mcstrans-3.2-3

- Fix RESOURCE_LEAK (CWE-772)
Resolves: rhbz#1938815

0004-mcstrans-fix-RESOURCE_LEAK-CWE-772.patch

@@ -0,0 +1,63 @@
+From 52872e0193f650b1fd4ab9125453e7ebdac152bd Mon Sep 17 00:00:00 2001
+From: Petr Lautrbach <plautrba@redhat.com>
+Date: Thu, 5 Aug 2021 16:26:44 +0200
+Subject: [PATCH] mcstrans: fix RESOURCE_LEAK (CWE-772)
+
+Fixes:
+    Error: RESOURCE_LEAK (CWE-772): [#def1]
+    mcstrans-3.2/src/mcstrans.c:1527: alloc_fn: Storage is returned from allocation function "compute_trans_from_raw".
+    mcstrans-3.2/src/mcstrans.c:1527: var_assign: Assigning: "trans" = storage returned from "compute_trans_from_raw(range, domain)".
+    mcstrans-3.2/src/mcstrans.c:1529: noescape: Resource "trans" is not freed or pointed-to in "add_cache".
+    mcstrans-3.2/src/mcstrans.c:1515: overwrite_var: Overwriting "trans" in "trans = find_in_hashtable(range, domain, domain->raw_to_trans)" leaks the storage that "trans" points to.
+    # 1513|   	domain_t *domain = domains;
+    # 1514|   	for (;domain; domain = domain->next) {
+    # 1515|-> 		trans = find_in_hashtable(range, domain, domain->raw_to_trans);
+    # 1516|   		if (trans) break;
+    # 1517|
+
+    Error: RESOURCE_LEAK (CWE-772): [#def2]
+    mcstrans-3.2/src/mcstrans.c:1654: alloc_fn: Storage is returned from allocation function "compute_raw_from_trans".
+    mcstrans-3.2/src/mcstrans.c:1654: var_assign: Assigning: "raw" = storage returned from "compute_raw_from_trans(range, domain)".
+    mcstrans-3.2/src/mcstrans.c:1656: noescape: Resource "raw" is not freed or pointed-to in "find_in_hashtable".
+    mcstrans-3.2/src/mcstrans.c:1669: noescape: Resource "raw" is not freed or pointed-to in "add_cache".
+    mcstrans-3.2/src/mcstrans.c:1642: overwrite_var: Overwriting "raw" in "raw = find_in_hashtable(range, domain, domain->trans_to_raw)" leaks the storage that "raw" points to.
+    # 1640|   	domain_t *domain = domains;
+    # 1641|   	for (;domain; domain = domain->next) {
+    # 1642|-> 		raw = find_in_hashtable(range, domain, domain->trans_to_raw);
+    # 1643|   		if (raw) break;
+    # 1644|
+
+Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
+---
+ mcstrans/src/mcstrans.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/mcstrans/src/mcstrans.c b/mcstrans/src/mcstrans.c
+index 8678418a1570..4e110e02f73a 100644
+--- a/mcstrans/src/mcstrans.c
++++ b/mcstrans/src/mcstrans.c
+@@ -1598,6 +1598,10 @@ trans_context(const char *incon, char **rcon) {
+ 		}
+ 		if (dashp)
+ 			*dashp = '-';
++		if (trans) {
++			free(trans);
++			trans = NULL;
++		}
+ 	}
+ 
+ 	if (trans) {
+@@ -1769,6 +1773,10 @@ untrans_context(const char *incon, char **rcon) {
+ 		}
+ 		if (dashp)
+ 			*dashp = '-';
++		if (raw) {
++			free(raw);
++			raw = NULL;
++		}
+ 	}
+ 
+ 	if (raw) {
+-- 
+2.32.0
+

mcstrans.spec

@@ -1,7 +1,7 @@
 Summary: SELinux Translation Daemon
 Name: mcstrans
 Version: 3.2
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: GPL+
 Url: https://github.com/SELinuxProject/selinux/wiki
 Source: https://github.com/SELinuxProject/selinux/releases/download/3.2/mcstrans-3.2.tar.gz
@@ -12,6 +12,7 @@ Source2: secolor.conf.8
 Patch0001: 0001-mcstrans-Fir-RESOURCE_LEAK-and-USE_AFTER_FREE-coveri.patch
 Patch0002: 0002-mcstrans-Fix-USER_AFTER_FREE-problem.patch
 Patch0003: 0003-mcstrans-Do-not-accept-incomplete-contexts.patch
+Patch0004: 0004-mcstrans-fix-RESOURCE_LEAK-CWE-772.patch
 # Patch list end
 BuildRequires: gcc
 BuildRequires: make
@@ -94,6 +95,9 @@ install -m644 %{SOURCE2} %{buildroot}%{_mandir}/man8/
 %{_usr}/share/mcstrans/util/*
 
 %changelog
+* Thu Aug  5 2021 Petr Lautrbach <plautrba@redhat.com> - 3.2-3
+- Fix RESOURCE_LEAK (CWE-772)
+
 * Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 3.2-2
 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937