From 32aa4de0a82a966adff92e9403345291839d5f46 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 17 Dec 2019 04:21:15 -0500 Subject: [PATCH] import open-vm-tools-10.3.10-3.el8_1.1 --- .gitignore | 1 + .open-vm-tools.metadata | 1 + ...h-impersonation-in-the-case-of-error.patch | 64 ++ ...-impersonation-in-the-case-of-error2.patch | 106 +++ ...y-reported-double-memory-free-errors.patch | 225 ++++++ ...orted-issues-in-i18n.c-code-VMTools-.patch | 153 ++++ ...overity-reported-memory-leaks-in-too.patch | 120 +++ ...ialized-value-issue-reported-by-Cove.patch | 58 ++ ...ssue-reported-in-vgauth-serviceImpl-.patch | 59 ++ ...f-VGAuth-setup-fails.-Coverity-issue.patch | 47 ++ ...a-memory-leak-in-the-unicode-library.patch | 140 ++++ ...verity-reported-memory-leak-in-vgaut.patch | 52 ++ ...rivial-Coverity-reported-memory-leak.patch | 52 ++ ...tAliases-and-ListMappedAliases-9bc72.patch | 87 +++ ...in-GetFormattedCommandLine-function-.patch | 80 ++ ...memory-leak-in-SNEBuildHash-function.patch | 52 ++ ...Fix-memory-leaks-in-vix-tools-plugin.patch | 102 +++ ...n-FileRotateByRenumber-Coverity-scan.patch | 47 ++ ...verity-issues-reported-by-a-customer.patch | 61 ++ ...ew-leaks-and-improved-error-handling.patch | 174 +++++ ...11.c-code-generating-unnecessary-Cov.patch | 115 +++ SOURCES/vgauthd.service | 12 + SOURCES/vmtoolsd-init.service | 14 + SOURCES/vmtoolsd.service | 16 + SPECS/open-vm-tools.spec | 736 ++++++++++++++++++ 25 files changed, 2574 insertions(+) create mode 100644 .gitignore create mode 100644 .open-vm-tools.metadata create mode 100644 SOURCES/ovt-End-VGAuth-impersonation-in-the-case-of-error.patch create mode 100644 SOURCES/ovt-End-VGAuth-impersonation-in-the-case-of-error2.patch create mode 100644 SOURCES/ovt-Fix-Coverity-reported-double-memory-free-errors.patch create mode 100644 SOURCES/ovt-Fix-Coverity-reported-issues-in-i18n.c-code-VMTools-.patch create mode 100644 SOURCES/ovt-Fix-RH-Covscan-Coverity-reported-memory-leaks-in-too.patch create mode 100644 SOURCES/ovt-Fix-Using-uninitialized-value-issue-reported-by-Cove.patch create mode 100644 SOURCES/ovt-Fix-a-Coverity-issue-reported-in-vgauth-serviceImpl-.patch create mode 100644 SOURCES/ovt-Fix-a-leak-if-VGAuth-setup-fails.-Coverity-issue.patch create mode 100644 SOURCES/ovt-Fix-a-memory-leak-in-the-unicode-library.patch create mode 100644 SOURCES/ovt-Fix-a-trivial-Coverity-reported-memory-leak-in-vgaut.patch create mode 100644 SOURCES/ovt-Fix-a-trivial-Coverity-reported-memory-leak.patch create mode 100644 SOURCES/ovt-Fix-leaks-in-ListAliases-and-ListMappedAliases-9bc72.patch create mode 100644 SOURCES/ovt-Fix-memory-leak-in-GetFormattedCommandLine-function-.patch create mode 100644 SOURCES/ovt-Fix-memory-leak-in-SNEBuildHash-function.patch create mode 100644 SOURCES/ovt-Fix-memory-leaks-in-vix-tools-plugin.patch create mode 100644 SOURCES/ovt-Fix-minor-leak-in-FileRotateByRenumber-Coverity-scan.patch create mode 100644 SOURCES/ovt-Fix-two-coverity-issues-reported-by-a-customer.patch create mode 100644 SOURCES/ovt-Fixes-for-few-leaks-and-improved-error-handling.patch create mode 100644 SOURCES/ovt-copyPasteCompatX11.c-code-generating-unnecessary-Cov.patch create mode 100644 SOURCES/vgauthd.service create mode 100644 SOURCES/vmtoolsd-init.service create mode 100644 SOURCES/vmtoolsd.service create mode 100644 SPECS/open-vm-tools.spec diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..c32c619 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/open-vm-tools-10.3.10-12406962.tar.gz diff --git a/.open-vm-tools.metadata b/.open-vm-tools.metadata new file mode 100644 index 0000000..55389fd --- /dev/null +++ b/.open-vm-tools.metadata @@ -0,0 +1 @@ +4f5fcf3f098aaddd3da24caa772575505e286ed7 SOURCES/open-vm-tools-10.3.10-12406962.tar.gz diff --git a/SOURCES/ovt-End-VGAuth-impersonation-in-the-case-of-error.patch b/SOURCES/ovt-End-VGAuth-impersonation-in-the-case-of-error.patch new file mode 100644 index 0000000..2675bb8 --- /dev/null +++ b/SOURCES/ovt-End-VGAuth-impersonation-in-the-case-of-error.patch @@ -0,0 +1,64 @@ +From 65f14ca791ac6636ad7d8a3d59941e52a5e3188c Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Thu, 25 Jul 2019 12:32:24 +0200 +Subject: [PATCH 01/16] End VGAuth impersonation in the case of error. + +RH-Author: Cathy Avery +Message-id: <20190725123239.18274-2-cavery@redhat.com> +Patchwork-id: 89711 +O-Subject: [RHEL8.1 open-vm-tools PATCH 01/16] End VGAuth impersonation in the case of error. +Bugzilla: 1602648 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit 1535eb36e8293d753c29f1eaf6cd6d2165efb1ca +Author: Oliver Kurth +Date: Tue Sep 4 15:40:58 2018 -0700 + + End VGAuth impersonation in the case of error. + + * In GuestAuthPasswordAuthenticateImpersonate(): + When VGAuth_UserHandleAccessToken fails, unimpersonation is not + being done. This can cause issues. Fixed it. + + * In GuestAuthSAMLAuthenticateAndImpersonate(), fixed the following issues: + The 'newHandle' is not being freed which causes a memory leak. + When VGAuth_UserHandleAccessToken fails, unimpersonation is not + being done. + +Signed-off-by: Cathy Avery + +Partial port: Only the parts of the patch that addesses the coverity defects were backported. + +Signed-off-by: Miroslav Rezanina +--- + open-vm-tools/services/plugins/vix/vixTools.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/services/plugins/vix/vixTools.c b/services/plugins/vix/vixTools.c +index 55b1f0a..2355beb 100644 +--- a/services/plugins/vix/vixTools.c ++++ b/services/plugins/vix/vixTools.c +@@ -11630,8 +11630,8 @@ GuestAuthSAMLAuthenticateAndImpersonate( + { + #if SUPPORT_VGAUTH + VixError err; +- char *token; +- char *username; ++ char *token = NULL; ++ char *username = NULL; + VGAuthContext *ctx = NULL; + VGAuthError vgErr; + VGAuthUserHandle *newHandle = NULL; +@@ -11742,6 +11742,8 @@ impersonate: + err = VIX_OK; + + done: ++ Util_ZeroFreeString(token); ++ Util_ZeroFreeString(username); + + return err; + #else +-- +1.8.3.1 + diff --git a/SOURCES/ovt-End-VGAuth-impersonation-in-the-case-of-error2.patch b/SOURCES/ovt-End-VGAuth-impersonation-in-the-case-of-error2.patch new file mode 100644 index 0000000..523267b --- /dev/null +++ b/SOURCES/ovt-End-VGAuth-impersonation-in-the-case-of-error2.patch @@ -0,0 +1,106 @@ +From 44f00e9dc569e7ec89251b415e156df0cb59ea07 Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Tue, 19 Nov 2019 14:16:05 +0100 +Subject: [PATCH 2/3] End VGAuth impersonation in the case of error. + +RH-Author: Cathy Avery +Message-id: <20191119141606.5322-3-cavery@redhat.com> +Patchwork-id: 92512 +O-Subject: [RHEL8.1.z open-vm-tools PATCH 2/3] End VGAuth impersonation in the case of error. +Bugzilla: 1773903 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit 7b874f37f970aab2adddb063a8363594f47abf70 +Author: Oliver Kurth +Date: Tue Sep 4 15:40:58 2018 -0700 + + End VGAuth impersonation in the case of error. + + * In GuestAuthPasswordAuthenticateImpersonate(): + When VGAuth_UserHandleAccessToken fails, unimpersonation is not + being done. This can cause issues. Fixed it. + + * In GuestAuthSAMLAuthenticateAndImpersonate(), fixed the following issues: + The 'newHandle' is not being freed which causes a memory leak. + When VGAuth_UserHandleAccessToken fails, unimpersonation is not + being done. + +Signed-off-by: Cathy Avery + +Conflicts: There was previously a parital port of this patch +commit 65f14ca791ac6636ad7d8a3d59941e52a5e3188c of coverity fixes only. + +Signed-off-by: Miroslav Rezanina +--- + services/plugins/vix/vixTools.c | 19 +++++++++++++++++++ + 1 file changed, 19 insertions(+) + +diff --git a/services/plugins/vix/vixTools.c b/services/plugins/vix/vixTools.c +index 2d60b86..7df91de 100644 +--- a/services/plugins/vix/vixTools.c ++++ b/services/plugins/vix/vixTools.c +@@ -11552,6 +11552,7 @@ GuestAuthPasswordAuthenticateImpersonate( + VGAuthError vgErr; + VGAuthUserHandle *newHandle = NULL; + VGAuthExtraParams extraParams[1]; ++ Bool impersonated = FALSE; + + extraParams[0].name = VGAUTH_PARAM_LOAD_USER_PROFILE; + extraParams[0].value = VGAUTH_PARAM_VALUE_TRUE; +@@ -11587,6 +11588,8 @@ GuestAuthPasswordAuthenticateImpersonate( + goto done; + } + ++ impersonated = TRUE; ++ + #ifdef _WIN32 + // this is making a copy of the token, be sure to close it + vgErr = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken); +@@ -11606,6 +11609,10 @@ done: + Util_ZeroFreeString(password); + + if (VIX_OK != err) { ++ if (impersonated) { ++ vgErr = VGAuth_EndImpersonation(ctx); ++ ASSERT(vgErr == VGAUTH_E_OK); ++ } + VGAuth_UserHandleFree(newHandle); + newHandle = NULL; + } +@@ -11646,6 +11653,7 @@ GuestAuthSAMLAuthenticateAndImpersonate( + VGAuthError vgErr; + VGAuthUserHandle *newHandle = NULL; + VGAuthExtraParams extraParams[1]; ++ Bool impersonated = FALSE; + + extraParams[0].name = VGAUTH_PARAM_LOAD_USER_PROFILE; + extraParams[0].value = VGAUTH_PARAM_VALUE_TRUE; +@@ -11737,6 +11745,8 @@ impersonate: + goto done; + } + ++ impersonated = TRUE; ++ + #ifdef _WIN32 + // this is making a copy of the token, be sure to close it + vgErr = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken); +@@ -11755,6 +11765,15 @@ done: + Util_ZeroFreeString(token); + Util_ZeroFreeString(username); + ++ if (VIX_OK != err) { ++ if (impersonated) { ++ vgErr = VGAuth_EndImpersonation(ctx); ++ ASSERT(vgErr == VGAUTH_E_OK); ++ } ++ VGAuth_UserHandleFree(newHandle); ++ newHandle = NULL; ++ } ++ + return err; + #else + return VIX_E_NOT_SUPPORTED; +-- +1.8.3.1 + diff --git a/SOURCES/ovt-Fix-Coverity-reported-double-memory-free-errors.patch b/SOURCES/ovt-Fix-Coverity-reported-double-memory-free-errors.patch new file mode 100644 index 0000000..f672730 --- /dev/null +++ b/SOURCES/ovt-Fix-Coverity-reported-double-memory-free-errors.patch @@ -0,0 +1,225 @@ +From d477b6e21915d5099018f4fc4b60f257bb593d72 Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Thu, 25 Jul 2019 12:32:33 +0200 +Subject: [PATCH 10/16] Fix Coverity-reported double memory free errors. + +RH-Author: Cathy Avery +Message-id: <20190725123239.18274-11-cavery@redhat.com> +Patchwork-id: 89725 +O-Subject: [RHEL8.1 open-vm-tools PATCH 10/16] Fix Coverity-reported double memory free errors. +Bugzilla: 1602648 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit 801df14f0e2b32aea17771bbd33d65140ff2361c +Author: Oliver Kurth +Date: Wed May 8 15:27:19 2019 -0700 + + Fix Coverity-reported double memory free errors. + + Similar double memory free errors were reported in each of two + functions, VixToolsListAuthAliases and VixToolsListMappedAliases. + The fixes for each function are similar: be consistent in using + tmpBuf2 (renamed tmpBuf) as the pointer to the overall buffer being + computed and tmpBuf (renamed nextBuf) as the "next" version of the + buffer. Specifically, in the computation of recordBuf following exit + from the for loop, use the variable formerly known as tmpBuf2 rather + than the one formerly known as tmpBuf. + + The variables were renamed in an attempt to distinguish more clearly + between them and how they are used. Also, with these changes in + place, it's evident that there's no need to free nextBuf in the abort + case and as a result its scope can be limited. + +Signed-off-by: Cathy Avery +Signed-off-by: Miroslav Rezanina +--- + open-vm-tools/services/plugins/vix/vixTools.c | 88 ++++++++++++++------------- + 1 file changed, 45 insertions(+), 43 deletions(-) + +diff --git a/services/plugins/vix/vixTools.c b/services/plugins/vix/vixTools.c +index 2355beb..ef26742 100644 +--- a/services/plugins/vix/vixTools.c ++++ b/services/plugins/vix/vixTools.c +@@ -9616,7 +9616,6 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN + char *destPtr; + char *endDestPtr; + char *tmpBuf = NULL; +- char *tmpBuf2 = NULL; + char *recordBuf; + size_t recordSize; + char *escapedStr = NULL; +@@ -9681,15 +9680,17 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN + err = VIX_E_OUT_OF_MEMORY; + goto abort; + } +- tmpBuf2 = Str_Asprintf(NULL, "%s", +- escapedStr); ++ tmpBuf = Str_Asprintf(NULL, "%s", ++ escapedStr); + free(escapedStr); + escapedStr = NULL; +- if (tmpBuf2 == NULL) { ++ if (tmpBuf == NULL) { + err = VIX_E_OUT_OF_MEMORY; + goto abort; + } + for (j = 0; j < uaList[i].numInfos; j++) { ++ char *nextBuf; ++ + if (uaList[i].infos[j].comment) { + escapedStr = VixToolsEscapeXMLString(uaList[i].infos[j].comment); + if (escapedStr == NULL) { +@@ -9704,25 +9705,26 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN + goto abort; + } + } +- tmpBuf = Str_Asprintf(NULL, +- "%s" +- "" +- "%d" +- "%s" +- "%s" +- "", +- tmpBuf2, +- (uaList[i].infos[j].subject.type == VGAUTH_SUBJECT_NAMED) +- ? VIX_GUEST_AUTH_SUBJECT_TYPE_NAMED : +- VIX_GUEST_AUTH_SUBJECT_TYPE_ANY, +- escapedStr2 ? escapedStr2 : "", +- escapedStr ? escapedStr : ""); +- if (tmpBuf == NULL) { ++ nextBuf = Str_Asprintf(NULL, ++ "%s" ++ "" ++ "%d" ++ "%s" ++ "%s" ++ "", ++ tmpBuf, ++ (uaList[i].infos[j].subject.type == ++ VGAUTH_SUBJECT_NAMED) ? ++ VIX_GUEST_AUTH_SUBJECT_TYPE_NAMED : ++ VIX_GUEST_AUTH_SUBJECT_TYPE_ANY, ++ escapedStr2 ? escapedStr2 : "", ++ escapedStr ? escapedStr : ""); ++ if (nextBuf == NULL) { + err = VIX_E_OUT_OF_MEMORY; + goto abort; + } +- free(tmpBuf2); +- tmpBuf2 = tmpBuf; ++ free(tmpBuf); ++ tmpBuf = nextBuf; + free(escapedStr); + escapedStr = NULL; + free(escapedStr2); +@@ -9732,7 +9734,7 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN + "%s", + tmpBuf); + free(tmpBuf); +- tmpBuf = tmpBuf2 = NULL; ++ tmpBuf = NULL; + if (recordBuf == NULL) { + err = VIX_E_OUT_OF_MEMORY; + goto abort; +@@ -9752,7 +9754,6 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN + + abort: + free(tmpBuf); +- free(tmpBuf2); + free(escapedStr); + free(escapedStr2); + VGAuth_FreeUserAliasList(num, uaList); +@@ -9812,7 +9813,6 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN + char *destPtr; + char *endDestPtr; + char *tmpBuf = NULL; +- char *tmpBuf2 = NULL; + char *recordBuf; + char *escapedStr = NULL; + char *escapedStr2 = NULL; +@@ -9876,19 +9876,21 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN + err = VIX_E_OUT_OF_MEMORY; + goto abort; + } +- tmpBuf2 = Str_Asprintf(NULL, "%s" +- "%s", +- escapedStr, +- escapedStr2); ++ tmpBuf = Str_Asprintf(NULL, "%s" ++ "%s", ++ escapedStr, ++ escapedStr2); + g_free(escapedStr2); + g_free(escapedStr); + escapedStr = NULL; + escapedStr2 = NULL; +- if (tmpBuf2 == NULL) { ++ if (tmpBuf == NULL) { + err = VIX_E_OUT_OF_MEMORY; + goto abort; + } + for (j = 0; j < maList[i].numSubjects; j++) { ++ char *nextBuf; ++ + if (maList[i].subjects[j].type == VGAUTH_SUBJECT_NAMED) { + escapedStr = VixToolsEscapeXMLString(maList[i].subjects[j].val.name); + if (escapedStr == NULL) { +@@ -9896,23 +9898,24 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN + goto abort; + } + } +- tmpBuf = Str_Asprintf(NULL, +- "%s" +- "" +- "%d" +- "%s" +- "", +- tmpBuf2, +- (maList[i].subjects[j].type == VGAUTH_SUBJECT_NAMED) +- ? VIX_GUEST_AUTH_SUBJECT_TYPE_NAMED : +- VIX_GUEST_AUTH_SUBJECT_TYPE_ANY, ++ nextBuf = Str_Asprintf(NULL, ++ "%s" ++ "" ++ "%d" ++ "%s" ++ "", ++ tmpBuf, ++ (maList[i].subjects[j].type == ++ VGAUTH_SUBJECT_NAMED) ? ++ VIX_GUEST_AUTH_SUBJECT_TYPE_NAMED : ++ VIX_GUEST_AUTH_SUBJECT_TYPE_ANY, + escapedStr ? escapedStr : ""); +- if (tmpBuf == NULL) { ++ if (nextBuf == NULL) { + err = VIX_E_OUT_OF_MEMORY; + goto abort; + } +- free(tmpBuf2); +- tmpBuf2 = tmpBuf; ++ free(tmpBuf); ++ tmpBuf = nextBuf; + free(escapedStr); + escapedStr = NULL; + } +@@ -9920,7 +9923,7 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN + "%s", + tmpBuf); + free(tmpBuf); +- tmpBuf = tmpBuf2 = NULL; ++ tmpBuf = NULL; + if (recordBuf == NULL) { + err = VIX_E_OUT_OF_MEMORY; + goto abort; +@@ -9940,7 +9943,6 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN + + abort: + free(tmpBuf); +- free(tmpBuf2); + free(escapedStr); + free(escapedStr2); + VGAuth_FreeMappedAliasList(num, maList); +-- +1.8.3.1 + diff --git a/SOURCES/ovt-Fix-Coverity-reported-issues-in-i18n.c-code-VMTools-.patch b/SOURCES/ovt-Fix-Coverity-reported-issues-in-i18n.c-code-VMTools-.patch new file mode 100644 index 0000000..b54af56 --- /dev/null +++ b/SOURCES/ovt-Fix-Coverity-reported-issues-in-i18n.c-code-VMTools-.patch @@ -0,0 +1,153 @@ +From bbfccc2561b125971d714baba5c4aa97e6fdd181 Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Thu, 25 Jul 2019 12:32:29 +0200 +Subject: [PATCH 06/16] Fix Coverity reported issues in i18n.c code - VMTools & + VGAuth + +RH-Author: Cathy Avery +Message-id: <20190725123239.18274-7-cavery@redhat.com> +Patchwork-id: 89713 +O-Subject: [RHEL8.1 open-vm-tools PATCH 06/16] Fix Coverity reported issues in i18n.c code - VMTools & VGAuth +Bugzilla: 1602648 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit 642d7a61db13969f9fb654ad1cc0d879bf680612 +Author: Oliver Kurth +Date: Tue Apr 30 13:24:25 2019 -0700 + + Fix Coverity reported issues in i18n.c code - VMTools & VGAuth + + bora-vmsoft/apps/vmtoolsbib/i18n.c: MsgLoadCatalog() + - Coverity reported memory leak when an error is encountered parsing a + line from a message catalog. + - Second memory leak on error missed. + + bora-vmsoft/vgauth/common/i18n.c: MsgLoadCatalog() + - Coverity reported some dead code. + - Missed reporting memory leak when error is encountered parsing a + line from a message catalog. + +Signed-off-by: Cathy Avery + +Conflicts: Minor copyright +Signed-off-by: Miroslav Rezanina +--- + open-vm-tools/libvmtools/i18n.c | 10 ++++++---- + open-vm-tools/vgauth/common/i18n.c | 19 +++++++++---------- + 2 files changed, 15 insertions(+), 14 deletions(-) + +diff --git a/libvmtools/i18n.c b/libvmtools/i18n.c +index e4803ab..7dc0092 100644 +--- a/libvmtools/i18n.c ++++ b/libvmtools/i18n.c +@@ -1,5 +1,5 @@ + /********************************************************* +- * Copyright (C) 2010-2016 VMware, Inc. All rights reserved. ++ * Copyright (C) 2010-2019 VMware, Inc. All rights reserved. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published +@@ -604,7 +604,7 @@ MsgLoadCatalog(const char *path) + + /* + * If not a continuation line and we have a name, break out of the +- * inner loop to update the dictionaty. ++ * inner loop to update the dictionary. + */ + if (!cont && name != NULL) { + g_free(line); +@@ -624,6 +624,8 @@ MsgLoadCatalog(const char *path) + } + + if (error) { ++ free(name); ++ free(value); + break; + } + +@@ -634,6 +636,8 @@ MsgLoadCatalog(const char *path) + !Unicode_IsBufferValid(value, strlen(value) + 1, STRING_ENCODING_UTF8)) { + g_warning("Invalid UTF-8 string in message catalog (key = %s)\n", name); + error = TRUE; ++ free(name); ++ free(value); + break; + } + +@@ -641,8 +645,6 @@ MsgLoadCatalog(const char *path) + HashTable_ReplaceOrInsert(dict, name, g_strdup(value)); + free(name); + free(value); +- name = NULL; +- value = NULL; + } + + if (eof) { +diff --git a/vgauth/common/i18n.c b/vgauth/common/i18n.c +index 85a435a..5580765 100644 +--- a/vgauth/common/i18n.c ++++ b/vgauth/common/i18n.c +@@ -1,5 +1,5 @@ + /********************************************************* +- * Copyright (C) 2011-2017 VMware, Inc. All rights reserved. ++ * Copyright (C) 2011-2019 VMware, Inc. All rights reserved. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published +@@ -571,7 +571,6 @@ MsgLoadCatalog(const char *path) + g_free, + g_free); + for (;;) { +- gboolean eof = FALSE; + char *name = NULL; + char *value = NULL; + gchar *line; +@@ -593,7 +592,7 @@ MsgLoadCatalog(const char *path) + } + + if (line == NULL) { +- eof = TRUE; ++ /* This signifies EOF. */ + break; + } + +@@ -619,6 +618,10 @@ MsgLoadCatalog(const char *path) + g_free(line); + + if (error) { ++ /* ++ * If the local DictLL_UnmarshalLine() returns NULL, name and value ++ * will remain NULL pointers. No malloc'ed memory to free here. ++ */ + break; + } + +@@ -630,6 +633,8 @@ MsgLoadCatalog(const char *path) + !g_utf8_validate(value, -1, NULL)) { + g_warning("Invalid UTF-8 string in message catalog (key = %s)\n", name); + error = TRUE; ++ g_free(name); ++ g_free(value); + break; + } + +@@ -637,14 +642,8 @@ MsgLoadCatalog(const char *path) + val = g_strcompress(value); + g_free(value); + +- // the hashtable takes ownership of the memory for 'name' and 'value' ++ // the hashtable takes ownership of the memory for 'name' and 'val' + g_hash_table_insert(dict, name, val); +- name = NULL; +- value = NULL; +- } +- +- if (eof) { +- break; + } + } + +-- +1.8.3.1 + diff --git a/SOURCES/ovt-Fix-RH-Covscan-Coverity-reported-memory-leaks-in-too.patch b/SOURCES/ovt-Fix-RH-Covscan-Coverity-reported-memory-leaks-in-too.patch new file mode 100644 index 0000000..860ee34 --- /dev/null +++ b/SOURCES/ovt-Fix-RH-Covscan-Coverity-reported-memory-leaks-in-too.patch @@ -0,0 +1,120 @@ +From 0b243aef3307a07fd12171dc82ee3d3b867c3f49 Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Thu, 25 Jul 2019 12:32:35 +0200 +Subject: [PATCH 12/16] Fix [RH Covscan] Coverity reported memory leaks in + toolboxcmd-stat.c. + +RH-Author: Cathy Avery +Message-id: <20190725123239.18274-13-cavery@redhat.com> +Patchwork-id: 89724 +O-Subject: [RHEL8.1 open-vm-tools PATCH 12/16] Fix [RH Covscan] Coverity reported memory leaks in toolboxcmd-stat.c. +Bugzilla: 1602648 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit 46cb6aa361cc8b1d287e3b9b77bf86819b4b1fc5 +Author: Oliver Kurth +Date: Wed May 22 13:09:37 2019 -0700 + + Fix [RH Covscan] Coverity reported memory leaks in toolboxcmd-stat.c. + +Signed-off-by: Cathy Avery +Signed-off-by: Miroslav Rezanina +--- + open-vm-tools/toolbox/toolboxcmd-stat.c | 19 +++++++++++-------- + 1 file changed, 11 insertions(+), 8 deletions(-) + +diff --git a/toolbox/toolboxcmd-stat.c b/toolbox/toolboxcmd-stat.c +index 764e4ae..cdd3a70 100644 +--- a/toolbox/toolboxcmd-stat.c ++++ b/toolbox/toolboxcmd-stat.c +@@ -1,5 +1,5 @@ + /********************************************************* +- * Copyright (C) 2008-2016 VMware, Inc. All rights reserved. ++ * Copyright (C) 2008-2016,2019 VMware, Inc. All rights reserved. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published +@@ -56,6 +56,7 @@ OpenHandle(VMGuestLibHandle *glHandle, // OUT: The guestlib handle + ToolsCmd_PrintErr(SU_(stat.openhandle.failed, + "OpenHandle failed: %s\n"), + VMGuestLib_GetErrorText(*glError)); ++ *glHandle = NULL; + return EX_UNAVAILABLE; + } + *glError = VMGuestLib_UpdateInfo(*glHandle); +@@ -63,6 +64,8 @@ OpenHandle(VMGuestLibHandle *glHandle, // OUT: The guestlib handle + ToolsCmd_PrintErr(SU_(stat.update.failed, + "UpdateInfo failed: %s\n"), + VMGuestLib_GetErrorText(*glError)); ++ VMGuestLib_CloseHandle(*glHandle); ++ *glHandle = NULL; + return EX_TEMPFAIL; + } + return 0; // We don't return EXIT_SUCCESSS to indicate that this is not +@@ -192,7 +195,7 @@ StatHostTime(void) + static int + StatGetSessionID(void) + { +- int exitStatus = EXIT_SUCCESS; ++ int exitStatus; + uint64 session; + VMGuestLibHandle glHandle; + VMGuestLibError glError; +@@ -236,7 +239,7 @@ StatGetSessionID(void) + static int + StatGetMemoryBallooned(void) + { +- int exitStatus = EXIT_SUCCESS; ++ int exitStatus; + uint32 memBallooned; + VMGuestLibHandle glHandle; + VMGuestLibError glError; +@@ -280,7 +283,7 @@ StatGetMemoryBallooned(void) + static int + StatGetMemoryReservation(void) + { +- int exitStatus = EXIT_SUCCESS; ++ int exitStatus; + uint32 memReservation; + VMGuestLibHandle glHandle; + VMGuestLibError glError; +@@ -325,7 +328,7 @@ StatGetMemoryReservation(void) + static int + StatGetMemorySwapped(void) + { +- int exitStatus = EXIT_SUCCESS; ++ int exitStatus; + uint32 memSwapped; + VMGuestLibHandle glHandle; + VMGuestLibError glError; +@@ -369,7 +372,7 @@ StatGetMemorySwapped(void) + static int + StatGetMemoryLimit(void) + { +- int exitStatus = EXIT_SUCCESS; ++ int exitStatus; + uint32 memLimit; + VMGuestLibHandle glHandle; + VMGuestLibError glError; +@@ -413,7 +416,7 @@ StatGetMemoryLimit(void) + static int + StatGetCpuReservation(void) + { +- int exitStatus = EXIT_SUCCESS; ++ int exitStatus; + uint32 cpuReservation; + VMGuestLibHandle glHandle; + VMGuestLibError glError; +@@ -457,7 +460,7 @@ StatGetCpuReservation(void) + static int + StatGetCpuLimit(void) + { +- int exitStatus = EXIT_SUCCESS; ++ int exitStatus; + uint32 cpuLimit; + VMGuestLibHandle glHandle; + VMGuestLibError glError; +-- +1.8.3.1 + diff --git a/SOURCES/ovt-Fix-Using-uninitialized-value-issue-reported-by-Cove.patch b/SOURCES/ovt-Fix-Using-uninitialized-value-issue-reported-by-Cove.patch new file mode 100644 index 0000000..321305c --- /dev/null +++ b/SOURCES/ovt-Fix-Using-uninitialized-value-issue-reported-by-Cove.patch @@ -0,0 +1,58 @@ +From e94fc95c580ce75ccc34793ffb000d9765ebe3d3 Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Thu, 25 Jul 2019 12:32:36 +0200 +Subject: [PATCH 13/16] Fix 'Using uninitialized value' issue reported by + Coverity. + +RH-Author: Cathy Avery +Message-id: <20190725123239.18274-14-cavery@redhat.com> +Patchwork-id: 89714 +O-Subject: [RHEL8.1 open-vm-tools PATCH 13/16] Fix 'Using uninitialized value' issue reported by Coverity. +Bugzilla: 1602648 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit f456a5938662175b914ffcb53c6284835476268f +Author: Oliver Kurth +Date: Mon Jun 17 11:41:37 2019 -0700 + + Fix 'Using uninitialized value' issue reported by Coverity. + + * In a error code path, 'exitCode' variable is used without + any initialization. This issue was reported by the Coverity. + Fixed it by initializing the 'exitCode' to -1. + + * While fixing this, moved the variables to the if block where + they are acutally used. + +Signed-off-by: Cathy Avery +Signed-off-by: Miroslav Rezanina +--- + open-vm-tools/lib/procMgr/procMgrPosix.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/lib/procMgr/procMgrPosix.c b/lib/procMgr/procMgrPosix.c +index 3ff98eb..fe26d42 100644 +--- a/lib/procMgr/procMgrPosix.c ++++ b/lib/procMgr/procMgrPosix.c +@@ -1582,8 +1582,6 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line + ProcMgr_AsyncProc *asyncProc = NULL; + pid_t pid; + int fds[2]; +- Bool validExitCode = FALSE; +- int exitCode; + pid_t resultPid; + int readFd, writeFd; + +@@ -1608,6 +1606,8 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line + int i, maxfd; + Bool status = TRUE; + pid_t childPid = -1; ++ Bool validExitCode = FALSE; ++ int exitCode = -1; + + /* + * Child +-- +1.8.3.1 + diff --git a/SOURCES/ovt-Fix-a-Coverity-issue-reported-in-vgauth-serviceImpl-.patch b/SOURCES/ovt-Fix-a-Coverity-issue-reported-in-vgauth-serviceImpl-.patch new file mode 100644 index 0000000..b937b75 --- /dev/null +++ b/SOURCES/ovt-Fix-a-Coverity-issue-reported-in-vgauth-serviceImpl-.patch @@ -0,0 +1,59 @@ +From d14e2604b04f1b6b28eaa281f7760c89b2d2b4eb Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Thu, 25 Jul 2019 12:32:38 +0200 +Subject: [PATCH 15/16] Fix a Coverity issue reported in + vgauth/serviceImpl/verify.c + +RH-Author: Cathy Avery +Message-id: <20190725123239.18274-16-cavery@redhat.com> +Patchwork-id: 89718 +O-Subject: [RHEL8.1 open-vm-tools PATCH 15/16] Fix a Coverity issue reported in vgauth/serviceImpl/verify.c +Bugzilla: 1602648 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit 0c6ad5edceca60dc05eb9f3b1ee6ac42dc0455ef +Author: Oliver Kurth +Date: Wed Jul 3 14:28:56 2019 -0700 + + Fix a Coverity issue reported in vgauth/serviceImpl/verify.c + +Signed-off-by: Cathy Avery + +Conflicts: Minor copyright change +Signed-off-by: Miroslav Rezanina +--- + open-vm-tools/vgauth/serviceImpl/verify.c | 10 ++-------- + 1 file changed, 2 insertions(+), 8 deletions(-) + +diff --git a/vgauth/serviceImpl/verify.c b/vgauth/serviceImpl/verify.c +index e9a7531..9f90a79 100644 +--- a/vgauth/serviceImpl/verify.c ++++ b/vgauth/serviceImpl/verify.c +@@ -1,5 +1,5 @@ + /********************************************************* +- * Copyright (C) 2011-2017 VMware, Inc. All rights reserved. ++ * Copyright (C) 2011-2019 VMware, Inc. All rights reserved. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published +@@ -42,15 +42,9 @@ + VGAuthError + ServiceInitVerify(void) + { +- VGAuthError err; + + CertVerify_Init(); +- err = SAML_Init(); +- if (err != VGAUTH_E_OK) { +- goto done; +- } +-done: +- return err; ++ return SAML_Init(); + } + + +-- +1.8.3.1 + diff --git a/SOURCES/ovt-Fix-a-leak-if-VGAuth-setup-fails.-Coverity-issue.patch b/SOURCES/ovt-Fix-a-leak-if-VGAuth-setup-fails.-Coverity-issue.patch new file mode 100644 index 0000000..d7b904a --- /dev/null +++ b/SOURCES/ovt-Fix-a-leak-if-VGAuth-setup-fails.-Coverity-issue.patch @@ -0,0 +1,47 @@ +From 2b3c17a1036e1b0db85fef8b1033505949cf7079 Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Thu, 25 Jul 2019 12:32:26 +0200 +Subject: [PATCH 03/16] Fix a leak if VGAuth setup fails. Coverity issue + +RH-Author: Cathy Avery +Message-id: <20190725123239.18274-4-cavery@redhat.com> +Patchwork-id: 89709 +O-Subject: [RHEL8.1 open-vm-tools PATCH 03/16] Fix a leak if VGAuth setup fails. Coverity issue +Bugzilla: 1602648 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit 82169f198925c9aa27bd04fd665eac67396adbe7 +Author: Oliver Kurth +Date: Mon Apr 15 11:33:00 2019 -0700 + + Fix a leak if VGAuth setup fails. Coverity issue + +Signed-off-by: Cathy Avery +Signed-off-by: Miroslav Rezanina +--- + open-vm-tools/vgauth/serviceImpl/service.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/vgauth/serviceImpl/service.c b/vgauth/serviceImpl/service.c +index 6779530..d471652 100644 +--- a/vgauth/serviceImpl/service.c ++++ b/vgauth/serviceImpl/service.c +@@ -1,5 +1,5 @@ + /********************************************************* +- * Copyright (C) 2011-2016 VMware, Inc. All rights reserved. ++ * Copyright (C) 2011-2016,2019 VMware, Inc. All rights reserved. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published +@@ -173,6 +173,7 @@ ServiceCreatePublicConnection(ServiceConnection **returnConn) // OUT + + if (VGAUTH_E_OK != err) { + Warning("%s: failed to setup public listen channel\n", __FUNCTION__); ++ ServiceConnectionShutdown(newConn); + return err; + } + +-- +1.8.3.1 + diff --git a/SOURCES/ovt-Fix-a-memory-leak-in-the-unicode-library.patch b/SOURCES/ovt-Fix-a-memory-leak-in-the-unicode-library.patch new file mode 100644 index 0000000..802707f --- /dev/null +++ b/SOURCES/ovt-Fix-a-memory-leak-in-the-unicode-library.patch @@ -0,0 +1,140 @@ +From e8686de42164135f78a0212e1bd8ad5b24ee60a0 Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Thu, 25 Jul 2019 12:32:30 +0200 +Subject: [PATCH 07/16] Fix a memory leak in the unicode library. + +RH-Author: Cathy Avery +Message-id: <20190725123239.18274-8-cavery@redhat.com> +Patchwork-id: 89717 +O-Subject: [RHEL8.1 open-vm-tools PATCH 07/16] Fix a memory leak in the unicode library. +Bugzilla: 1602648 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit 9e6e3afa5b5c3dc11c7aa79454ca4c8184c87bdf +Author: Oliver Kurth +Date: Tue Apr 30 13:24:25 2019 -0700 + + Fix a memory leak in the unicode library. + + Ensure that allocated strings are freed before returning a failure. + + The ASSERTs have never been known to fire; a warning in a obj + build will help with debugging. The warning should "never" happen. + +Signed-off-by: Cathy Avery +Signed-off-by: Miroslav Rezanina +--- + open-vm-tools/lib/unicode/unicodeICU.c | 30 +++++++++++++++++------------- + 1 file changed, 17 insertions(+), 13 deletions(-) + +diff --git a/lib/unicode/unicodeICU.c b/lib/unicode/unicodeICU.c +index b63932e..b9b2dbb 100644 +--- a/lib/unicode/unicodeICU.c ++++ b/lib/unicode/unicodeICU.c +@@ -1,5 +1,5 @@ + /********************************************************* +- * Copyright (C) 2008-2016 VMware, Inc. All rights reserved. ++ * Copyright (C) 2008-2019 VMware, Inc. All rights reserved. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published +@@ -275,7 +275,7 @@ Unicode_ToLower(const char *str, // IN + */ + + // Most lower-case operations don't change the length of the string. +- utf8Dest = (char *)Util_SafeMalloc(destCapacity); ++ utf8Dest = Util_SafeMalloc(destCapacity); + + caseMap = ucasemap_open(locale, 0, &status); + if (U_FAILURE(status)) { +@@ -295,7 +295,7 @@ Unicode_ToLower(const char *str, // IN + + // If we need a bigger buffer, then reallocate and retry. + destCapacity = destLen + 1; +- utf8Dest = (char *)Util_SafeRealloc(utf8Dest, destCapacity); ++ utf8Dest = Util_SafeRealloc(utf8Dest, destCapacity); + + status = U_ZERO_ERROR; + destLen = ucasemap_utf8ToLower(caseMap, +@@ -311,8 +311,9 @@ Unicode_ToLower(const char *str, // IN + if (U_SUCCESS(status) && status != U_STRING_NOT_TERMINATED_WARNING) { + result = utf8Dest; + } else { +- ASSERT(U_SUCCESS(status)); +- ASSERT(status != U_STRING_NOT_TERMINATED_WARNING); ++ DEBUG_ONLY(Warning("%s: Invalid UTF-8 string detected.\n", ++ __FUNCTION__)); ++ free(utf8Dest); + } + + return result; +@@ -356,7 +357,7 @@ Unicode_ToUpper(const char *str, // IN + char *result = NULL; + + // Most upper-case operations don't change the length of the string. +- utf8Dest = (char *)Util_SafeMalloc(destCapacity); ++ utf8Dest = Util_SafeMalloc(destCapacity); + + caseMap = ucasemap_open(locale, 0, &status); + if (U_FAILURE(status)) { +@@ -376,7 +377,7 @@ Unicode_ToUpper(const char *str, // IN + + // If we need a bigger buffer, then reallocate and retry. + destCapacity = destLen + 1; +- utf8Dest = (char *)Util_SafeRealloc(utf8Dest, destCapacity); ++ utf8Dest = Util_SafeRealloc(utf8Dest, destCapacity); + + status = U_ZERO_ERROR; + destLen = ucasemap_utf8ToUpper(caseMap, +@@ -392,13 +393,15 @@ Unicode_ToUpper(const char *str, // IN + if (U_SUCCESS(status) && status != U_STRING_NOT_TERMINATED_WARNING) { + result = utf8Dest; + } else { +- ASSERT(U_SUCCESS(status)); +- ASSERT(status != U_STRING_NOT_TERMINATED_WARNING); ++ DEBUG_ONLY(Warning("%s: Invalid UTF-8 string detected.\n", ++ __FUNCTION__)); ++ free(utf8Dest); + } + + return result; + } + ++ + /* + * "ucasemap_utf8ToTitle" is not in version 3.6 of the ICU library, + * which appears to be the default on many systems... +@@ -447,7 +450,7 @@ Unicode_ToTitle(const char *str, // IN + char *result = NULL; + + // Most title-case operations don't change the length of the string. +- utf8Dest = (char *)Util_SafeMalloc(destCapacity); ++ utf8Dest = Util_SafeMalloc(destCapacity); + + caseMap = ucasemap_open(locale, 0, &status); + if (U_FAILURE(status)) { +@@ -467,7 +470,7 @@ Unicode_ToTitle(const char *str, // IN + + // If we need a bigger buffer, then reallocate and retry. + destCapacity = destLen + 1; +- utf8Dest = (char *)Util_SafeRealloc(utf8Dest, destCapacity); ++ utf8Dest = Util_SafeRealloc(utf8Dest, destCapacity); + + status = U_ZERO_ERROR; + destLen = ucasemap_utf8ToTitle(caseMap, +@@ -483,8 +486,9 @@ Unicode_ToTitle(const char *str, // IN + if (U_SUCCESS(status) && status != U_STRING_NOT_TERMINATED_WARNING) { + result = utf8Dest; + } else { +- ASSERT(U_SUCCESS(status)); +- ASSERT(status != U_STRING_NOT_TERMINATED_WARNING); ++ DEBUG_ONLY(Warning("%s: Invalid UTF-8 string detected.\n", ++ __FUNCTION__)); ++ free(utf8Dest); + } + + return result; +-- +1.8.3.1 + diff --git a/SOURCES/ovt-Fix-a-trivial-Coverity-reported-memory-leak-in-vgaut.patch b/SOURCES/ovt-Fix-a-trivial-Coverity-reported-memory-leak-in-vgaut.patch new file mode 100644 index 0000000..6ab2f46 --- /dev/null +++ b/SOURCES/ovt-Fix-a-trivial-Coverity-reported-memory-leak-in-vgaut.patch @@ -0,0 +1,52 @@ +From f5626146057b01e07c9491183bc09f8d190a1d4c Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Thu, 25 Jul 2019 12:32:31 +0200 +Subject: [PATCH 08/16] Fix a trivial Coverity-reported memory leak in + vgauth/cli/main.c. + +RH-Author: Cathy Avery +Message-id: <20190725123239.18274-9-cavery@redhat.com> +Patchwork-id: 89715 +O-Subject: [RHEL8.1 open-vm-tools PATCH 08/16] Fix a trivial Coverity-reported memory leak in vgauth/cli/main.c. +Bugzilla: 1602648 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit 544cf1363c78d1d8c75e57d560b3650b5f667c64 +Author: Oliver Kurth +Date: Wed May 8 15:27:18 2019 -0700 + + Fix a trivial Coverity-reported memory leak in vgauth/cli/main.c. + + Call Pref_Shutdown to close the PrefHandle. + +Signed-off-by: Cathy Avery + +Conflicts: Minor copyright issue +Signed-off-by: Miroslav Rezanina +--- + open-vm-tools/vgauth/cli/main.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/vgauth/cli/main.c b/vgauth/cli/main.c +index 7209e95..6f69f19 100644 +--- a/vgauth/cli/main.c ++++ b/vgauth/cli/main.c +@@ -1,5 +1,5 @@ + /********************************************************* +- * Copyright (C) 2011-2016 VMware, Inc. All rights reserved. ++ * Copyright (C) 2011-2019 VMware, Inc. All rights reserved. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published +@@ -658,6 +658,7 @@ next: + } + + VGAuth_Shutdown(ctx); ++ Pref_Shutdown(prefs); + g_free(appName); + return (err == VGAUTH_E_OK) ? 0 : -1; + } +-- +1.8.3.1 + diff --git a/SOURCES/ovt-Fix-a-trivial-Coverity-reported-memory-leak.patch b/SOURCES/ovt-Fix-a-trivial-Coverity-reported-memory-leak.patch new file mode 100644 index 0000000..ad1c11d --- /dev/null +++ b/SOURCES/ovt-Fix-a-trivial-Coverity-reported-memory-leak.patch @@ -0,0 +1,52 @@ +From 98345ad1ae6960263f1e0c76cda6a45a2313d7e1 Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Thu, 25 Jul 2019 12:32:34 +0200 +Subject: [PATCH 11/16] Fix a trivial Coverity-reported memory leak. + +RH-Author: Cathy Avery +Message-id: <20190725123239.18274-12-cavery@redhat.com> +Patchwork-id: 89722 +O-Subject: [RHEL8.1 open-vm-tools PATCH 11/16] Fix a trivial Coverity-reported memory leak. +Bugzilla: 1602648 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit a5823224051da0318facf10e0732baa9f55334fc +Author: Oliver Kurth +Date: Wed May 8 15:27:19 2019 -0700 + + Fix a trivial Coverity-reported memory leak. + + If AuthLoadPAM doesn't find all the needed symbols from the pam + library, then dlclose the library, as is already done for + the same-named funtion in bora/lib/auth/authPosix.c. + +Signed-off-by: Cathy Avery +Signed-off-by: Miroslav Rezanina +--- + open-vm-tools/vgauth/lib/authPosix.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/vgauth/lib/authPosix.c b/vgauth/lib/authPosix.c +index dfaeb92..151e595 100644 +--- a/vgauth/lib/authPosix.c ++++ b/vgauth/lib/authPosix.c +@@ -1,5 +1,5 @@ + /********************************************************* +- * Copyright (C) 2011-2017 VMware, Inc. All rights reserved. ++ * Copyright (C) 2011-2017,2019 VMware, Inc. All rights reserved. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published +@@ -128,7 +128,7 @@ AuthLoadPAM(void) + if (!symbol) { + Warning("PAM library does not contain required function: %s\n", + dlerror()); +- ++ dlclose(pam_library); + return FALSE; + } + +-- +1.8.3.1 + diff --git a/SOURCES/ovt-Fix-leaks-in-ListAliases-and-ListMappedAliases-9bc72.patch b/SOURCES/ovt-Fix-leaks-in-ListAliases-and-ListMappedAliases-9bc72.patch new file mode 100644 index 0000000..b0e7325 --- /dev/null +++ b/SOURCES/ovt-Fix-leaks-in-ListAliases-and-ListMappedAliases-9bc72.patch @@ -0,0 +1,87 @@ +From 54da2ccfa99000a62f22820a3702331bbd131077 Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Tue, 19 Nov 2019 14:16:06 +0100 +Subject: [PATCH 3/3] Fix leaks in ListAliases and ListMappedAliases + (9bc72f0b09702754b429115658a85223cb3058bd from devel) + +RH-Author: Cathy Avery +Message-id: <20191119141606.5322-4-cavery@redhat.com> +Patchwork-id: 92513 +O-Subject: [RHEL8.1.z open-vm-tools PATCH 3/3] Fix leaks in ListAliases and ListMappedAliases (9bc72f0b09702754b429115658a85223cb3058bd from devel) +Bugzilla: 1773903 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit 26b9edbeb79d1c67b9ae73a0c97c48999c1fb503 (origin/stable-10.3.10-vix-memory-leaks) +Author: Oliver Kurth +Date: Wed Oct 2 17:48:35 2019 -0700 + + Fix leaks in ListAliases and ListMappedAliases (9bc72f0b09702754b429115658a85223cb3058bd from devel) + +Signed-off-by: Cathy Avery + +Conflicts: Previous coverity patch commit d477b6e21915d5099018f4fc4b60f257bb593d72 +Signed-off-by: Miroslav Rezanina +--- + services/plugins/vix/vixTools.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/services/plugins/vix/vixTools.c b/services/plugins/vix/vixTools.c +index 7df91de..2b9dede 100644 +--- a/services/plugins/vix/vixTools.c ++++ b/services/plugins/vix/vixTools.c +@@ -9620,7 +9620,6 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN + char *destPtr; + char *endDestPtr; + char *tmpBuf = NULL; +- char *recordBuf; + size_t recordSize; + char *escapedStr = NULL; + char *escapedStr2 = NULL; +@@ -9679,6 +9678,8 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN + destPtr += Str_Sprintf(destPtr, endDestPtr - destPtr, "%s", + VIX_XML_ESCAPED_TAG); + for (i = 0; i < num; i++) { ++ char *recordBuf = NULL; ++ + escapedStr = VixToolsEscapeXMLString(uaList[i].pemCert); + if (escapedStr == NULL) { + err = VIX_E_OUT_OF_MEMORY; +@@ -9752,6 +9753,8 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN + Log("%s: ListAuth list results too large, truncating", __FUNCTION__); + goto abort; + } ++ free(recordBuf); ++ recordBuf = NULL; + } + + *result = resultBuffer; +@@ -9817,7 +9820,6 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN + char *destPtr; + char *endDestPtr; + char *tmpBuf = NULL; +- char *recordBuf; + char *escapedStr = NULL; + char *escapedStr2 = NULL; + size_t recordSize; +@@ -9870,6 +9872,8 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN + destPtr += Str_Sprintf(destPtr, endDestPtr - destPtr, "%s", + VIX_XML_ESCAPED_TAG); + for (i = 0; i < num; i++) { ++ char *recordBuf = NULL; ++ + escapedStr = VixToolsEscapeXMLString(maList[i].pemCert); + if (escapedStr == NULL) { + err = VIX_E_OUT_OF_MEMORY; +@@ -9941,6 +9945,8 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN + Log("%s: ListMapped results too large, truncating", __FUNCTION__); + goto abort; + } ++ free(recordBuf); ++ recordBuf = NULL; + } + + *result = resultBuffer; +-- +1.8.3.1 + diff --git a/SOURCES/ovt-Fix-memory-leak-in-GetFormattedCommandLine-function-.patch b/SOURCES/ovt-Fix-memory-leak-in-GetFormattedCommandLine-function-.patch new file mode 100644 index 0000000..6b48206 --- /dev/null +++ b/SOURCES/ovt-Fix-memory-leak-in-GetFormattedCommandLine-function-.patch @@ -0,0 +1,80 @@ +From da6b1c1b22ce0386214bbc5395d4cc42529be4fb Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Thu, 25 Jul 2019 12:32:25 +0200 +Subject: [PATCH 02/16] Fix memory leak in GetFormattedCommandLine() function + (linuxDeployment.c) + +RH-Author: Cathy Avery +Message-id: <20190725123239.18274-3-cavery@redhat.com> +Patchwork-id: 89712 +O-Subject: [RHEL8.1 open-vm-tools PATCH 02/16] Fix memory leak in GetFormattedCommandLine() function (linuxDeployment.c) +Bugzilla: 1602648 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit d93219282ff7e89e3f581bf757dfd807c7568452 +Author: Oliver Kurth +Date: Thu Mar 28 12:42:59 2019 -0700 + + Fix memory leak in GetFormattedCommandLine() function (linuxDeployment.c) + + 1. There are malloc() calls happening in a loop; this function returns + NULL when one of malloc fails. If a malloc call fails in the loop, + all memory allocated in previous iterations should be freed before + the return NULL. + 2. Clear allocated resources before return NULL in this file. + 3. Add NULL check following malloc calls in this file. + 4. Encapsulate %s in () only if %s is strerror(errno), otherwise encapsulate + %s in single quotes. + 5. End with \n in sLog. + +Signed-off-by: Cathy Avery + +Partial port: Only the parts of the patch that addesses the coverity defects were backported. + +Signed-off-by: Miroslav Rezanina +--- + open-vm-tools/libDeployPkg/linuxDeployment.c | 14 +++++++++++++- + 1 file changed, 13 insertions(+), 1 deletion(-) + +diff --git a/libDeployPkg/linuxDeployment.c b/libDeployPkg/linuxDeployment.c +index 6e22aac..74b2f90 100644 +--- a/libDeployPkg/linuxDeployment.c ++++ b/libDeployPkg/linuxDeployment.c +@@ -454,6 +454,8 @@ AddToList(struct List* head, const char* token) + l = malloc(sizeof(struct List)); + if (!l) { + SetDeployError("Error allocating memory. (%s)", strerror(errno)); ++ // clear allocated resource ++ free(data); + return NULL; + } + +@@ -1495,13 +1497,23 @@ GetFormattedCommandLine(const char* command) + args = malloc((ListSize(commandTokens) + 1) * sizeof(char*)); + if (!args) { + SetDeployError("Error allocating memory."); ++ // clear resources ++ DeleteList(commandTokens); + return NULL; + } + + for(l = commandTokens, i = 0; l; l = l->next, i++) { + char* arg = malloc(strlen(l->data) + 1); + if (!arg) { +- SetDeployError("Error allocating memory.(%s)", strerror(errno)); ++ unsigned int j; ++ SetDeployError("Error allocating memory. (%s)", strerror(errno)); ++ // free allocated memories in previous iterations if any ++ for (j = 0; j < i; j++) { ++ free(args[j]); ++ } ++ free(args); ++ // clear resources ++ DeleteList(commandTokens); + return NULL; + } + +-- +1.8.3.1 + diff --git a/SOURCES/ovt-Fix-memory-leak-in-SNEBuildHash-function.patch b/SOURCES/ovt-Fix-memory-leak-in-SNEBuildHash-function.patch new file mode 100644 index 0000000..5b3b227 --- /dev/null +++ b/SOURCES/ovt-Fix-memory-leak-in-SNEBuildHash-function.patch @@ -0,0 +1,52 @@ +From ce0aed0b753b24891cf33463f69e0ceb953b826f Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Thu, 25 Jul 2019 12:32:28 +0200 +Subject: [PATCH 05/16] Fix memory leak in SNEBuildHash function. + +RH-Author: Cathy Avery +Message-id: <20190725123239.18274-6-cavery@redhat.com> +Patchwork-id: 89716 +O-Subject: [RHEL8.1 open-vm-tools PATCH 05/16] Fix memory leak in SNEBuildHash function. +Bugzilla: 1602648 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit 1b755d3e619ed40d8750532f10af5a1df6de6cda +Author: Oliver Kurth +Date: Tue Apr 30 13:24:24 2019 -0700 + + Fix memory leak in SNEBuildHash function. + + In a specific code path of the SNEBuildHash function, when the + environment variable is of the format VMWARE_*=[0|1], the value + is not freed. Fixed the memory leak. + +Signed-off-by: Cathy Avery +Signed-off-by: Miroslav Rezanina +--- + open-vm-tools/lib/system/systemLinux.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/lib/system/systemLinux.c b/lib/system/systemLinux.c +index c74d489..7d9798a 100644 +--- a/lib/system/systemLinux.c ++++ b/lib/system/systemLinux.c +@@ -1,5 +1,5 @@ + /********************************************************* +- * Copyright (C) 1998-2018 VMware, Inc. All rights reserved. ++ * Copyright (C) 1998-2019 VMware, Inc. All rights reserved. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published +@@ -607,6 +607,8 @@ SNEBuildHash(const char **compatEnviron) + char *realValue = (value[0] == '0') + ? NULL + : Util_SafeStrdup(&value[1]); ++ free(value); ++ value = NULL; + HashTable_ReplaceOrInsert(environTable, realKey, realValue); + } else { + HashTable_LookupOrInsert(environTable, key, value); +-- +1.8.3.1 + diff --git a/SOURCES/ovt-Fix-memory-leaks-in-vix-tools-plugin.patch b/SOURCES/ovt-Fix-memory-leaks-in-vix-tools-plugin.patch new file mode 100644 index 0000000..b7537c0 --- /dev/null +++ b/SOURCES/ovt-Fix-memory-leaks-in-vix-tools-plugin.patch @@ -0,0 +1,102 @@ +From af8a6eab2759aafeffc5ae47aed33492eb092b51 Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Tue, 19 Nov 2019 14:16:04 +0100 +Subject: [PATCH 1/3] Fix memory leaks in 'vix' tools plugin. + +RH-Author: Cathy Avery +Message-id: <20191119141606.5322-2-cavery@redhat.com> +Patchwork-id: 92511 +O-Subject: [RHEL8.1.z open-vm-tools PATCH 1/3] Fix memory leaks in 'vix' tools plugin. +Bugzilla: 1773903 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit 015db4c06a8be65eb96cf62421e8b5366993452f +Author: Oliver Kurth +Date: Wed Aug 29 13:29:45 2018 -0700 + + Fix memory leaks in 'vix' tools plugin. + + * vix plugin retrieves the power script file paths from the + config file but doesn't free them and this causes a memory leak. + Fixed the code to free the filepaths. + + * In GuestAuthPasswordAuthenticateImpersonate function, the VGAuth + handle is not freed when the impersonation fails. Fixed the + code to call VGAuth_UserHandleFree in the error path. + + Note: I executed one guest operation with wrong credentials. + Every failure leaks 75 bytes of memory. (in Centos 64-bit VM) + + * Fixed another minor issue in the code. At couple of places in + the code, replaced 'err' with 'vgErr' for storing the return value + of VGAuth_UserHandleAccessToken. + +Signed-off-by: Cathy Avery +Signed-off-by: Miroslav Rezanina +--- + services/plugins/vix/vixTools.c | 20 ++++++++++++++------ + 1 file changed, 14 insertions(+), 6 deletions(-) + +diff --git a/services/plugins/vix/vixTools.c b/services/plugins/vix/vixTools.c +index ef26742..2d60b86 100644 +--- a/services/plugins/vix/vixTools.c ++++ b/services/plugins/vix/vixTools.c +@@ -2522,10 +2522,10 @@ VixTools_GetToolsPropertiesImpl(GKeyFile *confDictRef, // IN + char *guestName; + int osFamily; + char *packageList = NULL; +- const char *powerOffScript = NULL; +- const char *powerOnScript = NULL; +- const char *resumeScript = NULL; +- const char *suspendScript = NULL; ++ char *powerOffScript = NULL; ++ char *powerOnScript = NULL; ++ char *resumeScript = NULL; ++ char *suspendScript = NULL; + char *osName = NULL; + char *osNameFull = NULL; + Bool foundHostName; +@@ -2726,6 +2726,10 @@ abort: + free(tempDir); + free(osName); + free(osNameFull); ++ free(suspendScript); ++ free(resumeScript); ++ free(powerOnScript); ++ free(powerOffScript); + #else + /* + * FreeBSD. We do not require all the properties above. +@@ -11585,7 +11589,7 @@ GuestAuthPasswordAuthenticateImpersonate( + + #ifdef _WIN32 + // this is making a copy of the token, be sure to close it +- err = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken); ++ vgErr = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken); + if (VGAUTH_FAILED(vgErr)) { + err = VixToolsTranslateVGAuthError(vgErr); + goto done; +@@ -11601,6 +11605,10 @@ done: + free(username); + Util_ZeroFreeString(password); + ++ if (VIX_OK != err) { ++ VGAuth_UserHandleFree(newHandle); ++ newHandle = NULL; ++ } + return err; + #else + return VIX_E_NOT_SUPPORTED; +@@ -11731,7 +11739,7 @@ impersonate: + + #ifdef _WIN32 + // this is making a copy of the token, be sure to close it +- err = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken); ++ vgErr = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken); + if (VGAUTH_FAILED(vgErr)) { + err = VixToolsTranslateVGAuthError(vgErr); + goto done; +-- +1.8.3.1 + diff --git a/SOURCES/ovt-Fix-minor-leak-in-FileRotateByRenumber-Coverity-scan.patch b/SOURCES/ovt-Fix-minor-leak-in-FileRotateByRenumber-Coverity-scan.patch new file mode 100644 index 0000000..740b797 --- /dev/null +++ b/SOURCES/ovt-Fix-minor-leak-in-FileRotateByRenumber-Coverity-scan.patch @@ -0,0 +1,47 @@ +From f9dcf9c252d3d1cb76aebd838300bdf3e973e77b Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Thu, 25 Jul 2019 12:32:27 +0200 +Subject: [PATCH 04/16] Fix minor leak in FileRotateByRenumber - Coverity scan + +RH-Author: Cathy Avery +Message-id: <20190725123239.18274-5-cavery@redhat.com> +Patchwork-id: 89720 +O-Subject: [RHEL8.1 open-vm-tools PATCH 04/16] Fix minor leak in FileRotateByRenumber - Coverity scan +Bugzilla: 1602648 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit 85bc2e71dd7a855d3c533965859c1756deecc314 +Author: Oliver Kurth +Date: Mon Apr 15 11:33:00 2019 -0700 + + Fix minor leak in FileRotateByRenumber - Coverity scan + +Signed-off-by: Cathy Avery +Signed-off-by: Miroslav Rezanina +--- + open-vm-tools/lib/file/file.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/lib/file/file.c b/lib/file/file.c +index 2d1154b..7dae12c 100644 +--- a/lib/file/file.c ++++ b/lib/file/file.c +@@ -1,5 +1,5 @@ + /********************************************************* +- * Copyright (C) 1998-2018 VMware, Inc. All rights reserved. ++ * Copyright (C) 1998-2019 VMware, Inc. All rights reserved. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published +@@ -2452,6 +2452,7 @@ FileRotateByRenumber(const char *filePath, // IN: full path to file + File_GetPathName(fullPathNoExt, &baseDir, &baseName); + + if ((baseDir == NULL) || (*baseDir == '\0')) { ++ free(baseDir); + baseDir = Unicode_Duplicate(DIRSEPS); + } + +-- +1.8.3.1 + diff --git a/SOURCES/ovt-Fix-two-coverity-issues-reported-by-a-customer.patch b/SOURCES/ovt-Fix-two-coverity-issues-reported-by-a-customer.patch new file mode 100644 index 0000000..20772a9 --- /dev/null +++ b/SOURCES/ovt-Fix-two-coverity-issues-reported-by-a-customer.patch @@ -0,0 +1,61 @@ +From 86ec5be96b61f3b391711aab3aee0c4d85101b2f Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Thu, 25 Jul 2019 12:32:39 +0200 +Subject: [PATCH 16/16] Fix two coverity issues reported by a customer. + +RH-Author: Cathy Avery +Message-id: <20190725123239.18274-17-cavery@redhat.com> +Patchwork-id: 89719 +O-Subject: [RHEL8.1 open-vm-tools PATCH 16/16] [Tools/dndcp] Fix two coverity issues reported by a customer. +Bugzilla: 1602648 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit 04813113e28f6cfecf956166136bbad2a6c2a386 +Author: Oliver Kurth +Date: Sat Jul 20 17:15:19 2019 -0700 + + [Tools/dndcp] Fix two coverity issues reported by a customer. + +Signed-off-by: Cathy Avery +Signed-off-by: Miroslav Rezanina +--- + open-vm-tools/services/plugins/dndcp/copyPasteUIX11.cpp | 14 +++++++++++--- + 1 file changed, 11 insertions(+), 3 deletions(-) + +diff --git a/services/plugins/dndcp/copyPasteUIX11.cpp b/services/plugins/dndcp/copyPasteUIX11.cpp +index 6c40b84..e9b9e26 100644 +--- a/services/plugins/dndcp/copyPasteUIX11.cpp ++++ b/services/plugins/dndcp/copyPasteUIX11.cpp +@@ -1664,10 +1664,11 @@ CopyPasteUIX11::FileBlockMonitorThread(void *arg) // IN + } + + int fd = open(params->fileBlockName.c_str(), O_RDONLY); +- if (fd <= 0) { +- g_debug("%s: Failed to open %s\n", ++ if (fd < 0) { ++ g_debug("%s: Failed to open %s, errno is %d\n", + __FUNCTION__, +- params->fileBlockName.c_str()); ++ params->fileBlockName.c_str(), ++ errno); + continue; + } + +@@ -1688,6 +1689,13 @@ CopyPasteUIX11::FileBlockMonitorThread(void *arg) // IN + } else { + g_debug("%s: Block is not added\n", __FUNCTION__); + } ++ ++ if (close(fd) < 0) { ++ g_debug("%s: Failed to close %s, errno is %d\n", ++ __FUNCTION__, ++ params->fileBlockName.c_str(), ++ errno); ++ } + } + pthread_mutex_unlock(¶ms->fileBlockMutex); + return NULL; +-- +1.8.3.1 + diff --git a/SOURCES/ovt-Fixes-for-few-leaks-and-improved-error-handling.patch b/SOURCES/ovt-Fixes-for-few-leaks-and-improved-error-handling.patch new file mode 100644 index 0000000..db5907c --- /dev/null +++ b/SOURCES/ovt-Fixes-for-few-leaks-and-improved-error-handling.patch @@ -0,0 +1,174 @@ +From 46a724937bfbfe4fa4e64269f057c71893f25b30 Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Thu, 25 Jul 2019 12:32:32 +0200 +Subject: [PATCH 09/16] Fixes for few leaks and improved error handling. + +RH-Author: Cathy Avery +Message-id: <20190725123239.18274-10-cavery@redhat.com> +Patchwork-id: 89723 +O-Subject: [RHEL8.1 open-vm-tools PATCH 09/16] Fixes for few leaks and improved error handling. +Bugzilla: 1602648 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit 2bbd56da4314856dfc1a8fed2db5b55cd9ef8860 +Author: Oliver Kurth +Date: Wed May 8 15:27:18 2019 -0700 + + Fixes for few leaks and improved error handling. + + Fix a memory leak detected by coverity scan. It is not critical, + but it is real in an error case when there is no end mark. While + fixing it, also enhanced code to handle different error cases + properly because we would want valid content to be decoded even + when there are invalid marks in the log file. Invalid log marks + are possible when vmware.log gets rotated in the middle of guest + logging. + + While verifying the fix using valgrind, found a couple of more + leaks in panic and warning stubs. Addressed those as well. + +Signed-off-by: Cathy Avery +Signed-off-by: Miroslav Rezanina +--- + open-vm-tools/lib/stubs/stub-panic.c | 3 ++- + open-vm-tools/lib/stubs/stub-warning.c | 5 ++-- + open-vm-tools/xferlogs/xferlogs.c | 47 ++++++++++++++++++++++++++++------ + 3 files changed, 44 insertions(+), 11 deletions(-) + +diff --git a/lib/stubs/stub-panic.c b/lib/stubs/stub-panic.c +index 615a810..4b88f59 100644 +--- a/lib/stubs/stub-panic.c ++++ b/lib/stubs/stub-panic.c +@@ -1,5 +1,5 @@ + /********************************************************* +- * Copyright (C) 2008 VMware, Inc. All rights reserved. ++ * Copyright (C) 2008,2019 VMware, Inc. All rights reserved. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published +@@ -43,6 +43,7 @@ Panic(const char *fmt, ...) + + if (str != NULL) { + fputs(str, stderr); ++ free(str); + } + + assert(FALSE); +diff --git a/lib/stubs/stub-warning.c b/lib/stubs/stub-warning.c +index c32fa69..3a49617 100644 +--- a/lib/stubs/stub-warning.c ++++ b/lib/stubs/stub-warning.c +@@ -1,5 +1,5 @@ + /********************************************************* +- * Copyright (C) 2008-2016 VMware, Inc. All rights reserved. ++ * Copyright (C) 2008-2016,2019 VMware, Inc. All rights reserved. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published +@@ -24,6 +24,7 @@ + */ + + #include ++#include + #include "str.h" + + +@@ -39,6 +40,6 @@ Warning(const char *fmt, ...) + + if (str != NULL) { + fputs(str, stderr); ++ free(str); + } + } +- +diff --git a/xferlogs/xferlogs.c b/xferlogs/xferlogs.c +index 9aa9b3a..d4a600f 100644 +--- a/xferlogs/xferlogs.c ++++ b/xferlogs/xferlogs.c +@@ -184,8 +184,19 @@ extractFile(char *filename) //IN: vmx log filename e.g. vmware.log + char tstamp[32]; + time_t now; + +- ASSERT(outfp == NULL); +- ASSERT(state == NOT_IN_GUEST_LOGGING); ++ /* ++ * There could be multiple LOG_START_MARK in the log, ++ * close existing one before opening a new file. ++ */ ++ if (outfp) { ++ ASSERT(state == IN_GUEST_LOGGING); ++ Warning("Found a new start mark before end mark for " ++ "previous one\n"); ++ fclose(outfp); ++ outfp = NULL; ++ } else { ++ ASSERT(state == NOT_IN_GUEST_LOGGING); ++ } + DEBUG_ONLY(state = IN_GUEST_LOGGING); + + /* +@@ -234,23 +245,32 @@ extractFile(char *filename) //IN: vmx log filename e.g. vmware.log + ver = ver + sizeof "ver - " - 1; + version = strtol(ver, NULL, 0); + if (version != LOG_VERSION) { +- Warning("input version %d doesnt match the\ ++ Warning("Input version %d doesn't match the\ + version of this binary %d", version, LOG_VERSION); + } else { +- printf("reading file %s to %s \n", logInpFilename, fname); ++ printf("Reading file %s to %s \n", logInpFilename, fname); + if (!(outfp = fopen(fname, "wb"))) { + Warning("Error opening file %s\n", fname); + } + } + } + } else if (strstr(buf, LOG_END_MARK)) { // close the output file. +- ASSERT(state == IN_GUEST_LOGGING); ++ /* ++ * Need to check outfp, because we might get LOG_END_MARK ++ * before LOG_START_MARK due to log rotation. ++ */ ++ if (outfp) { ++ ASSERT(state == IN_GUEST_LOGGING); ++ fclose(outfp); ++ outfp = NULL; ++ } else { ++ ASSERT(state == NOT_IN_GUEST_LOGGING); ++ Warning("Reached file end mark without start mark\n"); ++ } + DEBUG_ONLY(state = NOT_IN_GUEST_LOGGING); +- fclose(outfp); +- outfp = NULL; + } else { // write to the output file +- ASSERT(state == IN_GUEST_LOGGING); + if (outfp) { ++ ASSERT(state == IN_GUEST_LOGGING); + ptrStr = strstr(buf, LOG_GUEST_MARK); + ptrStr += sizeof LOG_GUEST_MARK - 1; + if (Base64_Decode(ptrStr, base64Out, BUF_OUT_SIZE, &lenOut)) { +@@ -260,10 +280,21 @@ extractFile(char *filename) //IN: vmx log filename e.g. vmware.log + } else { + Warning("Error decoding output %s\n", ptrStr); + } ++ } else { ++ ASSERT(state == NOT_IN_GUEST_LOGGING); ++ Warning("Missing file start mark\n"); + } + } + } + } ++ ++ /* ++ * We may need to close file in case LOG_END_MARK is missing. ++ */ ++ if (outfp) { ++ ASSERT(state == IN_GUEST_LOGGING); ++ fclose(outfp); ++ } + fclose(fp); + } + +-- +1.8.3.1 + diff --git a/SOURCES/ovt-copyPasteCompatX11.c-code-generating-unnecessary-Cov.patch b/SOURCES/ovt-copyPasteCompatX11.c-code-generating-unnecessary-Cov.patch new file mode 100644 index 0000000..60360aa --- /dev/null +++ b/SOURCES/ovt-copyPasteCompatX11.c-code-generating-unnecessary-Cov.patch @@ -0,0 +1,115 @@ +From d56ab64ed0b7a863cc2b0bf1dc78bbf3d3953226 Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Thu, 25 Jul 2019 12:32:37 +0200 +Subject: [PATCH 14/16] copyPasteCompatX11.c code generating unnecessary + Coverity warning + +RH-Author: Cathy Avery +Message-id: <20190725123239.18274-15-cavery@redhat.com> +Patchwork-id: 89721 +O-Subject: [RHEL8.1 open-vm-tools PATCH 14/16] copyPasteCompatX11.c code generating unnecessary Coverity warning +Bugzilla: 1602648 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit 9c30be3448c743e51718480543142bf833ea553a +Author: Oliver Kurth +Date: Mon Jun 17 11:41:38 2019 -0700 + + copyPasteCompatX11.c code generating unnecessary Coverity warning + + This patch aims to fix an issue found by Coverity Scan. + + This issue is a False Positive, the outBuf is only freed in specific + scenario, so there is no 'BAD FREE'. But it's better to reconstruct the + related code to clear the SCA error. + +Signed-off-by: Cathy Avery + +Conflicts: Minor copyright +Signed-off-by: Miroslav Rezanina +--- + .../services/plugins/dndcp/copyPasteCompatX11.c | 43 +++++++++------------- + 1 file changed, 17 insertions(+), 26 deletions(-) + +diff --git a/services/plugins/dndcp/copyPasteCompatX11.c b/services/plugins/dndcp/copyPasteCompatX11.c +index d5a0fdf..3b2f2bc 100644 +--- a/services/plugins/dndcp/copyPasteCompatX11.c ++++ b/services/plugins/dndcp/copyPasteCompatX11.c +@@ -1,5 +1,5 @@ + /********************************************************* +- * Copyright (C) 2005-2016 VMware, Inc. All rights reserved. ++ * Copyright (C) 2005-2019 VMware, Inc. All rights reserved. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published +@@ -579,50 +579,41 @@ CopyPasteSelectionGetCB(GtkWidget *widget, // IN: unused + return; + } + +- /* If it is text copy paste, return gHostClipboardBuf. */ ++ GdkAtom target; + #ifndef GTK3 +- if (GDK_SELECTION_TYPE_STRING == selection_data->target || +- GDK_SELECTION_TYPE_UTF8_STRING == selection_data->target) { ++ target = selection_data->target; + #else +- if (GDK_SELECTION_TYPE_STRING == gtk_selection_data_get_target(selection_data) || +- GDK_SELECTION_TYPE_UTF8_STRING == gtk_selection_data_get_target(selection_data)) { ++ target = gtk_selection_data_get_target(selection_data); + #endif ++ ++ /* If it is text copy paste, return gHostClipboardBuf. */ ++ if (GDK_SELECTION_TYPE_STRING == target || ++ GDK_SELECTION_TYPE_UTF8_STRING == target) { + char *outBuf = gHostClipboardBuf; ++ char *outStringBuf = NULL; + size_t len = strlen(gHostClipboardBuf); + + /* + * If target is GDK_SELECTION_TYPE_STRING, assume encoding is local code + * set. Convert from utf8 to local one. + */ +-#ifndef GTK3 +- if (GDK_SELECTION_TYPE_STRING == selection_data->target && +-#else +- if (GDK_SELECTION_TYPE_STRING == gtk_selection_data_get_target(selection_data) && +-#endif ++ if (GDK_SELECTION_TYPE_STRING == target && + !CodeSet_Utf8ToCurrent(gHostClipboardBuf, + strlen(gHostClipboardBuf), +- &outBuf, ++ &outStringBuf, + &len)) { + g_debug("CopyPasteSelectionGetCB: can not convert to current codeset\n"); + return; + } + +-#ifndef GTK3 +- gtk_selection_data_set(selection_data, selection_data->target, 8, +-#else +- gtk_selection_data_set(selection_data, gtk_selection_data_get_target(selection_data), 8, +-#endif +- outBuf, len); +- g_debug("CopyPasteSelectionGetCB: Set text [%s]\n", outBuf); +- +-#ifndef GTK3 +- if (GDK_SELECTION_TYPE_STRING == selection_data->target) { +-#else +- if (GDK_SELECTION_TYPE_STRING == gtk_selection_data_get_target(selection_data)) { +-#endif +- free(outBuf); ++ if (outStringBuf != NULL) { ++ outBuf = outStringBuf; + } + ++ gtk_selection_data_set(selection_data, target, 8, outBuf, len); ++ g_debug("CopyPasteSelectionGetCB: Set text [%s]\n", outBuf); ++ ++ free(outStringBuf); + return; + } + } +-- +1.8.3.1 + diff --git a/SOURCES/vgauthd.service b/SOURCES/vgauthd.service new file mode 100644 index 0000000..d5fef2c --- /dev/null +++ b/SOURCES/vgauthd.service @@ -0,0 +1,12 @@ +[Unit] +Description=VGAuth Service for open-vm-tools +Documentation=http://github.com/vmware/open-vm-tools +ConditionVirtualization=vmware +PartOf=vmtoolsd.service + +[Service] +ExecStart=/usr/bin/VGAuthService -s +TimeoutStopSec=5 + +[Install] +RequiredBy=vmtoolsd.service diff --git a/SOURCES/vmtoolsd-init.service b/SOURCES/vmtoolsd-init.service new file mode 100644 index 0000000..08dd10d --- /dev/null +++ b/SOURCES/vmtoolsd-init.service @@ -0,0 +1,14 @@ +[Unit] +Description=One-time configuration for vmtoolsd +ConditionVirtualization=vmware +ConditionPathExists=|!/etc/vmware-tools/GuestProxyData/server/cert.pem +ConditionPathExists=|!/etc/vmware-tools/GuestProxyData/server/key.pem +PartOf=vmtoolsd.service + +[Service] +Type=oneshot +RemainAfterExit=no +ExecStart=/usr/bin/vmware-guestproxycerttool -g + +[Install] +RequiredBy=vmtoolsd.service diff --git a/SOURCES/vmtoolsd.service b/SOURCES/vmtoolsd.service new file mode 100644 index 0000000..773040d --- /dev/null +++ b/SOURCES/vmtoolsd.service @@ -0,0 +1,16 @@ +[Unit] +Description=Service for virtual machines hosted on VMware +Documentation=http://github.com/vmware/open-vm-tools +ConditionVirtualization=vmware +Requires=vgauthd.service +After=vgauthd.service +DefaultDependencies=no +Before=cloud-init-local.service + +[Service] +ExecStart=/usr/bin/vmtoolsd +TimeoutStopSec=5 + +[Install] +WantedBy=multi-user.target +Also=vgauthd.service diff --git a/SPECS/open-vm-tools.spec b/SPECS/open-vm-tools.spec new file mode 100644 index 0000000..6ae80f5 --- /dev/null +++ b/SPECS/open-vm-tools.spec @@ -0,0 +1,736 @@ +################################################################################ +### Copyright 2013-18 VMware, Inc. All rights reserved. +### +### RPM SPEC file for building open-vm-tools packages. +### +### +### This program is free software; you can redistribute it and/or modify +### it under the terms of version 2 of the GNU General Public License as +### published by the Free Software Foundation. +### +### This program is distributed in the hope that it will be useful, +### but WITHOUT ANY WARRANTY; without even the implied warranty of +### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +### GNU General Public License for more details. +### +### You should have received a copy of the GNU General Public License +### along with this program; if not, write to the Free Software +### Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +################################################################################ + +%global _hardened_build 1 +%global majorversion 10.3 +%global minorversion 10 +%global toolsbuild 12406962 +%global toolsversion %{majorversion}.%{minorversion} +%global toolsdaemon vmtoolsd +%global vgauthdaemon vgauthd + +Name: open-vm-tools +Version: %{toolsversion} +Release: 3%{?dist}.1 +Summary: Open Virtual Machine Tools for virtual machines hosted on VMware +Group: Applications/System +License: GPLv2 +URL: https://github.com/vmware/%{name} +Source0: https://github.com/vmware/%{name}/releases/download/stable-%{version}/%{name}-%{version}-%{toolsbuild}.tar.gz +Source1: %{toolsdaemon}-init.service +Source2: %{toolsdaemon}.service +Source3: %{vgauthdaemon}.service +ExclusiveArch: x86_64 + +# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package +Patch2: ovt-End-VGAuth-impersonation-in-the-case-of-error.patch +# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package +Patch3: ovt-Fix-memory-leak-in-GetFormattedCommandLine-function-.patch +# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package +Patch4: ovt-Fix-a-leak-if-VGAuth-setup-fails.-Coverity-issue.patch +# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package +Patch5: ovt-Fix-minor-leak-in-FileRotateByRenumber-Coverity-scan.patch +# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package +Patch6: ovt-Fix-memory-leak-in-SNEBuildHash-function.patch +# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package +Patch7: ovt-Fix-Coverity-reported-issues-in-i18n.c-code-VMTools-.patch +# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package +Patch8: ovt-Fix-a-memory-leak-in-the-unicode-library.patch +# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package +Patch9: ovt-Fix-a-trivial-Coverity-reported-memory-leak-in-vgaut.patch +# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package +Patch10: ovt-Fixes-for-few-leaks-and-improved-error-handling.patch +# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package +Patch11: ovt-Fix-Coverity-reported-double-memory-free-errors.patch +# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package +Patch12: ovt-Fix-a-trivial-Coverity-reported-memory-leak.patch +# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package +Patch13: ovt-Fix-RH-Covscan-Coverity-reported-memory-leaks-in-too.patch +# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package +Patch14: ovt-Fix-Using-uninitialized-value-issue-reported-by-Cove.patch +# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package +Patch15: ovt-copyPasteCompatX11.c-code-generating-unnecessary-Cov.patch +# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package +Patch16: ovt-Fix-a-Coverity-issue-reported-in-vgauth-serviceImpl-.patch +# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package +Patch17: ovt-Fix-two-coverity-issues-reported-by-a-customer.patch +# For bz#1773903 - [ESXi][RHEL8.0]Need to backport some severe memory leak fixes from upstream [rhel-8.1.0.z] +Patch18: ovt-Fix-memory-leaks-in-vix-tools-plugin.patch +# For bz#1773903 - [ESXi][RHEL8.0]Need to backport some severe memory leak fixes from upstream [rhel-8.1.0.z] +Patch19: ovt-End-VGAuth-impersonation-in-the-case-of-error2.patch +# For bz#1773903 - [ESXi][RHEL8.0]Need to backport some severe memory leak fixes from upstream [rhel-8.1.0.z] +Patch20: ovt-Fix-leaks-in-ListAliases-and-ListMappedAliases-9bc72.patch + +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: libtool +BuildRequires: gcc-c++ +BuildRequires: doxygen +# Fuse is optional and enables vmblock-fuse +BuildRequires: fuse-devel +BuildRequires: glib2-devel >= 2.14.0 +BuildRequires: gdk-pixbuf2-xlib-devel +BuildRequires: gtk3-devel >= 3.10.0 +BuildRequires: gtkmm30-devel >= 3.10.0 +BuildRequires: libdnet-devel +BuildRequires: libicu-devel +BuildRequires: libmspack-devel +# Unfortunately, xmlsec1-openssl does not add libtool-ltdl +# dependency, so we need to add it ourselves. +BuildRequires: libtool-ltdl-devel +BuildRequires: libX11-devel +BuildRequires: libXext-devel +BuildRequires: libXi-devel +BuildRequires: libXinerama-devel +BuildRequires: libXrandr-devel +BuildRequires: libXrender-devel +BuildRequires: libXtst-devel +BuildRequires: openssl-devel +BuildRequires: pam-devel +BuildRequires: procps-devel +BuildRequires: rpcgen +BuildRequires: systemd +BuildRequires: libtirpc-devel +BuildRequires: xmlsec1-openssl-devel + +Requires: coreutils +Requires: fuse +Requires: libdrm +Requires: iproute +Requires: grep +Requires: pciutils +Requires: sed +Requires: systemd +Requires: systemd-libs +Requires: tar +Requires: which +# xmlsec1-openssl needs to be added explicitly +Requires: xmlsec1-openssl + +# open-vm-tools >= 10.0.0 do not require open-vm-tools-deploypkg +# provided by VMware. That functionality is now available as part +# of open-vm-tools package itself. +Obsoletes: open-vm-tools-deploypkg <= 10.0.5 + +%description +The %{name} project is an open source implementation of VMware Tools. It +is a suite of open source virtualization utilities and drivers to improve the +functionality, user experience and administration of VMware virtual machines. +This package contains only the core user-space programs and libraries of +%{name}. + +%package desktop +Summary: User experience components for Open Virtual Machine Tools +Group: System Environment/Libraries +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description desktop +This package contains only the user-space programs and libraries of +%{name} that are essential for improved user experience of VMware virtual +machines. + +%package devel +Summary: Development libraries for Open Virtual Machine Tools +Group: Development/Libraries +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description devel +This package contains only the user-space programs and libraries of +%{name} that are essential for developing customized applications for +VMware virtual machines. + +%package test +Summary: Test utilities for Open Virtual Machine Tools +Group: Development/Libraries +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description test +This package contains only the test utilities for %{name} that are +useful for verifying the functioning of %{name} in VMware virtual +machines. + +%prep +%setup -q -n %{name}-%{version}-%{toolsbuild} + +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 +%patch10 -p1 +%patch11 -p1 +%patch12 -p1 +%patch13 -p1 +%patch14 -p1 +%patch15 -p1 +%patch16 -p1 +%patch17 -p1 +%patch18 -p1 +%patch19 -p1 +%patch20 -p1 + +%build +# Required for regenerating configure script when +# configure.ac get modified +autoreconf -vif + +%global usetirpc with-tirpc + +%configure \ + --without-kernel-modules \ + --enable-xmlsec1 \ + --enable-resolutionkms \ + --%{usetirpc} \ + --disable-static + +sed -i -e 's! -shared ! -Wl,--as-needed\0!g' libtool +%make_build + +%install +export DONT_STRIP=1 +%make_install + +# Remove exec bit from config files +chmod a-x %{buildroot}%{_sysconfdir}/pam.d/* +chmod a-x %{buildroot}%{_sysconfdir}/vmware-tools/*.conf +chmod a-x %{buildroot}%{_sysconfdir}/vmware-tools/vgauth/schemas/* + +# Remove exec bit on udev rules. +chmod a-x %{buildroot}%{_udevrulesdir}/99-vmware-scsi-udev.rules + +# Remove the DOS line endings +sed -i "s|\r||g" README + +# Remove "Encoding" key from the "Desktop Entry" +sed -i "s|^Encoding.*$||g" %{buildroot}%{_sysconfdir}/xdg/autostart/vmware-user.desktop + +# Remove unnecessary files from packaging +find %{buildroot}%{_libdir} -name '*.la' -delete +rm -fr %{buildroot}%{_defaultdocdir} +rm -f docs/api/build/html/FreeSans.ttf + +# Remove mount.vmhgfs & symlink +rm -fr %{buildroot}%{_sbindir} %{buildroot}/sbin/mount.vmhgfs + +# Move vm-support to /usr/bin +mv %{buildroot}%{_sysconfdir}/vmware-tools/vm-support %{buildroot}%{_bindir} + +# Systemd unit files +install -p -m 644 -D %{SOURCE1} %{buildroot}%{_unitdir}/%{toolsdaemon}-init.service +install -p -m 644 -D %{SOURCE2} %{buildroot}%{_unitdir}/%{toolsdaemon}.service +install -p -m 644 -D %{SOURCE3} %{buildroot}%{_unitdir}/%{vgauthdaemon}.service + +# 'make check' in open-vm-tools rebuilds docs and ends up regenerating +# the font file. We can add %%check secion once 'make check' is fixed +# upstream + +%post +%{?ldconfig} +# Setup mount point for Shared Folders +# NOTE: Use systemd-detect-virt to detect VMware platform because +# vmware-checkvm might misbehave on non-VMware platforms. +if [ -f %{_bindir}/vmware-checkvm -a \ + -f %{_bindir}/vmhgfs-fuse ] && \ + %{_bindir}/systemd-detect-virt | grep -iq VMware && \ + %{_bindir}/vmware-checkvm &> /dev/null && \ + %{_bindir}/vmware-checkvm -p | grep -q Workstation && \ + %{_bindir}/vmhgfs-fuse -e &> /dev/null; then + mkdir -p /mnt/hgfs +fi + +%systemd_post %{toolsdaemon}-init.service +%systemd_post %{vgauthdaemon}.service +%systemd_post %{toolsdaemon}.service + +%preun +%systemd_preun %{toolsdaemon}-init.service +%systemd_preun %{toolsdaemon}.service +%systemd_preun %{vgauthdaemon}.service + +if [ "$1" = "0" -a \ + -f %{_bindir}/vmware-checkvm ] && \ + %{_bindir}/systemd-detect-virt | grep -iq VMware && \ + %{_bindir}/vmware-checkvm &> /dev/null; then + + # Tell VMware that open-vm-tools is being uninstalled + if [ -f %{_bindir}/vmware-rpctool ]; then + %{_bindir}/vmware-rpctool 'tools.set.version 0' &> /dev/null || /bin/true + fi + + # Teardown mount point for Shared Folders + if [ -d /mnt/hgfs ] && \ + %{_bindir}/vmware-checkvm -p | grep -q Workstation; then + umount /mnt/hgfs &> /dev/null || /bin/true + rmdir /mnt/hgfs &> /dev/null || /bin/true + fi + + # Cleanup GuestProxy certs + %{_bindir}/vmware-guestproxycerttool -e &> /dev/null || /bin/true +fi + +%postun +%{?ldconfig} +%systemd_postun_with_restart %{toolsdaemon}-init.service +%systemd_postun_with_restart %{toolsdaemon}.service +%systemd_postun_with_restart %{vgauthdaemon}.service + +%files +%license COPYING +%doc AUTHORS ChangeLog NEWS README +%config(noreplace) %{_sysconfdir}/pam.d/* +%dir %{_sysconfdir}/vmware-tools/ +%dir %{_sysconfdir}/vmware-tools/vgauth +%dir %{_sysconfdir}/vmware-tools/vgauth/schemas +%config(noreplace) %{_sysconfdir}/vmware-tools/*.conf +# Don't expect users to modify VGAuth schema files +%config %{_sysconfdir}/vmware-tools/vgauth/schemas/* +%{_sysconfdir}/vmware-tools/*-vm-default +%{_sysconfdir}/vmware-tools/scripts +%{_sysconfdir}/vmware-tools/statechange.subr +%{_bindir}/VGAuthService +%{_bindir}/vm-support +%{_bindir}/vmhgfs-fuse +%{_bindir}/vmtoolsd +%{_bindir}/vmware-checkvm +%{_bindir}/vmware-guestproxycerttool +%{_bindir}/vmware-hgfsclient +%{_bindir}/vmware-namespace-cmd +%{_bindir}/vmware-rpctool +%{_bindir}/vmware-toolbox-cmd +%{_bindir}/vmware-vgauth-cmd +%{_bindir}/vmware-xferlogs +%{_libdir}/libDeployPkg.so.* +%{_libdir}/libguestlib.so.* +%{_libdir}/libhgfs.so.* +%{_libdir}/libvgauth.so.* +%{_libdir}/libvmtools.so.* +%dir %{_libdir}/%{name}/ +%dir %{_libdir}/%{name}/plugins +%dir %{_libdir}/%{name}/plugins/common +%{_libdir}/%{name}/plugins/common/*.so +%dir %{_libdir}/%{name}/plugins/vmsvc +%{_libdir}/%{name}/plugins/vmsvc/*.so +%{_datadir}/%{name}/ +%{_udevrulesdir}/99-vmware-scsi-udev.rules +%{_unitdir}/%{toolsdaemon}-init.service +%{_unitdir}/%{toolsdaemon}.service +%{_unitdir}/%{vgauthdaemon}.service + +%files desktop +%{_sysconfdir}/xdg/autostart/*.desktop +%{_bindir}/vmware-user +%{_bindir}/vmware-user-suid-wrapper +%{_bindir}/vmware-vmblock-fuse +%{_libdir}/%{name}/plugins/vmusr/ + +%files devel +%doc docs/api/build/* +%exclude %{_includedir}/libDeployPkg/ +%{_includedir}/vmGuestLib/ +%{_libdir}/pkgconfig/*.pc +%{_libdir}/libDeployPkg.so +%{_libdir}/libguestlib.so +%{_libdir}/libhgfs.so +%{_libdir}/libvgauth.so +%{_libdir}/libvmtools.so + +%files test +%{_bindir}/vmware-vgauth-smoketest + +%changelog +* Fri Nov 22 2019 Miroslav Rezanina - 10.3.10-3.el8_1_0.1 +- ovt-Fix-memory-leaks-in-vix-tools-plugin.patch [bz#1773903] +- ovt-End-VGAuth-impersonation-in-the-case-of-error2.patch [bz#1773903] +- ovt-Fix-leaks-in-ListAliases-and-ListMappedAliases-9bc72.patch [bz#1773903] +- Resolves: bz#1773903 + ([ESXi][RHEL8.0]Need to backport some severe memory leak fixes from upstream [rhel-8.1.0.z]) + +* Thu Aug 01 2019 Miroslav Rezanina - 10.3.10-3 +- ovt-End-VGAuth-impersonation-in-the-case-of-error.patch [bz#1602648] +- ovt-Fix-memory-leak-in-GetFormattedCommandLine-function-.patch [bz#1602648] +- ovt-Fix-a-leak-if-VGAuth-setup-fails.-Coverity-issue.patch [bz#1602648] +- ovt-Fix-minor-leak-in-FileRotateByRenumber-Coverity-scan.patch [bz#1602648] +- ovt-Fix-memory-leak-in-SNEBuildHash-function.patch [bz#1602648] +- ovt-Fix-Coverity-reported-issues-in-i18n.c-code-VMTools-.patch [bz#1602648] +- ovt-Fix-a-memory-leak-in-the-unicode-library.patch [bz#1602648] +- ovt-Fix-a-trivial-Coverity-reported-memory-leak-in-vgaut.patch [bz#1602648] +- ovt-Fixes-for-few-leaks-and-improved-error-handling.patch [bz#1602648] +- ovt-Fix-Coverity-reported-double-memory-free-errors.patch [bz#1602648] +- ovt-Fix-a-trivial-Coverity-reported-memory-leak.patch [bz#1602648] +- ovt-Fix-RH-Covscan-Coverity-reported-memory-leaks-in-too.patch [bz#1602648] +- ovt-Fix-Using-uninitialized-value-issue-reported-by-Cove.patch [bz#1602648] +- ovt-copyPasteCompatX11.c-code-generating-unnecessary-Cov.patch [bz#1602648] +- ovt-Fix-a-Coverity-issue-reported-in-vgauth-serviceImpl-.patch [bz#1602648] +- ovt-Fix-two-coverity-issues-reported-by-a-customer.patch [bz#1602648] +- Resolves: bz#1602648 + ([ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package) + +* Tue Jun 04 2019 Miroslav Rezanina - 10.3.10-2 +- Rebase to 10.3.10 [bz#1702784] +- Resolves: bz#1702784 + (Rebase open-vm-tools to 10.3.10) + +* Tue Oct 16 2018 Miroslav Rezanina - 10.3.0-1 +- Rebase to 10.3.0 [bz#1626578] +- Resolves: bz#1626578 + ([ESXi][RHEL8]Rebase open-vm-tools to 10.3.0) + +* Mon May 14 2018 Miroslav Rezanina - 10.2.5-2 +- Updated RHEL version +- Resolves: bz#1527233 + ([ESXi][RHEL7.5]Rebase open-vm-tools to 10.2.5) + +* Wed May 09 2018 Ravindra Kumar - 10.2.5-2 +- Use tirpc for Fedora 28 onwards. + +* Wed May 09 2018 Ravindra Kumar - 10.2.5-1 +- Package new upstream version open-vm-tools-10.2.5-8068406 (RHBZ#1431376). +- Added use-tirpc.patch to use libtirpc instead of deprecated Sun RPC. +- Removed wayland-crash.patch which is no longer needed. + +* Mon Apr 30 2018 Pete Walter - 10.2.0-5 +- Rebuild for ICU 61.1 + +* Thu Feb 08 2018 Fedora Release Engineering - 10.2.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Fri Dec 29 2017 Ravindra Kumar - 10.2.0-3 +- Patch for a Wayland related crash in the desktopEvents plugin (RHBZ#1526952). +- gdk_set_allowed_backends() is available in version 3.10 and later only. + +* Mon Dec 18 2017 Ravindra Kumar - 10.2.0-2 +- Build with gtk3 only on newer distros. + +* Fri Dec 15 2017 Ravindra Kumar - 10.2.0-1 +- Package new upstream version open-vm-tools-10.2.0-7253323. +- Remove the patches that are no longer needed. +- New version builds with gtk3 by default. +- Package vmware-user symlink in desktop. +- Add a new test package for test utilities. +- Pick a fix to a conditional from Miroslav Vadkerti . + +* Thu Nov 30 2017 Pete Walter - 10.1.10-4 +- Rebuild for ICU 60.1 + +* Thu Sep 28 2017 Ravindra Kumar - 10.1.10-3 +- Replaced 'net-tools' dependency with 'iproute' (RHBZ#1496134). +- Added resolutionKMS-wayland-2.patch with some new fixes. + +* Fri Aug 11 2017 Kalev Lember - 10.1.10-2 +- Bump and rebuild for an rpm signing issue + +* Thu Aug 10 2017 Ravindra Kumar - 10.1.10-1 +- Package new upstream version open-vm-tools-10.1.10-6082533. +- Remove the patches that are no longer needed. + +* Thu Aug 03 2017 Fedora Release Engineering - 10.1.5-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 10.1.5-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Tue Jul 25 2017 Richard W.M. Jones - 10.1.5-5 +- Fix /tmp race conditions in libDeployPkg (CVE-2015-5191). + +* Sun Apr 02 2017 Ravindra Kumar - 10.1.5-4 +- ResolutionKMS patch for Wayland (RHBZ#1292234). + +* Thu Mar 16 2017 Ravindra Kumar - 10.1.5-3 +- Need to add xmlsec1-openssl dependency explicitly. + +* Tue Feb 28 2017 Richard W.M. Jones - 10.1.5-2 +- Use 0644 permissions for udev rules file. + +* Fri Feb 24 2017 Ravindra Kumar - 10.1.5-1 +- Package new upstream version open-vm-tools-10.1.5-5055683 (RHBZ#1408959). + +* Fri Feb 17 2017 Ravindra Kumar - 10.1.0-1 +- Package new upstream version open-vm-tools-10.1.0-4449150 (RHBZ#1408959). +- Remove patches that are no longer needed. +- Build with --enable-xmlsec1 to avoid dependency on xerces-c and xml-security-c. +- Replace _prefix/lib/udev/rules.d/ with _udevrulesdir macro. + +* Thu Feb 16 2017 Ravindra Kumar - 10.0.5-10 +- sysmacros patch for glibc-2.25 (RHBZ#1411807). +- vgauth patch for openssl-1.1.0. + +* Thu Feb 16 2017 Ravindra Kumar - 10.0.5-9 +- udev rules patch for longer SCSI timeouts (RHBZ#1214347). + +* Sat Feb 11 2017 Fedora Release Engineering - 10.0.5-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Wed Oct 26 2016 Richard W.M. Jones - 10.0.5-5 +- vm-support script needs lspci from pciutils (RHBZ#1388766). + +* Wed Sep 14 2016 Ravindra Kumar - 10.0.5-4 +- Patch for HGFS stale caching issues (RHBZ#1342181). + +* Mon Jun 20 2016 Ravindra Kumar - 10.0.5-3 +- Use systemd-detect-virt to detect VMware platform (RHBZ#1251656). + +* Wed May 25 2016 Ravindra Kumar - 10.0.5-2 +- Obsolete open-vm-tools-deploypkg because its not needed for v10.x. + +* Wed May 25 2016 Ravindra Kumar - 10.0.5-1 +- Package new upstream version open-vm-tools-10.0.5-3227872. +- Add a patch for fixing GCC 6 build issue (RHBZ#1305108). +- Replace kill-werror.patch with no-unused-const.patch. + +* Wed May 25 2016 Richard W.M. Jones - 10.0.0-12 +- Bump and rebuild. + +* Sat Apr 23 2016 Richard W.M. Jones - 10.0.0-11 +- Kill -Werror with fire (RHBZ#1305108). + +* Fri Apr 15 2016 David Tardon - 10.0.0-10 +- rebuild for ICU 57.1 + +* Thu Feb 04 2016 Fedora Release Engineering - 10.0.0-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Wed Oct 28 2015 David Tardon - 10.0.0-8 +- rebuild for ICU 56.1 + +* Thu Oct 01 2015 Ravindra Kumar - 10.0.0-7 +- Added a missing output redirection + +* Thu Oct 01 2015 Ravindra Kumar - 10.0.0-6 +- Setup Shared Folders mount point when 'vmhgf-fuse -e' is success + +* Thu Oct 01 2015 Ravindra Kumar - 10.0.0-5 +- Setup and teardown Shared Folders mount point on VMs running + on VMware Workstation or VMware Fusion. + +* Wed Sep 30 2015 Ravindra Kumar - 10.0.0-4 +- vmhgfs-fuse needs 'fusermount' from 'fuse' + +* Wed Sep 30 2015 Ravindra Kumar - 10.0.0-3 +- Replace -std=c++11 with -std=gnu++11 to get "linux" definitions work + in order to fix the build issue, + https://kojipkgs.fedoraproject.org//work/tasks/4823/11274823/build.log +- Removed unused definitions for CFLAGS and CXXFLAGS + +* Wed Sep 30 2015 Ravindra Kumar - 10.0.0-2 +- Add -std=c++11 to CXXFLAGS for fixing the build issue, + https://kojipkgs.fedoraproject.org//work/tasks/3685/11273685/build.log + +* Tue Sep 29 2015 Ravindra Kumar - 10.0.0-1 +- Package new upstream version open-vm-tools-10.0.0-3000743 + +* Wed Aug 26 2015 Simone Caronni - 9.10.2-2 +- Add license macro. +- Remove initscripts requirement (#1226369). +- Delete mount.vmhgfs instead of excluding from packaging, so the debug + information is not included in the package (#1190540). +- Be more explicit with configuration files, newer mock complains of files being + listed twice. + +* Tue Jul 07 2015 Ravindra Kumar - 9.10.2-1 +- Package new upstream version open-vm-tools-9.10.2-2822639 +- Removed the patches that are no longer needed + +* Wed Jun 17 2015 Fedora Release Engineering - 9.10.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Wed May 20 2015 Ravindra Kumar - 9.10.0-4 +- Claim ownership for /etc/vmware-tools directory + +* Fri May 15 2015 Ravindra Kumar - 9.10.0-3 +- Put Fedora 23 specific fix under a conditional, so that the change + can be backported to other branches easily if required. + +* Fri May 08 2015 Ravindra Kumar - 9.10.0-2 +- F23 has split gdk-pixbuf2-devel >= 2.31.3-5 into 3 packages, gdk-pixbuf2-devel, + gdk-pixbuf2-modules-devel, and gdk-pixbuf2-xlib-devel. gtk2-devel does not depend + on gdk-pixbuf2-xlib-devel. Therefore, we need to pull in gdk-pixbuf2-xlib-devel + dependency ourselves. + +* Thu Apr 30 2015 Ravindra Kumar - 9.10.0-1 +- Package new upstream version open-vm-tools-9.10.0-2476743 +- New version requires adding a new service vgauthd +- Removed old patches that are no longer needed +- Fix (asm_x86.patch) for correct GCC version check +- Fix (strerror_r.patch) for picking GNU signature of strerror_r +- Fix (toolboxcmd.patch) for compiling toolboxcmd-shrink.c with gcc 5.0.1 + +* Wed Feb 04 2015 Ravindra Kumar - 9.4.6-6 +- Added a patch for missing NetIpRouteConfigInfo (BZ#1189295) + +* Mon Jan 26 2015 David Tardon - 9.4.6-5 +- rebuild for ICU 54.1 + +* Wed Sep 24 2014 Simone Caronni - 9.4.6-4 +- Rebuild for new procps-ng version. + +* Tue Aug 26 2014 David Tardon - 9.4.6-3 +- rebuild for ICU 53.1 + +* Sun Aug 17 2014 Fedora Release Engineering - 9.4.6-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Wed Jul 16 2014 Ravindra Kumar - 9.4.6-1 +- Package new upstream version open-vm-tools-9.4.6-1770165 +- Added "autoreconf -i" and its build dependencies (autoconf, automake and libtool) + to generate configure script, this is required for version 9.4.6 as it does not + have configure script bundled in the tar +- Fix (sizeof_argument.patch) for bad sizeof argument error + +* Sat Jun 07 2014 Fedora Release Engineering - 9.4.0-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Wed Apr 23 2014 Ravindra Kumar - 9.4.0-9 +- Removed unnecessary package dependency on 'dbus' +- Moved 'vm-support' script to /usr/bin +- Added a call to 'tools.set.version' RPC to inform VMware + platform when open-vm-tools has been uninstalled + +* Wed Mar 26 2014 Ravindra Kumar - 9.4.0-8 +- Add missing package dependency on 'which' (BZ#1045709) + +* Tue Mar 25 2014 Ravindra Kumar - 9.4.0-7 +- Add -D_DEFAULT_SOURCE to suppress warning as suggested in + https://sourceware.org/bugzilla/show_bug.cgi?id=16632 + +* Fri Mar 21 2014 Ravindra Kumar - 9.4.0-6 +- Add missing package dependencies (BZ#1045709, BZ#1077320) + +* Tue Feb 18 2014 Igor Gnatenko - 9.4.0-5 +- Fix FTBFS g_info redefine (RHBZ #1063847) + +* Fri Feb 14 2014 David Tardon - 9.4.0-4 +- rebuild for new ICU + +* Tue Feb 11 2014 Richard W.M. Jones - 9.4.0-3 +- Only build on x86-64 for RHEL 7 (RHBZ#1054608). + +* Wed Dec 04 2013 Richard W.M. Jones - 9.4.0-2 +- Rebuild for procps SONAME bump. + +* Wed Nov 06 2013 Ravindra Kumar - 9.4.0-1 +- Package new upstream version open-vm-tools-9.4.0-1280544. +- Added CUSTOM_PROCPS_NAME=procps and -Wno-deprecated-declarations + for version 9.4.0. + +* Thu Aug 22 2013 Ravindra Kumar - 9.2.3-11 +- Added copyright and license text. +- Corrected summary for all packages. + +* Thu Aug 08 2013 Ravindra Kumar - 9.2.3-10 +- Added options for hardening build (bug 990549). +- Excluded unwanted file mount.vmhgfs from packaging (bug 990547). +- Removed deprecated key "Encoding" from "Desktop Entry" (bug 990552). + +* Sat Aug 03 2013 Fedora Release Engineering - 9.2.3-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Tue Jun 4 2013 Richard W.M. Jones - 9.2.3-8 +- RHEL 7 now includes libdnet, so re-enable it. + +* Fri May 24 2013 Richard W.M. Jones - 9.2.3-6 +- +BR gcc-c++. If this is missing it fails to build. +- On RHEL, disable libdnet. + +* Mon May 06 2013 Ravindra Kumar - 9.2.3-5 +- Renamed source file open-vm-tools.service -> vmtoolsd.service + to match it with the service name. + +* Wed May 01 2013 Ravindra Kumar - 9.2.3-4 +- Bumped the release to pick the new service definition with + no restart directive. + +* Mon Apr 29 2013 Ravindra Kumar - 9.2.3-3 +- open-vm-tools-9.2.3 require glib-2.14.0. + +* Mon Apr 29 2013 Ravindra Kumar - 9.2.3-2 +- Bumped the release to pick the new service definition. + +* Thu Apr 25 2013 Ravindra Kumar - 9.2.3-1 +- Package new upstream version open-vm-tools-9.2.3-1031360. +- Removed configure options CUSTOM_PROCPS_NAME (for libproc) and + -Wno-deprecated-declarations as these have been addressed in + open-vm-tools-9.2.3-1031360. + +* Wed Apr 24 2013 Ravindra Kumar - 9.2.2-12 +- Removed %%defattr and BuildRoot. +- Added ExclusiveArch. +- Replaced /usr/sbin/ldconfig with /sbin/ldconfig. + +* Mon Apr 22 2013 Ravindra Kumar - 9.2.2-11 +- Removed the conditional steps for old versions of Fedora and RHEL. + +* Thu Apr 18 2013 Ravindra Kumar - 9.2.2-10 +- Addressed formal review comments from Simone Caronni. +- Removed %%check section because 'make check' brings font file back. + +* Wed Apr 17 2013 Simone Caronni - 9.2.2-9 +- Removed rm command in %%check section. +- Remove blank character at the beginning of each changelog line. + +* Mon Apr 15 2013 Ravindra Kumar - 9.2.2-8 +- Removed FreeSans.ttf font file from packaging. +- Added 'rm' command to remove font file in %%check section because + 'make check' adds it back. +- Added doxygen dependency back. + +* Thu Apr 11 2013 Ravindra Kumar - 9.2.2-7 +- Applied patch from Simone for removal of --docdir option from configure. +- Removed unnecessary --enable-docs option from configure. +- Removed doxygen dependency. + +* Thu Apr 11 2013 Ravindra Kumar - 9.2.2-6 +- Replaced vmtoolsd with a variable. +- Changed summary for subpackages to be more specific. +- Removed drivers.txt file as we don't really need it. +- Fixed vmGuestLib ownership for devel package. +- Removed systemd-sysv from Requires for Fedora 18+ and RHEL 7+. +- Made all "if" conditions consistent. + +* Wed Apr 10 2013 Simone Caronni - 9.2.2-5 +- Added RHEL 5/6 init script. +- Renamed SysV init script / systemd service file to vmtoolsd. +- Fixed ownership of files from review. +- Moved api documentation in devel subpackage. +- Removed static libraries. + +* Tue Apr 09 2013 Ravindra Kumar - 9.2.2-4 +- Applied part of review fixes patch from Simone Caronni for systemd setup. +- Replaced tabs with spaces all over. + +* Tue Apr 09 2013 Ravindra Kumar - 9.2.2-3 +- Applied review fixes patch from Simone Caronni. +- Added missing *.a and *.so files for devel package. +- Removed unnecessary *.la plugin files from base package. + +* Mon Apr 08 2013 Ravindra Kumar - 9.2.2-2 +- Modified SPEC to follow the conventions and guidelines. +- Addressed review comments from Mohamed El Morabity. +- Added systemd script. +- Verified and built the RPMS for Fedora 18. +- Fixed rpmlint warnings. +- Split the UX components in a separate package for desktops. +- Split the help files in a separate package for help. +- Split the guestlib headers in a separate devel package. + +* Mon Jan 28 2013 Sankar Tanguturi - 9.2.2-1 +- Initial SPEC file to build open-vm-tools for Fedora 17.