Fix SAST vulnerabilities

Resolves: RHEL-40413
Signed-off-by: Jerome Marchand <jmarchan@redhat.com>

libtracefs-Call-va_end-before-exiting-tracefs_hist_s.patch

@@ -0,0 +1,41 @@
+From aecc0b7b4d5ba986517fb86fb0a87a110ad0c816 Mon Sep 17 00:00:00 2001
+From: Jerome Marchand <jmarchan@redhat.com>
+Date: Thu, 6 Jun 2024 17:38:15 +0200
+Subject: [PATCH 01/15] libtracefs: Call va_end() before exiting
+ tracefs_hist_set_sort_key()
+
+Each invocation of va_start() must be matched by a corresponding
+invocation of va_end() in the same function. If add_sort_key() fails,
+tracefs_hist_set_sort_key() exits without calling it. Call va_end
+after add_sort_key() fails.
+
+Fixes a VARARGS error (CWE-237)
+
+Link: https://lore.kernel.org/linux-trace-devel/20240606153830.2666120-2-jmarchan@redhat.com
+
+Fixes: 5d1c2ea2d6a7b ("libtracefs: Implement API to create / modify and display histograms")
+Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
+Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
+---
+ src/tracefs-hist.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/tracefs-hist.c b/src/tracefs-hist.c
+index 2b4f17f..87287b5 100644
+--- a/src/tracefs-hist.c
++++ b/src/tracefs-hist.c
+@@ -596,8 +596,10 @@ int tracefs_hist_set_sort_key(struct tracefs_hist *hist,
+ 		if (!sort_key)
+ 			break;
+ 		tmp = add_sort_key(hist, sort_key, list);
+-		if (!tmp)
++		if (!tmp) {
++			va_end(ap);
+ 			goto fail;
++		}
+ 		list = tmp;
+ 	}
+ 	va_end(ap);
+-- 
+2.45.2
+

libtracefs-Close-dir-in-the-error-path-in-tracefs_ev.patch

@@ -0,0 +1,36 @@
+From 590e45220531201e09c9a4292bded25d7c941ab8 Mon Sep 17 00:00:00 2001
+From: Jerome Marchand <jmarchan@redhat.com>
+Date: Thu, 6 Jun 2024 17:38:28 +0200
+Subject: [PATCH 14/15] libtracefs: Close dir in the error path in
+ tracefs_event_systems()
+
+In tracefs_event_systems, we don't close dir if add_list_string()
+fails. At this point, just breaking out of the loop fixes that.
+
+Fixes a RESSOURCE_LEAK error (CWE-772)
+
+Link: https://lore.kernel.org/linux-trace-devel/20240606153830.2666120-15-jmarchan@redhat.com
+
+Fixes: 056a177e1d686 ("libtracefs: Restructure how string lists work")
+Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
+Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
+---
+ src/tracefs-events.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/tracefs-events.c b/src/tracefs-events.c
+index 1fa3f2f..83069aa 100644
+--- a/src/tracefs-events.c
++++ b/src/tracefs-events.c
+@@ -858,7 +858,7 @@ char **tracefs_event_systems(const char *tracing_dir)
+ 		free(sys);
+ 		if (ret >= 0) {
+ 			if (add_list_string(&systems, name) < 0)
+-				goto out_free;
++				break;
+ 		}
+ 	}
+ 
+-- 
+2.45.2
+

libtracefs-Close-dir-in-the-error-path-in-tracefs_sy.patch

@@ -0,0 +1,36 @@
+From 0309a876ba3ac13f7a436f292a6bdc0927213a76 Mon Sep 17 00:00:00 2001
+From: Jerome Marchand <jmarchan@redhat.com>
+Date: Thu, 6 Jun 2024 17:38:27 +0200
+Subject: [PATCH 13/15] libtracefs: Close dir in the error path in
+ tracefs_system_events()
+
+In tracefs_system_events(), we don't close dir if add_list_string()
+fails. At this point, just breaking out of the loop fixes that.
+
+Fixes a RESSOURCE_LEAK error (CWE-772)
+
+Link: https://lore.kernel.org/linux-trace-devel/20240606153830.2666120-14-jmarchan@redhat.com
+
+Fixes: 056a177e1d686 ("libtracefs: Restructure how string lists work")
+Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
+Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
+---
+ src/tracefs-events.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/tracefs-events.c b/src/tracefs-events.c
+index 88325e1..1fa3f2f 100644
+--- a/src/tracefs-events.c
++++ b/src/tracefs-events.c
+@@ -922,7 +922,7 @@ char **tracefs_system_events(const char *tracing_dir, const char *system)
+ 		free(event);
+ 
+ 		if (add_list_string(&events, name) < 0)
+-			goto out_free;
++			break;
+ 	}
+ 
+ 	closedir(dir);
+-- 
+2.45.2
+

libtracefs-Don-t-leak-socket-file-descriptor-in-open.patch

@@ -0,0 +1,38 @@
+From a01d0ba2d810336870deb8fd4f5366fee45865fe Mon Sep 17 00:00:00 2001
+From: Jerome Marchand <jmarchan@redhat.com>
+Date: Thu, 6 Jun 2024 17:38:20 +0200
+Subject: [PATCH 06/15] libtracefs: Don't leak socket file descriptor in
+ open_vsock()
+
+Close the socket file descriptor if connect() fails.
+
+Fixes a RESSOURCE_LEAK error (CWE-772)
+
+Link: https://lore.kernel.org/linux-trace-devel/20240606153830.2666120-7-jmarchan@redhat.com
+
+Fixes: 5ea41283fa071 ("libtracefs: Add tracefs_find_cid_pid() API")
+Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
+Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
+---
+ src/tracefs-vsock.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/tracefs-vsock.c b/src/tracefs-vsock.c
+index e171382..9171321 100644
+--- a/src/tracefs-vsock.c
++++ b/src/tracefs-vsock.c
+@@ -19,8 +19,10 @@ static int open_vsock(unsigned int cid, unsigned int port)
+ 	if (sd < 0)
+ 		return -1;
+ 
+-	if (connect(sd, (struct sockaddr *)&addr, sizeof(addr)))
++	if (connect(sd, (struct sockaddr *)&addr, sizeof(addr))) {
++		close(sd);
+ 		return -1;
++	}
+ 
+ 	return sd;
+ }
+-- 
+2.45.2
+

libtracefs-Initialize-val-in-build_filter.patch

@@ -0,0 +1,35 @@
+From e6737d4ee9de9af86061de58cbb3fcb14fd0ffbc Mon Sep 17 00:00:00 2001
+From: Jerome Marchand <jmarchan@redhat.com>
+Date: Thu, 6 Jun 2024 17:38:29 +0200
+Subject: [PATCH 15/15] libtracefs: Initialize val in build_filter()
+
+In build_filter(), val is only initialized if filter->rval->type is
+either EXPR_NUMBER or EXPR_STRING. AS far as I can understand that is
+expected at that point. Howvever, it doesn't cost much to initialize
+it in case the parser let some bogus request pass by and it should
+prevent the static analyser to complain.
+
+Link: https://lore.kernel.org/linux-trace-devel/20240606153830.2666120-16-jmarchan@redhat.com
+
+Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
+Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
+---
+ src/tracefs-sqlhist.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/tracefs-sqlhist.c b/src/tracefs-sqlhist.c
+index 0f678c1..08bd0fa 100644
+--- a/src/tracefs-sqlhist.c
++++ b/src/tracefs-sqlhist.c
+@@ -1109,7 +1109,7 @@ static int build_filter(struct tep_handle *tep, struct sqlhist_bison *sb,
+ 			     const char *val);
+ 	struct filter *filter = &expr->filter;
+ 	enum tracefs_compare cmp;
+-	const char *val;
++	const char *val = NULL;
+ 	int and_or = TRACEFS_FILTER_AND;
+ 	char num[64];
+ 	int ret;
+-- 
+2.45.2
+

libtracefs-Prevent-a-memory-leak-in-add_func_str.patch

@@ -0,0 +1,37 @@
+From 7fcd8d27ff95670ffb0478486d408162f5299e89 Mon Sep 17 00:00:00 2001
+From: Jerome Marchand <jmarchan@redhat.com>
+Date: Thu, 6 Jun 2024 17:38:21 +0200
+Subject: [PATCH 07/15] libtracefs: Prevent a memory leak in add_func_str()
+
+Free func_list if strdup() fails.
+
+Fixes a RESSOURCE_LEAK error (CWE-772)
+
+Link: https://lore.kernel.org/linux-trace-devel/20240606153830.2666120-8-jmarchan@redhat.com
+
+Fixes: c1606fb72264a ("libtracefs: Implement tracefs_filter_functions()")
+Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
+Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
+---
+ src/tracefs-tools.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/tracefs-tools.c b/src/tracefs-tools.c
+index 8e7b46d..74cfe91 100644
+--- a/src/tracefs-tools.c
++++ b/src/tracefs-tools.c
+@@ -559,8 +559,10 @@ static int add_func_str(struct func_list ***next_func_ptr, const char *func)
+ 		if (!func_list)
+ 			return -1;
+ 		func_list->func = strdup(func);
+-		if (!func_list->func)
++		if (!func_list->func) {
++			free(func_list);
+ 			return -1;
++		}
+ 		*next_func = func_list;
+ 		return 0;
+ 	}
+-- 
+2.45.2
+

libtracefs-Prevent-a-memory-leak-in-open_cpu_files.patch

@@ -0,0 +1,57 @@
+From 8f2593fbbad2a549b854645acde7b11f5e02a924 Mon Sep 17 00:00:00 2001
+From: Jerome Marchand <jmarchan@redhat.com>
+Date: Thu, 6 Jun 2024 17:38:23 +0200
+Subject: [PATCH 09/15] libtracefs: Prevent a memory leak in open_cpu_files()
+
+In open_cpu_files(), if realloc() fails, the latest allocated tcpu
+isn't freed. Rearrange the loop to prevent that.
+
+Link: https://lore.kernel.org/linux-trace-devel/20240606153830.2666120-10-jmarchan@redhat.com
+
+Fixes: 564bffddcb117 ("libtracefs: Use tracefs_cpu_read() for tracefs_iterate_raw_events()")
+Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
+Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
+---
+ src/tracefs-events.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/tracefs-events.c b/src/tracefs-events.c
+index d65837e..88325e1 100644
+--- a/src/tracefs-events.c
++++ b/src/tracefs-events.c
+@@ -275,9 +275,12 @@ static int open_cpu_files(struct tracefs_instance *instance, cpu_set_t *cpus,
+ 			tcpu = tracefs_cpu_snapshot_open(instance, cpu, true);
+ 		else
+ 			tcpu = tracefs_cpu_open_mapped(instance, cpu, true);
++		if (!tcpu)
++			goto error;
++
+ 		tmp = realloc(*all_cpus, (i + 1) * sizeof(*tmp));
+ 		if (!tmp) {
+-			i--;
++			tracefs_cpu_close(tcpu);
+ 			goto error;
+ 		}
+ 
+@@ -285,9 +288,6 @@ static int open_cpu_files(struct tracefs_instance *instance, cpu_set_t *cpus,
+ 
+ 		memset(tmp + i, 0, sizeof(*tmp));
+ 
+-		if (!tcpu)
+-			goto error;
+-
+ 		tmp[i].tcpu = tcpu;
+ 		tmp[i].cpu = cpu;
+ 		i++;
+@@ -296,7 +296,7 @@ static int open_cpu_files(struct tracefs_instance *instance, cpu_set_t *cpus,
+ 	return 0;
+  error:
+ 	tmp = *all_cpus;
+-	for (; i >= 0; i--) {
++	for (i--; i >= 0; i--) {
+ 		tracefs_cpu_close(tmp[i].tcpu);
+ 	}
+ 	free(tmp);
+-- 
+2.45.2
+

libtracefs-Prevent-a-memory-leak-in-tracefs_synth_ad.patch

@@ -0,0 +1,53 @@
+From 2342293f9aac9ce3706eb7ffaab0e5cf11231215 Mon Sep 17 00:00:00 2001
+From: Jerome Marchand <jmarchan@redhat.com>
+Date: Thu, 6 Jun 2024 17:38:18 +0200
+Subject: [PATCH 04/15] libtracefs: Prevent a memory leak in
+ tracefs_synth_add_end_field()
+
+Free tmp_var in the error path.
+
+Fixes a RESSOURCE_LEAK error (CWE-772)
+
+Link: https://lore.kernel.org/linux-trace-devel/20240606153830.2666120-5-jmarchan@redhat.com
+
+Fixes: f1cdbe9b52b07 ("libtracefs: Have end event variables not be the end event field name")
+Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
+Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
+---
+ src/tracefs-hist.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/tracefs-hist.c b/src/tracefs-hist.c
+index 87287b5..4f4971e 100644
+--- a/src/tracefs-hist.c
++++ b/src/tracefs-hist.c
+@@ -1576,7 +1576,7 @@ int tracefs_synth_add_end_field(struct tracefs_synth *synth,
+ 	const struct tep_format_field *field;
+ 	const char *hname = NULL;
+ 	char *tmp_var = NULL;
+-	int ret;
++	int ret = -1;
+ 
+ 	if (!synth || !end_field) {
+ 		errno = EINVAL;
+@@ -1594,15 +1594,15 @@ int tracefs_synth_add_end_field(struct tracefs_synth *synth,
+ 		tmp_var = new_arg(synth);
+ 
+ 	if (!trace_verify_event_field(synth->end_event, end_field, &field))
+-		return -1;
++		goto out;
+ 
+ 	ret = add_var(&synth->end_vars, name ? hname : tmp_var, end_field, false);
+ 	if (ret)
+ 		goto out;
+ 
+ 	ret = add_synth_fields(synth, field, name, hname ? : tmp_var);
+-	free(tmp_var);
+  out:
++	free(tmp_var);
+ 	return ret;
+ }
+ 
+-- 
+2.45.2
+

libtracefs-Prevent-a-memory-leak-in-tracefs_system_e.patch

@@ -0,0 +1,40 @@
+From 7d77b83ce83c318cb83cf2529f45cc950edb44d5 Mon Sep 17 00:00:00 2001
+From: Jerome Marchand <jmarchan@redhat.com>
+Date: Thu, 6 Jun 2024 17:38:22 +0200
+Subject: [PATCH 08/15] libtracefs: Prevent a memory leak in
+ tracefs_system_events()
+
+If add_list_string() fails, event isn't freed. Free event before
+calling add_list_string();
+
+Fixes a RESSOURCE_LEAK error (CWE-772)
+
+Link: https://lore.kernel.org/linux-trace-devel/20240606153830.2666120-9-jmarchan@redhat.com
+
+Fixes: 056a177e1d686 ("libtracefs: Restructure how string lists work")
+Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
+Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
+---
+ src/tracefs-events.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/src/tracefs-events.c b/src/tracefs-events.c
+index 906dbe8..d65837e 100644
+--- a/src/tracefs-events.c
++++ b/src/tracefs-events.c
+@@ -919,11 +919,10 @@ char **tracefs_system_events(const char *tracing_dir, const char *system)
+ 			free(event);
+ 			continue;
+ 		}
++		free(event);
+ 
+ 		if (add_list_string(&events, name) < 0)
+ 			goto out_free;
+-
+-		free(event);
+ 	}
+ 
+ 	closedir(dir);
+-- 
+2.45.2
+

libtracefs-Prevent-a-memory-leak-in-update_fields.patch

@@ -0,0 +1,38 @@
+From 1c9539491d2440eab01ffc3b7a616502ef22cc1b Mon Sep 17 00:00:00 2001
+From: Jerome Marchand <jmarchan@redhat.com>
+Date: Thu, 6 Jun 2024 17:38:17 +0200
+Subject: [PATCH 03/15] libtracefs: Prevent a memory leak in update_fields()
+
+In update_fields() p isn't freed is store_str fails. Since p is to be
+freed whatever the result of store_str() might be, move the call to
+free() before checking field_name.
+
+Fixes a RESSOURCE_LEAK error (CWE-772)
+
+Link: https://lore.kernel.org/linux-trace-devel/20240606153830.2666120-4-jmarchan@redhat.com
+
+Fixes: fa51df99ad21d ("libtracefs: Allow for simple SQL statements to create a histogram")
+Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
+Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
+---
+ src/tracefs-sqlhist.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/tracefs-sqlhist.c b/src/tracefs-sqlhist.c
+index ecf09ce..c7b9eff 100644
+--- a/src/tracefs-sqlhist.c
++++ b/src/tracefs-sqlhist.c
+@@ -810,9 +810,9 @@ static int update_fields(struct tep_handle *tep,
+ 			if (!p)
+ 				return -1;
+ 			field_name = store_str(sb, p);
++			free((char *)p);
+ 			if (!field_name)
+ 				return -1;
+-			free((char *)p);
+ 		}
+ 
+ 		tfield = tep_find_any_field(event, field_name);
+-- 
+2.45.2
+

libtracefs-Prevent-memory-leak-in-append_filer.patch

@@ -0,0 +1,50 @@
+From 6b356651a3fdbb63531036941dd02fd60da5e52d Mon Sep 17 00:00:00 2001
+From: Jerome Marchand <jmarchan@redhat.com>
+Date: Thu, 6 Jun 2024 17:38:16 +0200
+Subject: [PATCH 02/15] libtracefs: Prevent memory leak in append_filer()
+
+The buffer containing the new filter isn't freed if we encounter an
+error after it was allocated. Free tmp in the error path.
+
+Fixes a RESSOURCE_LEAK error (CWE-772)
+
+Link: https://lore.kernel.org/linux-trace-devel/20240606153830.2666120-3-jmarchan@redhat.com
+
+Fixes: 24b856f0bcf3d ("libtracefs: Add filter creating and verify API")
+Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
+Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
+---
+ src/tracefs-filter.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/src/tracefs-filter.c b/src/tracefs-filter.c
+index afe3338..1b1c60e 100644
+--- a/src/tracefs-filter.c
++++ b/src/tracefs-filter.c
+@@ -250,12 +250,12 @@ static int append_filter(char **filter, unsigned int *state,
+ 	case TRACEFS_COMPARE_NE: tmp = append_string(tmp, NULL, " != "); break;
+ 	case TRACEFS_COMPARE_RE:
+ 		if (!is_string)
+-			goto inval;
++			goto free;
+ 		tmp = append_string(tmp, NULL, "~");
+ 		break;
+ 	default:
+ 		if (is_string)
+-			goto inval;
++			goto free;
+ 	}
+ 
+ 	switch (compare) {
+@@ -277,6 +277,8 @@ static int append_filter(char **filter, unsigned int *state,
+ 	*state = S_COMPARE;
+ 
+ 	return 0;
++free:
++	free(tmp);
+ inval:
+ 	errno = EINVAL;
+ 	return -1;
+-- 
+2.45.2
+

libtracefs-Prevent-memory-leak-in-tracefs_dynevent_g.patch

@@ -0,0 +1,34 @@
+From f34fb1f29a89196afe3ce793a6395e1687a88a66 Mon Sep 17 00:00:00 2001
+From: Jerome Marchand <jmarchan@redhat.com>
+Date: Thu, 6 Jun 2024 17:38:26 +0200
+Subject: [PATCH 12/15] libtracefs: Prevent memory leak in
+ tracefs_dynevent_get_all()
+
+Free events in the error path of tracefs_dynevent_get_all().
+
+Fixes a RESSOURCE_LEAK error (CWE-772)
+
+Link: https://lore.kernel.org/linux-trace-devel/20240606153830.2666120-13-jmarchan@redhat.com
+
+Fixes: b04f18b005c6b ("libtracefs: New APIs for dynamic events")
+Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
+Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
+---
+ src/tracefs-dynevents.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/tracefs-dynevents.c b/src/tracefs-dynevents.c
+index 7a3c45c..85c1fcd 100644
+--- a/src/tracefs-dynevents.c
++++ b/src/tracefs-dynevents.c
+@@ -589,6 +589,7 @@ tracefs_dynevent_get_all(unsigned int types, const char *system)
+ 	return all_events;
+ 
+ error:
++	free(events);
+ 	if (all_events) {
+ 		for (i = 0; i < all; i++)
+ 			free(all_events[i]);
+-- 
+2.45.2
+

libtracefs-Prevent-memory-leak-in-tracefs_event_syst.patch

@@ -0,0 +1,42 @@
+From efdf7f7fcb9a4e0a5ccefb805d78123332aa7a23 Mon Sep 17 00:00:00 2001
+From: Jerome Marchand <jmarchan@redhat.com>
+Date: Thu, 6 Jun 2024 17:38:19 +0200
+Subject: [PATCH 05/15] libtracefs: Prevent memory leak in
+ tracefs_event_systems()
+
+If an error is encountered in the loop, enable and sys might not get
+freed. Move the calls to free() before possibly exiting the loop.
+
+Fixes a RESSOURCE_LEAK error (CWE-772)
+
+Link: https://lore.kernel.org/linux-trace-devel/20240606153830.2666120-6-jmarchan@redhat.com
+
+Fixes: 056a177e1d686 ("libtracefs: Restructure how string lists work")
+Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
+Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
+---
+ src/tracefs-events.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/tracefs-events.c b/src/tracefs-events.c
+index 1b1693c..906dbe8 100644
+--- a/src/tracefs-events.c
++++ b/src/tracefs-events.c
+@@ -854,12 +854,12 @@ char **tracefs_event_systems(const char *tracing_dir)
+ 		enable = trace_append_file(sys, "enable");
+ 
+ 		ret = stat(enable, &st);
++		free(enable);
++		free(sys);
+ 		if (ret >= 0) {
+ 			if (add_list_string(&systems, name) < 0)
+ 				goto out_free;
+ 		}
+-		free(enable);
+-		free(sys);
+ 	}
+ 
+ 	closedir(dir);
+-- 
+2.45.2
+

libtracefs-Prevent-memory-leak-in-tracefs_instance_c.patch

@@ -0,0 +1,34 @@
+From 5e5b2a760b13aeecd72da9bda392d2d3510fc409 Mon Sep 17 00:00:00 2001
+From: Jerome Marchand <jmarchan@redhat.com>
+Date: Thu, 6 Jun 2024 17:38:24 +0200
+Subject: [PATCH 10/15] libtracefs: Prevent memory leak in
+ tracefs_instance_create()
+
+Free the path of the instance directory in the error path.
+
+Fixes a RESSOURCE_LEAK error (CWE-772)
+
+Link: https://lore.kernel.org/linux-trace-devel/20240606153830.2666120-11-jmarchan@redhat.com
+
+Fixes: ebbb8507de560 libtracefs: Combine allocate and create APIs into one
+Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
+Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
+---
+ src/tracefs-instance.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/tracefs-instance.c b/src/tracefs-instance.c
+index 9a26708..dd7decd 100644
+--- a/src/tracefs-instance.c
++++ b/src/tracefs-instance.c
+@@ -217,6 +217,7 @@ struct tracefs_instance *tracefs_instance_create(const char *name)
+ 	return inst;
+ 
+ error:
++	tracefs_put_tracing_file(path);
+ 	tracefs_instance_free(inst);
+ 	return NULL;
+ }
+-- 
+2.45.2
+

libtracefs-my_yyinput-should-return-0-when-no-data-c.patch

@@ -0,0 +1,38 @@
+From 48e906bceb8b4770bfcbaf481338c134658ce2c8 Mon Sep 17 00:00:00 2001
+From: Jerome Marchand <jmarchan@redhat.com>
+Date: Thu, 6 Jun 2024 17:38:25 +0200
+Subject: [PATCH 11/15] libtracefs: my_yyinput() should return 0 when no data
+ can be read
+
+YY_INPUT() is redefined in sqlhist.l and basically just call
+my_yyinput() to do the work. However, YY_INPUT is supposed to return
+YY_NULL (0 on Unix system) when no data can be read, not -1. This can
+cause an overflow error in the generated sqlhist-lex.c file.
+
+Have my_yyinput() returns zero when no buffer is found.
+
+Link: https://lore.kernel.org/linux-trace-devel/20240606153830.2666120-12-jmarchan@redhat.com
+
+Fixes: 25446407c5151 ("libtracefs: Added new API tracefs_sql()")
+Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
+Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
+---
+ src/tracefs-sqlhist.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/tracefs-sqlhist.c b/src/tracefs-sqlhist.c
+index c7b9eff..0f678c1 100644
+--- a/src/tracefs-sqlhist.c
++++ b/src/tracefs-sqlhist.c
+@@ -121,7 +121,7 @@ __hidden int my_yyinput(void *extra, char *buf, int max)
+ 	struct sqlhist_bison *sb = extra;
+ 
+ 	if (!sb || !sb->buffer)
+-		return -1;
++		return 0;
+ 
+ 	if (sb->buffer_idx + max > sb->buffer_size)
+ 		max = sb->buffer_size - sb->buffer_idx;
+-- 
+2.45.2
+

libtracefs.spec

@@ -1,11 +1,27 @@
 Name: libtracefs
 Version: 1.8.0
-Release: 4%{?dist}
+Release: 5%{?dist}
 License: LGPL-2.1-or-later AND GPL-2.0-or-later AND GPL-2.0-only
 Summary: Library for access kernel tracefs
 
 URL: https://git.kernel.org/pub/scm/libs/libtrace/libtracefs.git/
 Source0: https://git.kernel.org/pub/scm/libs/libtrace/libtracefs.git/snapshot/libtracefs-%{version}.tar.gz
+Patch0: libtracefs-Call-va_end-before-exiting-tracefs_hist_s.patch
+Patch1: libtracefs-Prevent-memory-leak-in-append_filer.patch
+Patch2: libtracefs-Prevent-a-memory-leak-in-update_fields.patch
+Patch3: libtracefs-Prevent-a-memory-leak-in-tracefs_synth_ad.patch
+Patch4: libtracefs-Prevent-memory-leak-in-tracefs_event_syst.patch
+Patch5: libtracefs-Don-t-leak-socket-file-descriptor-in-open.patch
+Patch6: libtracefs-Prevent-a-memory-leak-in-add_func_str.patch
+Patch7: libtracefs-Prevent-a-memory-leak-in-tracefs_system_e.patch
+Patch8: libtracefs-Prevent-a-memory-leak-in-open_cpu_files.patch
+Patch9: libtracefs-Prevent-memory-leak-in-tracefs_instance_c.patch
+Patch10: libtracefs-my_yyinput-should-return-0-when-no-data-c.patch
+Patch11: libtracefs-Prevent-memory-leak-in-tracefs_dynevent_g.patch
+Patch12: libtracefs-Close-dir-in-the-error-path-in-tracefs_sy.patch
+Patch13: libtracefs-Close-dir-in-the-error-path-in-tracefs_ev.patch
+Patch14: libtracefs-Initialize-val-in-build_filter.patch
+
 BuildRequires:  gcc
 BuildRequires:  make
 BuildRequires:  pkgconfig(libtraceevent) >= 1.8.0
@@ -23,7 +39,7 @@ Requires: %{name}%{_isa} = %{version}-%{release}
 Development headers of %{name}
 
 %prep
-%setup -q
+%autosetup -p1
 
 %build
 %set_build_flags
@@ -46,6 +62,9 @@ rm -rf %{buildroot}/%{_libdir}/libtracefs.a
 %{_libdir}/%{name}.so
 
 %changelog
+* Wed Jul 10 2024 Jerome Marchand <jmarchan@redhat.com> - 1.8.0-5
+- Fix SAST vulnerabilities (RHEL-40413)
+
 * Tue Jul 09 2024 Jerome Marchand <jmarchan@redhat.com> - 1.8.0-4
 - Build with LTO (RHEL-46715)