);
|
||||
|
||||
if (*cc != '\0')
|
||||
{
|
||||
- cc_list = g_list_append(cc_list, (char*)cc);
|
||||
+ cc_list = g_list_append(cc_list, cc);
|
||||
log_debug("member on cc is %s", cc);
|
||||
continue;
|
||||
}
|
||||
+
|
||||
+ free(cc);
|
||||
}
|
||||
xmlrpc_DECREF(cc_member);
|
||||
return cc_list;
|
||||
--
|
||||
2.26.2
|
||||
|
||||
|
|
@ -15,7 +15,7 @@
|
|||
Summary: Generic library for reporting various problems
|
||||
Name: libreport
|
||||
Version: 2.14.0
|
||||
Release: 11%{?dist}
|
||||
Release: 12%{?dist}
|
||||
License: GPLv2+
|
||||
URL: https://abrt.readthedocs.org/
|
||||
Source: https://github.com/abrt/%{name}/archive/%{version}/%{name}-%{version}.tar.gz
|
||||
|
|
@ -27,6 +27,7 @@ Patch3: 0004-gui-wizard-gtk-Fix-a-segfault-and-memory-leak.patch
|
|||
Patch4: 0005-gui-wizard-gtk-Fix-segfault.patch
|
||||
Patch5: 0006-event_config-Null-autofree-pointers-before-returning.patch
|
||||
Patch6: 0007-gui-wizard-gtk-Don-t-autofree-URL-string.patch
|
||||
Patch7: 0008-rhbz-Fix-a-double-free-condition.patch
|
||||
|
||||
BuildRequires: %{dbus_devel}
|
||||
BuildRequires: gtk3-devel
|
||||
|
|
@ -667,6 +668,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
|
|||
%endif
|
||||
|
||||
%changelog
|
||||
* Tue Nov 03 2020 Matěj Grabovský <mgrabovs@redhat.com> - 2.14.0-12
|
||||
- Add fix for https://bugzilla.redhat.com/show_bug.cgi?id=1893595
|
||||
|
||||
* Fri Oct 09 2020 Matěj Grabovský <mgrabovs@redhat.com> - 2.14.0-11
|
||||
- Add fix for https://bugzilla.redhat.com/show_bug.cgi?id=1882328
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue