rpms/open-vm-tools
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import open-vm-tools-11.0.0-4.el8

Browse Source
This commit is contained in:
CentOS Sources 2020-04-28 05:32:23 -04:00 committed by Andrew Lukoshko
parent 32aa4de0a8
commit 347254b743
29 changed files with 463 additions and 1894 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/open-vm-tools-10.3.10-12406962.tar.gz
SOURCES/open-vm-tools-11.0.0-14549434.tar.gz

2
.open-vm-tools.metadata
View File

@ -1 +1 @@
4f5fcf3f098aaddd3da24caa772575505e286ed7 SOURCES/open-vm-tools-10.3.10-12406962.tar.gz
c4b7df8636a02195151a51b46d1af2690cca7e78 SOURCES/open-vm-tools-11.0.0-14549434.tar.gz

69
SOURCES/0002-Fix-leaks-in-ListAliases-and-ListMappedAliases.patch Normal file
View File

@ -0,0 +1,69 @@
From 1128cfce9031891ff0da50131b75771582756ca1 Mon Sep 17 00:00:00 2001
From: Oliver Kurth <okurth@vmware.com>
Date: Wed, 2 Oct 2019 17:48:35 -0700
Subject: Fix leaks in ListAliases and ListMappedAliases.
The 'record' for each alias was being leaked.
---
open-vm-tools/services/plugins/vix/vixTools.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/open-vm-tools/services/plugins/vix/vixTools.c b/open-vm-tools/services/plugins/vix/vixTools.c
index 44bca5c..c40ad15 100644
--- a/open-vm-tools/services/plugins/vix/vixTools.c
+++ b/open-vm-tools/services/plugins/vix/vixTools.c
@@ -9762,7 +9762,6 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN
char *destPtr;
char *endDestPtr;
char *tmpBuf = NULL;
- char *recordBuf;
size_t recordSize;
char *escapedStr = NULL;
char *escapedStr2 = NULL;
@@ -9822,6 +9821,8 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN
destPtr += Str_Sprintf(destPtr, endDestPtr - destPtr, "%s",
VIX_XML_ESCAPED_TAG);
for (i = 0; i < num; i++) {
+ char *recordBuf = NULL;
+
escapedStr = VixToolsEscapeXMLString(uaList[i].pemCert);
if (escapedStr == NULL) {
err = VIX_E_OUT_OF_MEMORY;
@@ -9895,6 +9896,8 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN
Log("%s: ListAuth list results too large, truncating", __FUNCTION__);
goto abort;
}
+ free(recordBuf);
+ recordBuf = NULL;
}
*result = resultBuffer;
@@ -9960,7 +9963,6 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN
char *destPtr;
char *endDestPtr;
char *tmpBuf = NULL;
- char *recordBuf;
char *escapedStr = NULL;
char *escapedStr2 = NULL;
size_t recordSize;
@@ -10014,6 +10016,8 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN
destPtr += Str_Sprintf(destPtr, endDestPtr - destPtr, "%s",
VIX_XML_ESCAPED_TAG);
for (i = 0; i < num; i++) {
+ char *recordBuf = NULL;
+
escapedStr = VixToolsEscapeXMLString(maList[i].pemCert);
if (escapedStr == NULL) {
err = VIX_E_OUT_OF_MEMORY;
@@ -10085,6 +10089,8 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN
Log("%s: ListMapped results too large, truncating", __FUNCTION__);
goto abort;
}
+ free(recordBuf);
+ recordBuf = NULL;
}
*result = resultBuffer;
--
1.8.3.1

63
SOURCES/ovt-Address-Coverity-issues-reported-in-bora-lib-file-fi.patch Normal file
View File

@ -0,0 +1,63 @@
From d01520e206cc1e3ae658e8fb168ff3b4494fc1ef Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Tue, 3 Dec 2019 14:30:47 +0100
Subject: [PATCH 1/4] Address Coverity issues reported in bora/lib/file/file.c.
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20191203143050.23065-2-cavery@redhat.com>
Patchwork-id: 92833
O-Subject: [RHEL8.2 open-vm-tools PATCH 1/4] Address Coverity issues reported in bora/lib/file/file.c.
Bugzilla: 1769881
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 5ca2850b60de0f27c3f8c565d7b7e553acc2921f
Author: Oliver Kurth <okurth@vmware.com>
Date: Tue Aug 27 12:55:37 2019 -0700
Address Coverity issues reported in bora/lib/file/file.c.
Fix a minor memory leak in the function File_ExpandAndCheckDir.
Also add annotations for unchecked return values in functions
GetOldMachineID and File_MoveTree, so that Coverity scans of
open-vm-tools will automatically classify these issues as
"Intentional". These annotations are useful both for internal
use as well as for partners who run Coverity scans on open-vm-tools.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/lib/file/file.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/open-vm-tools/lib/file/file.c b/open-vm-tools/lib/file/file.c
index 7dae12c..774ec41 100644
--- a/open-vm-tools/lib/file/file.c
+++ b/open-vm-tools/lib/file/file.c
@@ -558,6 +558,7 @@ GetOldMachineID(void)
sizeof hardwareID);
/* Base 64 encode the binary data to obtain printable characters */
+ /* coverity[check_return] */
Base64_Encode(rawMachineID, sizeof rawMachineID, encodedMachineID,
sizeof encodedMachineID, NULL);
@@ -1437,6 +1438,7 @@ File_MoveTree(const char *srcName, // IN:
* Only clean up if we created the directory. Not attempting to
* clean up partial failures.
*/
+ /* coverity[check_return] */
File_DeleteDirectoryTree(dstName);
}
}
@@ -2186,6 +2188,7 @@ File_ExpandAndCheckDir(const char *dirName) // IN:
return edirName;
}
+ free(edirName);
}
return NULL;
--
1.8.3.1

61
SOURCES/ovt-Address-two-Coverity-reported-issues-in-hostinfoPosi.patch Normal file
View File

@ -0,0 +1,61 @@
From 805d013a5604b124177149be4d10384f58eff74b Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Tue, 3 Dec 2019 14:30:49 +0100
Subject: [PATCH 3/4] Address two Coverity-reported issues in hostinfoPosix.c.
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20191203143050.23065-4-cavery@redhat.com>
Patchwork-id: 92834
O-Subject: [RHEL8.2 open-vm-tools PATCH 3/4] Address two Coverity-reported issues in hostinfoPosix.c.
Bugzilla: 1769881
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 8a01c912927b5bb8cdbfa57f5e8c92e8cf792bef
Author: Oliver Kurth <okurth@vmware.com>
Date: Fri Nov 22 14:52:35 2019 -0800
Address two Coverity-reported issues in hostinfoPosix.c.
Rework some code with the intent of making it more straightfoward,
which also eliminates a false positive.
Check the return value from PosixUnlink and log a warning on error.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/lib/misc/hostinfoPosix.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/open-vm-tools/lib/misc/hostinfoPosix.c b/open-vm-tools/lib/misc/hostinfoPosix.c
index 348a67e..302452e 100644
--- a/open-vm-tools/lib/misc/hostinfoPosix.c
+++ b/open-vm-tools/lib/misc/hostinfoPosix.c
@@ -1127,10 +1127,7 @@ out:
if (success) {
result[nArgs - 1] = DynBuf_Detach(&b);
} else {
- if (nArgs != 0) {
- Util_FreeStringList(result, nArgs);
- }
-
+ Util_FreeStringList(result, nArgs);
result = NULL;
}
@@ -2884,7 +2881,10 @@ Hostinfo_Daemonize(const char *path, // IN: NUL-terminated UTF-8
* with another process attempting to daemonize and unlinking the
* file it created instead.
*/
- Posix_Unlink(pidPath);
+ if (Posix_Unlink(pidPath) != 0) {
+ Warning("%s: Unable to unlink %s: %u\n",
+ __FUNCTION__, pidPath, errno);
+ }
}
errno = err;
--
1.8.3.1

64
SOURCES/ovt-End-VGAuth-impersonation-in-the-case-of-error.patch
View File

@ -1,64 +0,0 @@
From 65f14ca791ac6636ad7d8a3d59941e52a5e3188c Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Thu, 25 Jul 2019 12:32:24 +0200
Subject: [PATCH 01/16] End VGAuth impersonation in the case of error.
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20190725123239.18274-2-cavery@redhat.com>
Patchwork-id: 89711
O-Subject: [RHEL8.1 open-vm-tools PATCH 01/16] End VGAuth impersonation in the case of error.
Bugzilla: 1602648
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 1535eb36e8293d753c29f1eaf6cd6d2165efb1ca
Author: Oliver Kurth <okurth@vmware.com>
Date: Tue Sep 4 15:40:58 2018 -0700
End VGAuth impersonation in the case of error.
* In GuestAuthPasswordAuthenticateImpersonate():
When VGAuth_UserHandleAccessToken fails, unimpersonation is not
being done. This can cause issues. Fixed it.
* In GuestAuthSAMLAuthenticateAndImpersonate(), fixed the following issues:
The 'newHandle' is not being freed which causes a memory leak.
When VGAuth_UserHandleAccessToken fails, unimpersonation is not
being done.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Partial port: Only the parts of the patch that addesses the coverity defects were backported.
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/services/plugins/vix/vixTools.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/services/plugins/vix/vixTools.c b/services/plugins/vix/vixTools.c
index 55b1f0a..2355beb 100644
--- a/services/plugins/vix/vixTools.c
+++ b/services/plugins/vix/vixTools.c
@@ -11630,8 +11630,8 @@ GuestAuthSAMLAuthenticateAndImpersonate(
{
#if SUPPORT_VGAUTH
VixError err;
- char *token;
- char *username;
+ char *token = NULL;
+ char *username = NULL;
VGAuthContext *ctx = NULL;
VGAuthError vgErr;
VGAuthUserHandle *newHandle = NULL;
@@ -11742,6 +11742,8 @@ impersonate:
err = VIX_OK;
done:
+ Util_ZeroFreeString(token);
+ Util_ZeroFreeString(username);
return err;
#else
--
1.8.3.1

106
SOURCES/ovt-End-VGAuth-impersonation-in-the-case-of-error2.patch
View File

@ -1,106 +0,0 @@
From 44f00e9dc569e7ec89251b415e156df0cb59ea07 Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Tue, 19 Nov 2019 14:16:05 +0100
Subject: [PATCH 2/3] End VGAuth impersonation in the case of error.
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20191119141606.5322-3-cavery@redhat.com>
Patchwork-id: 92512
O-Subject: [RHEL8.1.z open-vm-tools PATCH 2/3] End VGAuth impersonation in the case of error.
Bugzilla: 1773903
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 7b874f37f970aab2adddb063a8363594f47abf70
Author: Oliver Kurth <okurth@vmware.com>
Date: Tue Sep 4 15:40:58 2018 -0700
End VGAuth impersonation in the case of error.
* In GuestAuthPasswordAuthenticateImpersonate():
When VGAuth_UserHandleAccessToken fails, unimpersonation is not
being done. This can cause issues. Fixed it.
* In GuestAuthSAMLAuthenticateAndImpersonate(), fixed the following issues:
The 'newHandle' is not being freed which causes a memory leak.
When VGAuth_UserHandleAccessToken fails, unimpersonation is not
being done.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Conflicts: There was previously a parital port of this patch
commit 65f14ca791ac6636ad7d8a3d59941e52a5e3188c of coverity fixes only.
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
services/plugins/vix/vixTools.c | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/services/plugins/vix/vixTools.c b/services/plugins/vix/vixTools.c
index 2d60b86..7df91de 100644
--- a/services/plugins/vix/vixTools.c
+++ b/services/plugins/vix/vixTools.c
@@ -11552,6 +11552,7 @@ GuestAuthPasswordAuthenticateImpersonate(
VGAuthError vgErr;
VGAuthUserHandle *newHandle = NULL;
VGAuthExtraParams extraParams[1];
+ Bool impersonated = FALSE;
extraParams[0].name = VGAUTH_PARAM_LOAD_USER_PROFILE;
extraParams[0].value = VGAUTH_PARAM_VALUE_TRUE;
@@ -11587,6 +11588,8 @@ GuestAuthPasswordAuthenticateImpersonate(
goto done;
}
+ impersonated = TRUE;
+
#ifdef _WIN32
// this is making a copy of the token, be sure to close it
vgErr = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken);
@@ -11606,6 +11609,10 @@ done:
Util_ZeroFreeString(password);
if (VIX_OK != err) {
+ if (impersonated) {
+ vgErr = VGAuth_EndImpersonation(ctx);
+ ASSERT(vgErr == VGAUTH_E_OK);
+ }
VGAuth_UserHandleFree(newHandle);
newHandle = NULL;
}
@@ -11646,6 +11653,7 @@ GuestAuthSAMLAuthenticateAndImpersonate(
VGAuthError vgErr;
VGAuthUserHandle *newHandle = NULL;
VGAuthExtraParams extraParams[1];
+ Bool impersonated = FALSE;
extraParams[0].name = VGAUTH_PARAM_LOAD_USER_PROFILE;
extraParams[0].value = VGAUTH_PARAM_VALUE_TRUE;
@@ -11737,6 +11745,8 @@ impersonate:
goto done;
}
+ impersonated = TRUE;
+
#ifdef _WIN32
// this is making a copy of the token, be sure to close it
vgErr = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken);
@@ -11755,6 +11765,15 @@ done:
Util_ZeroFreeString(token);
Util_ZeroFreeString(username);
+ if (VIX_OK != err) {
+ if (impersonated) {
+ vgErr = VGAuth_EndImpersonation(ctx);
+ ASSERT(vgErr == VGAUTH_E_OK);
+ }
+ VGAuth_UserHandleFree(newHandle);
+ newHandle = NULL;
+ }
+
return err;
#else
return VIX_E_NOT_SUPPORTED;
--
1.8.3.1

225
SOURCES/ovt-Fix-Coverity-reported-double-memory-free-errors.patch
View File

@ -1,225 +0,0 @@
From d477b6e21915d5099018f4fc4b60f257bb593d72 Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Thu, 25 Jul 2019 12:32:33 +0200
Subject: [PATCH 10/16] Fix Coverity-reported double memory free errors.
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20190725123239.18274-11-cavery@redhat.com>
Patchwork-id: 89725
O-Subject: [RHEL8.1 open-vm-tools PATCH 10/16] Fix Coverity-reported double memory free errors.
Bugzilla: 1602648
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 801df14f0e2b32aea17771bbd33d65140ff2361c
Author: Oliver Kurth <okurth@vmware.com>
Date: Wed May 8 15:27:19 2019 -0700
Fix Coverity-reported double memory free errors.
Similar double memory free errors were reported in each of two
functions, VixToolsListAuthAliases and VixToolsListMappedAliases.
The fixes for each function are similar: be consistent in using
tmpBuf2 (renamed tmpBuf) as the pointer to the overall buffer being
computed and tmpBuf (renamed nextBuf) as the "next" version of the
buffer. Specifically, in the computation of recordBuf following exit
from the for loop, use the variable formerly known as tmpBuf2 rather
than the one formerly known as tmpBuf.
The variables were renamed in an attempt to distinguish more clearly
between them and how they are used. Also, with these changes in
place, it's evident that there's no need to free nextBuf in the abort
case and as a result its scope can be limited.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/services/plugins/vix/vixTools.c | 88 ++++++++++++++-------------
1 file changed, 45 insertions(+), 43 deletions(-)
diff --git a/services/plugins/vix/vixTools.c b/services/plugins/vix/vixTools.c
index 2355beb..ef26742 100644
--- a/services/plugins/vix/vixTools.c
+++ b/services/plugins/vix/vixTools.c
@@ -9616,7 +9616,6 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN
char *destPtr;
char *endDestPtr;
char *tmpBuf = NULL;
- char *tmpBuf2 = NULL;
char *recordBuf;
size_t recordSize;
char *escapedStr = NULL;
@@ -9681,15 +9680,17 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN
err = VIX_E_OUT_OF_MEMORY;
goto abort;
}
- tmpBuf2 = Str_Asprintf(NULL, "<record><pemCert>%s</pemCert>",
- escapedStr);
+ tmpBuf = Str_Asprintf(NULL, "<record><pemCert>%s</pemCert>",
+ escapedStr);
free(escapedStr);
escapedStr = NULL;
- if (tmpBuf2 == NULL) {
+ if (tmpBuf == NULL) {
err = VIX_E_OUT_OF_MEMORY;
goto abort;
}
for (j = 0; j < uaList[i].numInfos; j++) {
+ char *nextBuf;
+
if (uaList[i].infos[j].comment) {
escapedStr = VixToolsEscapeXMLString(uaList[i].infos[j].comment);
if (escapedStr == NULL) {
@@ -9704,25 +9705,26 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN
goto abort;
}
}
- tmpBuf = Str_Asprintf(NULL,
- "%s"
- "<alias>"
- "<type>%d</type>"
- "<name>%s</name>"
- "<comment>%s</comment>"
- "</alias>",
- tmpBuf2,
- (uaList[i].infos[j].subject.type == VGAUTH_SUBJECT_NAMED)
- ? VIX_GUEST_AUTH_SUBJECT_TYPE_NAMED :
- VIX_GUEST_AUTH_SUBJECT_TYPE_ANY,
- escapedStr2 ? escapedStr2 : "",
- escapedStr ? escapedStr : "");
- if (tmpBuf == NULL) {
+ nextBuf = Str_Asprintf(NULL,
+ "%s"
+ "<alias>"
+ "<type>%d</type>"
+ "<name>%s</name>"
+ "<comment>%s</comment>"
+ "</alias>",
+ tmpBuf,
+ (uaList[i].infos[j].subject.type ==
+ VGAUTH_SUBJECT_NAMED) ?
+ VIX_GUEST_AUTH_SUBJECT_TYPE_NAMED :
+ VIX_GUEST_AUTH_SUBJECT_TYPE_ANY,
+ escapedStr2 ? escapedStr2 : "",
+ escapedStr ? escapedStr : "");
+ if (nextBuf == NULL) {
err = VIX_E_OUT_OF_MEMORY;
goto abort;
}
- free(tmpBuf2);
- tmpBuf2 = tmpBuf;
+ free(tmpBuf);
+ tmpBuf = nextBuf;
free(escapedStr);
escapedStr = NULL;
free(escapedStr2);
@@ -9732,7 +9734,7 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN
"%s</record>",
tmpBuf);
free(tmpBuf);
- tmpBuf = tmpBuf2 = NULL;
+ tmpBuf = NULL;
if (recordBuf == NULL) {
err = VIX_E_OUT_OF_MEMORY;
goto abort;
@@ -9752,7 +9754,6 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN
abort:
free(tmpBuf);
- free(tmpBuf2);
free(escapedStr);
free(escapedStr2);
VGAuth_FreeUserAliasList(num, uaList);
@@ -9812,7 +9813,6 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN
char *destPtr;
char *endDestPtr;
char *tmpBuf = NULL;
- char *tmpBuf2 = NULL;
char *recordBuf;
char *escapedStr = NULL;
char *escapedStr2 = NULL;
@@ -9876,19 +9876,21 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN
err = VIX_E_OUT_OF_MEMORY;
goto abort;
}
- tmpBuf2 = Str_Asprintf(NULL, "<record><pemCert>%s</pemCert>"
- "<userName>%s</userName>",
- escapedStr,
- escapedStr2);
+ tmpBuf = Str_Asprintf(NULL, "<record><pemCert>%s</pemCert>"
+ "<userName>%s</userName>",
+ escapedStr,
+ escapedStr2);
g_free(escapedStr2);
g_free(escapedStr);
escapedStr = NULL;
escapedStr2 = NULL;
- if (tmpBuf2 == NULL) {
+ if (tmpBuf == NULL) {
err = VIX_E_OUT_OF_MEMORY;
goto abort;
}
for (j = 0; j < maList[i].numSubjects; j++) {
+ char *nextBuf;
+
if (maList[i].subjects[j].type == VGAUTH_SUBJECT_NAMED) {
escapedStr = VixToolsEscapeXMLString(maList[i].subjects[j].val.name);
if (escapedStr == NULL) {
@@ -9896,23 +9898,24 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN
goto abort;
}
}
- tmpBuf = Str_Asprintf(NULL,
- "%s"
- "<alias>"
- "<type>%d</type>"
- "<name>%s</name>"
- "</alias>",
- tmpBuf2,
- (maList[i].subjects[j].type == VGAUTH_SUBJECT_NAMED)
- ? VIX_GUEST_AUTH_SUBJECT_TYPE_NAMED :
- VIX_GUEST_AUTH_SUBJECT_TYPE_ANY,
+ nextBuf = Str_Asprintf(NULL,
+ "%s"
+ "<alias>"
+ "<type>%d</type>"
+ "<name>%s</name>"
+ "</alias>",
+ tmpBuf,
+ (maList[i].subjects[j].type ==
+ VGAUTH_SUBJECT_NAMED) ?
+ VIX_GUEST_AUTH_SUBJECT_TYPE_NAMED :
+ VIX_GUEST_AUTH_SUBJECT_TYPE_ANY,
escapedStr ? escapedStr : "");
- if (tmpBuf == NULL) {
+ if (nextBuf == NULL) {
err = VIX_E_OUT_OF_MEMORY;
goto abort;
}
- free(tmpBuf2);
- tmpBuf2 = tmpBuf;
+ free(tmpBuf);
+ tmpBuf = nextBuf;
free(escapedStr);
escapedStr = NULL;
}
@@ -9920,7 +9923,7 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN
"%s</record>",
tmpBuf);
free(tmpBuf);
- tmpBuf = tmpBuf2 = NULL;
+ tmpBuf = NULL;
if (recordBuf == NULL) {
err = VIX_E_OUT_OF_MEMORY;
goto abort;
@@ -9940,7 +9943,6 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN
abort:
free(tmpBuf);
- free(tmpBuf2);
free(escapedStr);
free(escapedStr2);
VGAuth_FreeMappedAliasList(num, maList);
--
1.8.3.1

153
SOURCES/ovt-Fix-Coverity-reported-issues-in-i18n.c-code-VMTools-.patch
View File

@ -1,153 +0,0 @@
From bbfccc2561b125971d714baba5c4aa97e6fdd181 Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Thu, 25 Jul 2019 12:32:29 +0200
Subject: [PATCH 06/16] Fix Coverity reported issues in i18n.c code - VMTools &
VGAuth
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20190725123239.18274-7-cavery@redhat.com>
Patchwork-id: 89713
O-Subject: [RHEL8.1 open-vm-tools PATCH 06/16] Fix Coverity reported issues in i18n.c code - VMTools & VGAuth
Bugzilla: 1602648
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 642d7a61db13969f9fb654ad1cc0d879bf680612
Author: Oliver Kurth <okurth@vmware.com>
Date: Tue Apr 30 13:24:25 2019 -0700
Fix Coverity reported issues in i18n.c code - VMTools & VGAuth
bora-vmsoft/apps/vmtoolsbib/i18n.c: MsgLoadCatalog()
- Coverity reported memory leak when an error is encountered parsing a
line from a message catalog.
- Second memory leak on error missed.
bora-vmsoft/vgauth/common/i18n.c: MsgLoadCatalog()
- Coverity reported some dead code.
- Missed reporting memory leak when error is encountered parsing a
line from a message catalog.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Conflicts: Minor copyright
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/libvmtools/i18n.c | 10 ++++++----
open-vm-tools/vgauth/common/i18n.c | 19 +++++++++----------
2 files changed, 15 insertions(+), 14 deletions(-)
diff --git a/libvmtools/i18n.c b/libvmtools/i18n.c
index e4803ab..7dc0092 100644
--- a/libvmtools/i18n.c
+++ b/libvmtools/i18n.c
@@ -1,5 +1,5 @@
/*********************************************************
- * Copyright (C) 2010-2016 VMware, Inc. All rights reserved.
+ * Copyright (C) 2010-2019 VMware, Inc. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
@@ -604,7 +604,7 @@ MsgLoadCatalog(const char *path)
/*
* If not a continuation line and we have a name, break out of the
- * inner loop to update the dictionaty.
+ * inner loop to update the dictionary.
*/
if (!cont && name != NULL) {
g_free(line);
@@ -624,6 +624,8 @@ MsgLoadCatalog(const char *path)
}
if (error) {
+ free(name);
+ free(value);
break;
}
@@ -634,6 +636,8 @@ MsgLoadCatalog(const char *path)
!Unicode_IsBufferValid(value, strlen(value) + 1, STRING_ENCODING_UTF8)) {
g_warning("Invalid UTF-8 string in message catalog (key = %s)\n", name);
error = TRUE;
+ free(name);
+ free(value);
break;
}
@@ -641,8 +645,6 @@ MsgLoadCatalog(const char *path)
HashTable_ReplaceOrInsert(dict, name, g_strdup(value));
free(name);
free(value);
- name = NULL;
- value = NULL;
}
if (eof) {
diff --git a/vgauth/common/i18n.c b/vgauth/common/i18n.c
index 85a435a..5580765 100644
--- a/vgauth/common/i18n.c
+++ b/vgauth/common/i18n.c
@@ -1,5 +1,5 @@
/*********************************************************
- * Copyright (C) 2011-2017 VMware, Inc. All rights reserved.
+ * Copyright (C) 2011-2019 VMware, Inc. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
@@ -571,7 +571,6 @@ MsgLoadCatalog(const char *path)
g_free,
g_free);
for (;;) {
- gboolean eof = FALSE;
char *name = NULL;
char *value = NULL;
gchar *line;
@@ -593,7 +592,7 @@ MsgLoadCatalog(const char *path)
}
if (line == NULL) {
- eof = TRUE;
+ /* This signifies EOF. */
break;
}
@@ -619,6 +618,10 @@ MsgLoadCatalog(const char *path)
g_free(line);
if (error) {
+ /*
+ * If the local DictLL_UnmarshalLine() returns NULL, name and value
+ * will remain NULL pointers. No malloc'ed memory to free here.
+ */
break;
}
@@ -630,6 +633,8 @@ MsgLoadCatalog(const char *path)
!g_utf8_validate(value, -1, NULL)) {
g_warning("Invalid UTF-8 string in message catalog (key = %s)\n", name);
error = TRUE;
+ g_free(name);
+ g_free(value);
break;
}
@@ -637,14 +642,8 @@ MsgLoadCatalog(const char *path)
val = g_strcompress(value);
g_free(value);
- // the hashtable takes ownership of the memory for 'name' and 'value'
+ // the hashtable takes ownership of the memory for 'name' and 'val'
g_hash_table_insert(dict, name, val);
- name = NULL;
- value = NULL;
- }
-
- if (eof) {
- break;
}
}
--
1.8.3.1

120
SOURCES/ovt-Fix-RH-Covscan-Coverity-reported-memory-leaks-in-too.patch
View File

@ -1,120 +0,0 @@
From 0b243aef3307a07fd12171dc82ee3d3b867c3f49 Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Thu, 25 Jul 2019 12:32:35 +0200
Subject: [PATCH 12/16] Fix [RH Covscan] Coverity reported memory leaks in
toolboxcmd-stat.c.
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20190725123239.18274-13-cavery@redhat.com>
Patchwork-id: 89724
O-Subject: [RHEL8.1 open-vm-tools PATCH 12/16] Fix [RH Covscan] Coverity reported memory leaks in toolboxcmd-stat.c.
Bugzilla: 1602648
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 46cb6aa361cc8b1d287e3b9b77bf86819b4b1fc5
Author: Oliver Kurth <okurth@vmware.com>
Date: Wed May 22 13:09:37 2019 -0700
Fix [RH Covscan] Coverity reported memory leaks in toolboxcmd-stat.c.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/toolbox/toolboxcmd-stat.c | 19 +++++++++++--------
1 file changed, 11 insertions(+), 8 deletions(-)
diff --git a/toolbox/toolboxcmd-stat.c b/toolbox/toolboxcmd-stat.c
index 764e4ae..cdd3a70 100644
--- a/toolbox/toolboxcmd-stat.c
+++ b/toolbox/toolboxcmd-stat.c
@@ -1,5 +1,5 @@
/*********************************************************
- * Copyright (C) 2008-2016 VMware, Inc. All rights reserved.
+ * Copyright (C) 2008-2016,2019 VMware, Inc. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
@@ -56,6 +56,7 @@ OpenHandle(VMGuestLibHandle *glHandle, // OUT: The guestlib handle
ToolsCmd_PrintErr(SU_(stat.openhandle.failed,
"OpenHandle failed: %s\n"),
VMGuestLib_GetErrorText(*glError));
+ *glHandle = NULL;
return EX_UNAVAILABLE;
}
*glError = VMGuestLib_UpdateInfo(*glHandle);
@@ -63,6 +64,8 @@ OpenHandle(VMGuestLibHandle *glHandle, // OUT: The guestlib handle
ToolsCmd_PrintErr(SU_(stat.update.failed,
"UpdateInfo failed: %s\n"),
VMGuestLib_GetErrorText(*glError));
+ VMGuestLib_CloseHandle(*glHandle);
+ *glHandle = NULL;
return EX_TEMPFAIL;
}
return 0; // We don't return EXIT_SUCCESSS to indicate that this is not
@@ -192,7 +195,7 @@ StatHostTime(void)
static int
StatGetSessionID(void)
{
- int exitStatus = EXIT_SUCCESS;
+ int exitStatus;
uint64 session;
VMGuestLibHandle glHandle;
VMGuestLibError glError;
@@ -236,7 +239,7 @@ StatGetSessionID(void)
static int
StatGetMemoryBallooned(void)
{
- int exitStatus = EXIT_SUCCESS;
+ int exitStatus;
uint32 memBallooned;
VMGuestLibHandle glHandle;
VMGuestLibError glError;
@@ -280,7 +283,7 @@ StatGetMemoryBallooned(void)
static int
StatGetMemoryReservation(void)
{
- int exitStatus = EXIT_SUCCESS;
+ int exitStatus;
uint32 memReservation;
VMGuestLibHandle glHandle;
VMGuestLibError glError;
@@ -325,7 +328,7 @@ StatGetMemoryReservation(void)
static int
StatGetMemorySwapped(void)
{
- int exitStatus = EXIT_SUCCESS;
+ int exitStatus;
uint32 memSwapped;
VMGuestLibHandle glHandle;
VMGuestLibError glError;
@@ -369,7 +372,7 @@ StatGetMemorySwapped(void)
static int
StatGetMemoryLimit(void)
{
- int exitStatus = EXIT_SUCCESS;
+ int exitStatus;
uint32 memLimit;
VMGuestLibHandle glHandle;
VMGuestLibError glError;
@@ -413,7 +416,7 @@ StatGetMemoryLimit(void)
static int
StatGetCpuReservation(void)
{
- int exitStatus = EXIT_SUCCESS;
+ int exitStatus;
uint32 cpuReservation;
VMGuestLibHandle glHandle;
VMGuestLibError glError;
@@ -457,7 +460,7 @@ StatGetCpuReservation(void)
static int
StatGetCpuLimit(void)
{
- int exitStatus = EXIT_SUCCESS;
+ int exitStatus;
uint32 cpuLimit;
VMGuestLibHandle glHandle;
VMGuestLibError glError;
--
1.8.3.1

58
SOURCES/ovt-Fix-Using-uninitialized-value-issue-reported-by-Cove.patch
View File

@ -1,58 +0,0 @@
From e94fc95c580ce75ccc34793ffb000d9765ebe3d3 Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Thu, 25 Jul 2019 12:32:36 +0200
Subject: [PATCH 13/16] Fix 'Using uninitialized value' issue reported by
Coverity.
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20190725123239.18274-14-cavery@redhat.com>
Patchwork-id: 89714
O-Subject: [RHEL8.1 open-vm-tools PATCH 13/16] Fix 'Using uninitialized value' issue reported by Coverity.
Bugzilla: 1602648
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit f456a5938662175b914ffcb53c6284835476268f
Author: Oliver Kurth <okurth@vmware.com>
Date: Mon Jun 17 11:41:37 2019 -0700
Fix 'Using uninitialized value' issue reported by Coverity.
* In a error code path, 'exitCode' variable is used without
any initialization. This issue was reported by the Coverity.
Fixed it by initializing the 'exitCode' to -1.
* While fixing this, moved the variables to the if block where
they are acutally used.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/lib/procMgr/procMgrPosix.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/procMgr/procMgrPosix.c b/lib/procMgr/procMgrPosix.c
index 3ff98eb..fe26d42 100644
--- a/lib/procMgr/procMgrPosix.c
+++ b/lib/procMgr/procMgrPosix.c
@@ -1582,8 +1582,6 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line
ProcMgr_AsyncProc *asyncProc = NULL;
pid_t pid;
int fds[2];
- Bool validExitCode = FALSE;
- int exitCode;
pid_t resultPid;
int readFd, writeFd;
@@ -1608,6 +1606,8 @@ ProcMgr_ExecAsync(char const *cmd, // IN: UTF-8 command line
int i, maxfd;
Bool status = TRUE;
pid_t childPid = -1;
+ Bool validExitCode = FALSE;
+ int exitCode = -1;
/*
* Child
--
1.8.3.1

59
SOURCES/ovt-Fix-a-Coverity-issue-reported-in-vgauth-serviceImpl-.patch
View File

@ -1,59 +0,0 @@
From d14e2604b04f1b6b28eaa281f7760c89b2d2b4eb Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Thu, 25 Jul 2019 12:32:38 +0200
Subject: [PATCH 15/16] Fix a Coverity issue reported in
vgauth/serviceImpl/verify.c
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20190725123239.18274-16-cavery@redhat.com>
Patchwork-id: 89718
O-Subject: [RHEL8.1 open-vm-tools PATCH 15/16] Fix a Coverity issue reported in vgauth/serviceImpl/verify.c
Bugzilla: 1602648
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 0c6ad5edceca60dc05eb9f3b1ee6ac42dc0455ef
Author: Oliver Kurth <okurth@vmware.com>
Date: Wed Jul 3 14:28:56 2019 -0700
Fix a Coverity issue reported in vgauth/serviceImpl/verify.c
Signed-off-by: Cathy Avery <cavery@redhat.com>
Conflicts: Minor copyright change
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/vgauth/serviceImpl/verify.c | 10 ++--------
1 file changed, 2 insertions(+), 8 deletions(-)
diff --git a/vgauth/serviceImpl/verify.c b/vgauth/serviceImpl/verify.c
index e9a7531..9f90a79 100644
--- a/vgauth/serviceImpl/verify.c
+++ b/vgauth/serviceImpl/verify.c
@@ -1,5 +1,5 @@
/*********************************************************
- * Copyright (C) 2011-2017 VMware, Inc. All rights reserved.
+ * Copyright (C) 2011-2019 VMware, Inc. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
@@ -42,15 +42,9 @@
VGAuthError
ServiceInitVerify(void)
{
- VGAuthError err;
CertVerify_Init();
- err = SAML_Init();
- if (err != VGAUTH_E_OK) {
- goto done;
- }
-done:
- return err;
+ return SAML_Init();
}
--
1.8.3.1

47
SOURCES/ovt-Fix-a-leak-if-VGAuth-setup-fails.-Coverity-issue.patch
View File

@ -1,47 +0,0 @@
From 2b3c17a1036e1b0db85fef8b1033505949cf7079 Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Thu, 25 Jul 2019 12:32:26 +0200
Subject: [PATCH 03/16] Fix a leak if VGAuth setup fails. Coverity issue
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20190725123239.18274-4-cavery@redhat.com>
Patchwork-id: 89709
O-Subject: [RHEL8.1 open-vm-tools PATCH 03/16] Fix a leak if VGAuth setup fails. Coverity issue
Bugzilla: 1602648
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 82169f198925c9aa27bd04fd665eac67396adbe7
Author: Oliver Kurth <okurth@vmware.com>
Date: Mon Apr 15 11:33:00 2019 -0700
Fix a leak if VGAuth setup fails. Coverity issue
Signed-off-by: Cathy Avery <cavery@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/vgauth/serviceImpl/service.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/vgauth/serviceImpl/service.c b/vgauth/serviceImpl/service.c
index 6779530..d471652 100644
--- a/vgauth/serviceImpl/service.c
+++ b/vgauth/serviceImpl/service.c
@@ -1,5 +1,5 @@
/*********************************************************
- * Copyright (C) 2011-2016 VMware, Inc. All rights reserved.
+ * Copyright (C) 2011-2016,2019 VMware, Inc. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
@@ -173,6 +173,7 @@ ServiceCreatePublicConnection(ServiceConnection **returnConn) // OUT
if (VGAUTH_E_OK != err) {
Warning("%s: failed to setup public listen channel\n", __FUNCTION__);
+ ServiceConnectionShutdown(newConn);
return err;
}
--
1.8.3.1

140
SOURCES/ovt-Fix-a-memory-leak-in-the-unicode-library.patch
View File

@ -1,140 +0,0 @@
From e8686de42164135f78a0212e1bd8ad5b24ee60a0 Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Thu, 25 Jul 2019 12:32:30 +0200
Subject: [PATCH 07/16] Fix a memory leak in the unicode library.
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20190725123239.18274-8-cavery@redhat.com>
Patchwork-id: 89717
O-Subject: [RHEL8.1 open-vm-tools PATCH 07/16] Fix a memory leak in the unicode library.
Bugzilla: 1602648
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 9e6e3afa5b5c3dc11c7aa79454ca4c8184c87bdf
Author: Oliver Kurth <okurth@vmware.com>
Date: Tue Apr 30 13:24:25 2019 -0700
Fix a memory leak in the unicode library.
Ensure that allocated strings are freed before returning a failure.
The ASSERTs have never been known to fire; a warning in a obj
build will help with debugging. The warning should "never" happen.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/lib/unicode/unicodeICU.c | 30 +++++++++++++++++-------------
1 file changed, 17 insertions(+), 13 deletions(-)
diff --git a/lib/unicode/unicodeICU.c b/lib/unicode/unicodeICU.c
index b63932e..b9b2dbb 100644
--- a/lib/unicode/unicodeICU.c
+++ b/lib/unicode/unicodeICU.c
@@ -1,5 +1,5 @@
/*********************************************************
- * Copyright (C) 2008-2016 VMware, Inc. All rights reserved.
+ * Copyright (C) 2008-2019 VMware, Inc. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
@@ -275,7 +275,7 @@ Unicode_ToLower(const char *str, // IN
*/
// Most lower-case operations don't change the length of the string.
- utf8Dest = (char *)Util_SafeMalloc(destCapacity);
+ utf8Dest = Util_SafeMalloc(destCapacity);
caseMap = ucasemap_open(locale, 0, &status);
if (U_FAILURE(status)) {
@@ -295,7 +295,7 @@ Unicode_ToLower(const char *str, // IN
// If we need a bigger buffer, then reallocate and retry.
destCapacity = destLen + 1;
- utf8Dest = (char *)Util_SafeRealloc(utf8Dest, destCapacity);
+ utf8Dest = Util_SafeRealloc(utf8Dest, destCapacity);
status = U_ZERO_ERROR;
destLen = ucasemap_utf8ToLower(caseMap,
@@ -311,8 +311,9 @@ Unicode_ToLower(const char *str, // IN
if (U_SUCCESS(status) && status != U_STRING_NOT_TERMINATED_WARNING) {
result = utf8Dest;
} else {
- ASSERT(U_SUCCESS(status));
- ASSERT(status != U_STRING_NOT_TERMINATED_WARNING);
+ DEBUG_ONLY(Warning("%s: Invalid UTF-8 string detected.\n",
+ __FUNCTION__));
+ free(utf8Dest);
}
return result;
@@ -356,7 +357,7 @@ Unicode_ToUpper(const char *str, // IN
char *result = NULL;
// Most upper-case operations don't change the length of the string.
- utf8Dest = (char *)Util_SafeMalloc(destCapacity);
+ utf8Dest = Util_SafeMalloc(destCapacity);
caseMap = ucasemap_open(locale, 0, &status);
if (U_FAILURE(status)) {
@@ -376,7 +377,7 @@ Unicode_ToUpper(const char *str, // IN
// If we need a bigger buffer, then reallocate and retry.
destCapacity = destLen + 1;
- utf8Dest = (char *)Util_SafeRealloc(utf8Dest, destCapacity);
+ utf8Dest = Util_SafeRealloc(utf8Dest, destCapacity);
status = U_ZERO_ERROR;
destLen = ucasemap_utf8ToUpper(caseMap,
@@ -392,13 +393,15 @@ Unicode_ToUpper(const char *str, // IN
if (U_SUCCESS(status) && status != U_STRING_NOT_TERMINATED_WARNING) {
result = utf8Dest;
} else {
- ASSERT(U_SUCCESS(status));
- ASSERT(status != U_STRING_NOT_TERMINATED_WARNING);
+ DEBUG_ONLY(Warning("%s: Invalid UTF-8 string detected.\n",
+ __FUNCTION__));
+ free(utf8Dest);
}
return result;
}
+
/*
* "ucasemap_utf8ToTitle" is not in version 3.6 of the ICU library,
* which appears to be the default on many systems...
@@ -447,7 +450,7 @@ Unicode_ToTitle(const char *str, // IN
char *result = NULL;
// Most title-case operations don't change the length of the string.
- utf8Dest = (char *)Util_SafeMalloc(destCapacity);
+ utf8Dest = Util_SafeMalloc(destCapacity);
caseMap = ucasemap_open(locale, 0, &status);
if (U_FAILURE(status)) {
@@ -467,7 +470,7 @@ Unicode_ToTitle(const char *str, // IN
// If we need a bigger buffer, then reallocate and retry.
destCapacity = destLen + 1;
- utf8Dest = (char *)Util_SafeRealloc(utf8Dest, destCapacity);
+ utf8Dest = Util_SafeRealloc(utf8Dest, destCapacity);
status = U_ZERO_ERROR;
destLen = ucasemap_utf8ToTitle(caseMap,
@@ -483,8 +486,9 @@ Unicode_ToTitle(const char *str, // IN
if (U_SUCCESS(status) && status != U_STRING_NOT_TERMINATED_WARNING) {
result = utf8Dest;
} else {
- ASSERT(U_SUCCESS(status));
- ASSERT(status != U_STRING_NOT_TERMINATED_WARNING);
+ DEBUG_ONLY(Warning("%s: Invalid UTF-8 string detected.\n",
+ __FUNCTION__));
+ free(utf8Dest);
}
return result;
--
1.8.3.1

54
SOURCES/ovt-Fix-a-potential-NULL-pointer-dereference-in-the-vmba.patch Normal file
View File

@ -0,0 +1,54 @@
From 6c6daa468c9a1ad1ad4d5bf727008d029d009a50 Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Tue, 3 Dec 2019 14:30:48 +0100
Subject: [PATCH 2/4] Fix a potential NULL pointer dereference in the vmbackup
plugin.
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20191203143050.23065-3-cavery@redhat.com>
Patchwork-id: 92836
O-Subject: [RHEL8.2 open-vm-tools PATCH 2/4] Fix a potential NULL pointer dereference in the vmbackup plugin.
Bugzilla: 1769881
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 0bb6cf83fb6b1f80c99beb11cd47e0db02e252ff
Author: Oliver Kurth <okurth@vmware.com>
Date: Fri Nov 22 14:52:35 2019 -0800
Fix a potential NULL pointer dereference in the vmbackup plugin.
In some circumtances, VmBackupAsyncCallback might dereference
gBackupState after calling VmBackupDoAbort even though the
latter function can potentially set gBackupState to NULL. Add
a check to prevent the potential NULL pointer dereference.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/services/plugins/vmbackup/stateMachine.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/open-vm-tools/services/plugins/vmbackup/stateMachine.c b/open-vm-tools/services/plugins/vmbackup/stateMachine.c
index 6b42286..5c01a7b 100644
--- a/open-vm-tools/services/plugins/vmbackup/stateMachine.c
+++ b/open-vm-tools/services/plugins/vmbackup/stateMachine.c
@@ -675,6 +675,15 @@ VmBackupAsyncCallback(void *clientData)
if (gBackupState->rpcState == VMBACKUP_RPC_STATE_ERROR) {
g_warning("Aborting backup operation due to RPC errors.");
VmBackupDoAbort();
+
+ /*
+ * Check gBackupState, since the abort could cause a transition to
+ * VMBACKUP_MSTATE_IDLE, in which case the VmBackupState structure
+ * would be freed and gBackupState would be NULL.
+ */
+ if (gBackupState == NULL) {
+ return FALSE;
+ }
goto exit;
}
}
--
1.8.3.1

90
SOURCES/ovt-Fix-a-resource-leak-issue-in-deployPkg.patch Normal file
View File

@ -0,0 +1,90 @@
From acf9aa0dce71106f3603398a7b6984ff91dd0eda Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Tue, 3 Dec 2019 14:30:50 +0100
Subject: [PATCH 4/4] Fix a resource leak issue in deployPkg
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20191203143050.23065-5-cavery@redhat.com>
Patchwork-id: 92837
O-Subject: [RHEL8.2 open-vm-tools PATCH 4/4] Fix a resource leak issue in deployPkg
Bugzilla: 1769881
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 2ffd2913088505d8249fa342b0ee8e5002a69108
Author: Oliver Kurth <okurth@vmware.com>
Date: Fri Nov 22 14:52:35 2019 -0800
Fix a resource leak issue in deployPkg
Variable file going out of scope in error path leaks the storage it
points to. Added fclose before return when malloc failed.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/libDeployPkg/linuxDeployment.c | 23 ++++++++++++++---------
1 file changed, 14 insertions(+), 9 deletions(-)
diff --git a/open-vm-tools/libDeployPkg/linuxDeployment.c b/open-vm-tools/libDeployPkg/linuxDeployment.c
index 1af0893..4f36a00 100644
--- a/open-vm-tools/libDeployPkg/linuxDeployment.c
+++ b/open-vm-tools/libDeployPkg/linuxDeployment.c
@@ -824,17 +824,18 @@ TransitionState(const char* stateFrom, const char* stateTo)
*
*-----------------------------------------------------------------------------
*/
-static char*
-GetNicsToEnable(const char* dir)
+
+static char *
+GetNicsToEnable(const char *dir)
{
/*
- * The file nics.txt will list ordinal number of all nics to enable separated by
- * a ",". In current architecture we can have max 4 nics. So we just have to read
- * maximum of 7 characters. This code uses 1024 chars to make sure any future
- * needs are accomodated.
+ * The file nics.txt will list ordinal number of all nics to enable separated
+ * by a ",". In current architecture we can have max 4 nics. So we just have
+ * to read maximum of 7 characters. This code uses 1024 chars to make sure
+ * any future needs are accomodated.
*/
static const unsigned int NICS_SIZE = 1024;
- static const char* nicFile = "/nics.txt";
+ static const char *nicFile = "/nics.txt";
FILE *file;
@@ -852,7 +853,9 @@ GetNicsToEnable(const char* dir)
if (file) {
ret = malloc(NICS_SIZE);
if (ret == NULL) {
- SetDeployError("Error allocating memory to read nic file '%s'", fileName);
+ SetDeployError("Error allocating memory to read nic file '%s'",
+ fileName);
+ fclose(file);
free(fileName);
return ret;
}
@@ -862,7 +865,8 @@ GetNicsToEnable(const char* dir)
// Check various error condition
if (ferror(file)) {
- SetDeployError("Error reading nic file '%s'.(%s)", fileName, strerror(errno));
+ SetDeployError("Error reading nic file '%s'.(%s)", fileName,
+ strerror(errno));
free(ret);
ret = NULL;
}
@@ -880,6 +884,7 @@ GetNicsToEnable(const char* dir)
return ret;
}
+
/**
*------------------------------------------------------------------------------
*
--
1.8.3.1

52
SOURCES/ovt-Fix-a-trivial-Coverity-reported-memory-leak-in-vgaut.patch
View File

@ -1,52 +0,0 @@
From f5626146057b01e07c9491183bc09f8d190a1d4c Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Thu, 25 Jul 2019 12:32:31 +0200
Subject: [PATCH 08/16] Fix a trivial Coverity-reported memory leak in
vgauth/cli/main.c.
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20190725123239.18274-9-cavery@redhat.com>
Patchwork-id: 89715
O-Subject: [RHEL8.1 open-vm-tools PATCH 08/16] Fix a trivial Coverity-reported memory leak in vgauth/cli/main.c.
Bugzilla: 1602648
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 544cf1363c78d1d8c75e57d560b3650b5f667c64
Author: Oliver Kurth <okurth@vmware.com>
Date: Wed May 8 15:27:18 2019 -0700
Fix a trivial Coverity-reported memory leak in vgauth/cli/main.c.
Call Pref_Shutdown to close the PrefHandle.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Conflicts: Minor copyright issue
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/vgauth/cli/main.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/vgauth/cli/main.c b/vgauth/cli/main.c
index 7209e95..6f69f19 100644
--- a/vgauth/cli/main.c
+++ b/vgauth/cli/main.c
@@ -1,5 +1,5 @@
/*********************************************************
- * Copyright (C) 2011-2016 VMware, Inc. All rights reserved.
+ * Copyright (C) 2011-2019 VMware, Inc. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
@@ -658,6 +658,7 @@ next:
}
VGAuth_Shutdown(ctx);
+ Pref_Shutdown(prefs);
g_free(appName);
return (err == VGAUTH_E_OK) ? 0 : -1;
}
--
1.8.3.1

52
SOURCES/ovt-Fix-a-trivial-Coverity-reported-memory-leak.patch
View File

@ -1,52 +0,0 @@
From 98345ad1ae6960263f1e0c76cda6a45a2313d7e1 Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Thu, 25 Jul 2019 12:32:34 +0200
Subject: [PATCH 11/16] Fix a trivial Coverity-reported memory leak.
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20190725123239.18274-12-cavery@redhat.com>
Patchwork-id: 89722
O-Subject: [RHEL8.1 open-vm-tools PATCH 11/16] Fix a trivial Coverity-reported memory leak.
Bugzilla: 1602648
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit a5823224051da0318facf10e0732baa9f55334fc
Author: Oliver Kurth <okurth@vmware.com>
Date: Wed May 8 15:27:19 2019 -0700
Fix a trivial Coverity-reported memory leak.
If AuthLoadPAM doesn't find all the needed symbols from the pam
library, then dlclose the library, as is already done for
the same-named funtion in bora/lib/auth/authPosix.c.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/vgauth/lib/authPosix.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/vgauth/lib/authPosix.c b/vgauth/lib/authPosix.c
index dfaeb92..151e595 100644
--- a/vgauth/lib/authPosix.c
+++ b/vgauth/lib/authPosix.c
@@ -1,5 +1,5 @@
/*********************************************************
- * Copyright (C) 2011-2017 VMware, Inc. All rights reserved.
+ * Copyright (C) 2011-2017,2019 VMware, Inc. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
@@ -128,7 +128,7 @@ AuthLoadPAM(void)
if (!symbol) {
Warning("PAM library does not contain required function: %s\n",
dlerror());
-
+ dlclose(pam_library);
return FALSE;
}
--
1.8.3.1

87
SOURCES/ovt-Fix-leaks-in-ListAliases-and-ListMappedAliases-9bc72.patch
View File

@ -1,87 +0,0 @@
From 54da2ccfa99000a62f22820a3702331bbd131077 Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Tue, 19 Nov 2019 14:16:06 +0100
Subject: [PATCH 3/3] Fix leaks in ListAliases and ListMappedAliases
(9bc72f0b09702754b429115658a85223cb3058bd from devel)
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20191119141606.5322-4-cavery@redhat.com>
Patchwork-id: 92513
O-Subject: [RHEL8.1.z open-vm-tools PATCH 3/3] Fix leaks in ListAliases and ListMappedAliases (9bc72f0b09702754b429115658a85223cb3058bd from devel)
Bugzilla: 1773903
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 26b9edbeb79d1c67b9ae73a0c97c48999c1fb503 (origin/stable-10.3.10-vix-memory-leaks)
Author: Oliver Kurth <okurth@vmware.com>
Date: Wed Oct 2 17:48:35 2019 -0700
Fix leaks in ListAliases and ListMappedAliases (9bc72f0b09702754b429115658a85223cb3058bd from devel)
Signed-off-by: Cathy Avery <cavery@redhat.com>
Conflicts: Previous coverity patch commit d477b6e21915d5099018f4fc4b60f257bb593d72
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
services/plugins/vix/vixTools.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/services/plugins/vix/vixTools.c b/services/plugins/vix/vixTools.c
index 7df91de..2b9dede 100644
--- a/services/plugins/vix/vixTools.c
+++ b/services/plugins/vix/vixTools.c
@@ -9620,7 +9620,6 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN
char *destPtr;
char *endDestPtr;
char *tmpBuf = NULL;
- char *recordBuf;
size_t recordSize;
char *escapedStr = NULL;
char *escapedStr2 = NULL;
@@ -9679,6 +9678,8 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN
destPtr += Str_Sprintf(destPtr, endDestPtr - destPtr, "%s",
VIX_XML_ESCAPED_TAG);
for (i = 0; i < num; i++) {
+ char *recordBuf = NULL;
+
escapedStr = VixToolsEscapeXMLString(uaList[i].pemCert);
if (escapedStr == NULL) {
err = VIX_E_OUT_OF_MEMORY;
@@ -9752,6 +9753,8 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN
Log("%s: ListAuth list results too large, truncating", __FUNCTION__);
goto abort;
}
+ free(recordBuf);
+ recordBuf = NULL;
}
*result = resultBuffer;
@@ -9817,7 +9820,6 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN
char *destPtr;
char *endDestPtr;
char *tmpBuf = NULL;
- char *recordBuf;
char *escapedStr = NULL;
char *escapedStr2 = NULL;
size_t recordSize;
@@ -9870,6 +9872,8 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN
destPtr += Str_Sprintf(destPtr, endDestPtr - destPtr, "%s",
VIX_XML_ESCAPED_TAG);
for (i = 0; i < num; i++) {
+ char *recordBuf = NULL;
+
escapedStr = VixToolsEscapeXMLString(maList[i].pemCert);
if (escapedStr == NULL) {
err = VIX_E_OUT_OF_MEMORY;
@@ -9941,6 +9945,8 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN
Log("%s: ListMapped results too large, truncating", __FUNCTION__);
goto abort;
}
+ free(recordBuf);
+ recordBuf = NULL;
}
*result = resultBuffer;
--
1.8.3.1

80
SOURCES/ovt-Fix-memory-leak-in-GetFormattedCommandLine-function-.patch
View File

@ -1,80 +0,0 @@
From da6b1c1b22ce0386214bbc5395d4cc42529be4fb Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Thu, 25 Jul 2019 12:32:25 +0200
Subject: [PATCH 02/16] Fix memory leak in GetFormattedCommandLine() function
(linuxDeployment.c)
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20190725123239.18274-3-cavery@redhat.com>
Patchwork-id: 89712
O-Subject: [RHEL8.1 open-vm-tools PATCH 02/16] Fix memory leak in GetFormattedCommandLine() function (linuxDeployment.c)
Bugzilla: 1602648
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit d93219282ff7e89e3f581bf757dfd807c7568452
Author: Oliver Kurth <okurth@vmware.com>
Date: Thu Mar 28 12:42:59 2019 -0700
Fix memory leak in GetFormattedCommandLine() function (linuxDeployment.c)
1. There are malloc() calls happening in a loop; this function returns
NULL when one of malloc fails. If a malloc call fails in the loop,
all memory allocated in previous iterations should be freed before
the return NULL.
2. Clear allocated resources before return NULL in this file.
3. Add NULL check following malloc calls in this file.
4. Encapsulate %s in () only if %s is strerror(errno), otherwise encapsulate
%s in single quotes.
5. End with \n in sLog.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Partial port: Only the parts of the patch that addesses the coverity defects were backported.
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/libDeployPkg/linuxDeployment.c | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/libDeployPkg/linuxDeployment.c b/libDeployPkg/linuxDeployment.c
index 6e22aac..74b2f90 100644
--- a/libDeployPkg/linuxDeployment.c
+++ b/libDeployPkg/linuxDeployment.c
@@ -454,6 +454,8 @@ AddToList(struct List* head, const char* token)
l = malloc(sizeof(struct List));
if (!l) {
SetDeployError("Error allocating memory. (%s)", strerror(errno));
+ // clear allocated resource
+ free(data);
return NULL;
}
@@ -1495,13 +1497,23 @@ GetFormattedCommandLine(const char* command)
args = malloc((ListSize(commandTokens) + 1) * sizeof(char*));
if (!args) {
SetDeployError("Error allocating memory.");
+ // clear resources
+ DeleteList(commandTokens);
return NULL;
}
for(l = commandTokens, i = 0; l; l = l->next, i++) {
char* arg = malloc(strlen(l->data) + 1);
if (!arg) {
- SetDeployError("Error allocating memory.(%s)", strerror(errno));
+ unsigned int j;
+ SetDeployError("Error allocating memory. (%s)", strerror(errno));
+ // free allocated memories in previous iterations if any
+ for (j = 0; j < i; j++) {
+ free(args[j]);
+ }
+ free(args);
+ // clear resources
+ DeleteList(commandTokens);
return NULL;
}
--
1.8.3.1

52
SOURCES/ovt-Fix-memory-leak-in-SNEBuildHash-function.patch
View File

@ -1,52 +0,0 @@
From ce0aed0b753b24891cf33463f69e0ceb953b826f Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Thu, 25 Jul 2019 12:32:28 +0200
Subject: [PATCH 05/16] Fix memory leak in SNEBuildHash function.
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20190725123239.18274-6-cavery@redhat.com>
Patchwork-id: 89716
O-Subject: [RHEL8.1 open-vm-tools PATCH 05/16] Fix memory leak in SNEBuildHash function.
Bugzilla: 1602648
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 1b755d3e619ed40d8750532f10af5a1df6de6cda
Author: Oliver Kurth <okurth@vmware.com>
Date: Tue Apr 30 13:24:24 2019 -0700
Fix memory leak in SNEBuildHash function.
In a specific code path of the SNEBuildHash function, when the
environment variable is of the format VMWARE_*=[0|1], the value
is not freed. Fixed the memory leak.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/lib/system/systemLinux.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/lib/system/systemLinux.c b/lib/system/systemLinux.c
index c74d489..7d9798a 100644
--- a/lib/system/systemLinux.c
+++ b/lib/system/systemLinux.c
@@ -1,5 +1,5 @@
/*********************************************************
- * Copyright (C) 1998-2018 VMware, Inc. All rights reserved.
+ * Copyright (C) 1998-2019 VMware, Inc. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
@@ -607,6 +607,8 @@ SNEBuildHash(const char **compatEnviron)
char *realValue = (value[0] == '0')
? NULL
: Util_SafeStrdup(&value[1]);
+ free(value);
+ value = NULL;
HashTable_ReplaceOrInsert(environTable, realKey, realValue);
} else {
HashTable_LookupOrInsert(environTable, key, value);
--
1.8.3.1

102
SOURCES/ovt-Fix-memory-leaks-in-vix-tools-plugin.patch
View File

@ -1,102 +0,0 @@
From af8a6eab2759aafeffc5ae47aed33492eb092b51 Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Tue, 19 Nov 2019 14:16:04 +0100
Subject: [PATCH 1/3] Fix memory leaks in 'vix' tools plugin.
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20191119141606.5322-2-cavery@redhat.com>
Patchwork-id: 92511
O-Subject: [RHEL8.1.z open-vm-tools PATCH 1/3] Fix memory leaks in 'vix' tools plugin.
Bugzilla: 1773903
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 015db4c06a8be65eb96cf62421e8b5366993452f
Author: Oliver Kurth <okurth@vmware.com>
Date: Wed Aug 29 13:29:45 2018 -0700
Fix memory leaks in 'vix' tools plugin.
* vix plugin retrieves the power script file paths from the
config file but doesn't free them and this causes a memory leak.
Fixed the code to free the filepaths.
* In GuestAuthPasswordAuthenticateImpersonate function, the VGAuth
handle is not freed when the impersonation fails. Fixed the
code to call VGAuth_UserHandleFree in the error path.
Note: I executed one guest operation with wrong credentials.
Every failure leaks 75 bytes of memory. (in Centos 64-bit VM)
* Fixed another minor issue in the code. At couple of places in
the code, replaced 'err' with 'vgErr' for storing the return value
of VGAuth_UserHandleAccessToken.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
services/plugins/vix/vixTools.c | 20 ++++++++++++++------
1 file changed, 14 insertions(+), 6 deletions(-)
diff --git a/services/plugins/vix/vixTools.c b/services/plugins/vix/vixTools.c
index ef26742..2d60b86 100644
--- a/services/plugins/vix/vixTools.c
+++ b/services/plugins/vix/vixTools.c
@@ -2522,10 +2522,10 @@ VixTools_GetToolsPropertiesImpl(GKeyFile *confDictRef, // IN
char *guestName;
int osFamily;
char *packageList = NULL;
- const char *powerOffScript = NULL;
- const char *powerOnScript = NULL;
- const char *resumeScript = NULL;
- const char *suspendScript = NULL;
+ char *powerOffScript = NULL;
+ char *powerOnScript = NULL;
+ char *resumeScript = NULL;
+ char *suspendScript = NULL;
char *osName = NULL;
char *osNameFull = NULL;
Bool foundHostName;
@@ -2726,6 +2726,10 @@ abort:
free(tempDir);
free(osName);
free(osNameFull);
+ free(suspendScript);
+ free(resumeScript);
+ free(powerOnScript);
+ free(powerOffScript);
#else
/*
* FreeBSD. We do not require all the properties above.
@@ -11585,7 +11589,7 @@ GuestAuthPasswordAuthenticateImpersonate(
#ifdef _WIN32
// this is making a copy of the token, be sure to close it
- err = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken);
+ vgErr = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken);
if (VGAUTH_FAILED(vgErr)) {
err = VixToolsTranslateVGAuthError(vgErr);
goto done;
@@ -11601,6 +11605,10 @@ done:
free(username);
Util_ZeroFreeString(password);
+ if (VIX_OK != err) {
+ VGAuth_UserHandleFree(newHandle);
+ newHandle = NULL;
+ }
return err;
#else
return VIX_E_NOT_SUPPORTED;
@@ -11731,7 +11739,7 @@ impersonate:
#ifdef _WIN32
// this is making a copy of the token, be sure to close it
- err = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken);
+ vgErr = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken);
if (VGAUTH_FAILED(vgErr)) {
err = VixToolsTranslateVGAuthError(vgErr);
goto done;
--
1.8.3.1

47
SOURCES/ovt-Fix-minor-leak-in-FileRotateByRenumber-Coverity-scan.patch
View File

@ -1,47 +0,0 @@
From f9dcf9c252d3d1cb76aebd838300bdf3e973e77b Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Thu, 25 Jul 2019 12:32:27 +0200
Subject: [PATCH 04/16] Fix minor leak in FileRotateByRenumber - Coverity scan
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20190725123239.18274-5-cavery@redhat.com>
Patchwork-id: 89720
O-Subject: [RHEL8.1 open-vm-tools PATCH 04/16] Fix minor leak in FileRotateByRenumber - Coverity scan
Bugzilla: 1602648
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 85bc2e71dd7a855d3c533965859c1756deecc314
Author: Oliver Kurth <okurth@vmware.com>
Date: Mon Apr 15 11:33:00 2019 -0700
Fix minor leak in FileRotateByRenumber - Coverity scan
Signed-off-by: Cathy Avery <cavery@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/lib/file/file.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/file/file.c b/lib/file/file.c
index 2d1154b..7dae12c 100644
--- a/lib/file/file.c
+++ b/lib/file/file.c
@@ -1,5 +1,5 @@
/*********************************************************
- * Copyright (C) 1998-2018 VMware, Inc. All rights reserved.
+ * Copyright (C) 1998-2019 VMware, Inc. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
@@ -2452,6 +2452,7 @@ FileRotateByRenumber(const char *filePath, // IN: full path to file
File_GetPathName(fullPathNoExt, &baseDir, &baseName);
if ((baseDir == NULL) || (*baseDir == '\0')) {
+ free(baseDir);
baseDir = Unicode_Duplicate(DIRSEPS);
}
--
1.8.3.1

61
SOURCES/ovt-Fix-two-coverity-issues-reported-by-a-customer.patch
View File

@ -1,61 +0,0 @@
From 86ec5be96b61f3b391711aab3aee0c4d85101b2f Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Thu, 25 Jul 2019 12:32:39 +0200
Subject: [PATCH 16/16] Fix two coverity issues reported by a customer.
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20190725123239.18274-17-cavery@redhat.com>
Patchwork-id: 89719
O-Subject: [RHEL8.1 open-vm-tools PATCH 16/16] [Tools/dndcp] Fix two coverity issues reported by a customer.
Bugzilla: 1602648
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 04813113e28f6cfecf956166136bbad2a6c2a386
Author: Oliver Kurth <okurth@vmware.com>
Date: Sat Jul 20 17:15:19 2019 -0700
[Tools/dndcp] Fix two coverity issues reported by a customer.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/services/plugins/dndcp/copyPasteUIX11.cpp | 14 +++++++++++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/services/plugins/dndcp/copyPasteUIX11.cpp b/services/plugins/dndcp/copyPasteUIX11.cpp
index 6c40b84..e9b9e26 100644
--- a/services/plugins/dndcp/copyPasteUIX11.cpp
+++ b/services/plugins/dndcp/copyPasteUIX11.cpp
@@ -1664,10 +1664,11 @@ CopyPasteUIX11::FileBlockMonitorThread(void *arg) // IN
}
int fd = open(params->fileBlockName.c_str(), O_RDONLY);
- if (fd <= 0) {
- g_debug("%s: Failed to open %s\n",
+ if (fd < 0) {
+ g_debug("%s: Failed to open %s, errno is %d\n",
__FUNCTION__,
- params->fileBlockName.c_str());
+ params->fileBlockName.c_str(),
+ errno);
continue;
}
@@ -1688,6 +1689,13 @@ CopyPasteUIX11::FileBlockMonitorThread(void *arg) // IN
} else {
g_debug("%s: Block is not added\n", __FUNCTION__);
}
+
+ if (close(fd) < 0) {
+ g_debug("%s: Failed to close %s, errno is %d\n",
+ __FUNCTION__,
+ params->fileBlockName.c_str(),
+ errno);
+ }
}
pthread_mutex_unlock(&params->fileBlockMutex);
return NULL;
--
1.8.3.1

174
SOURCES/ovt-Fixes-for-few-leaks-and-improved-error-handling.patch
View File

@ -1,174 +0,0 @@
From 46a724937bfbfe4fa4e64269f057c71893f25b30 Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Thu, 25 Jul 2019 12:32:32 +0200
Subject: [PATCH 09/16] Fixes for few leaks and improved error handling.
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20190725123239.18274-10-cavery@redhat.com>
Patchwork-id: 89723
O-Subject: [RHEL8.1 open-vm-tools PATCH 09/16] Fixes for few leaks and improved error handling.
Bugzilla: 1602648
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 2bbd56da4314856dfc1a8fed2db5b55cd9ef8860
Author: Oliver Kurth <okurth@vmware.com>
Date: Wed May 8 15:27:18 2019 -0700
Fixes for few leaks and improved error handling.
Fix a memory leak detected by coverity scan. It is not critical,
but it is real in an error case when there is no end mark. While
fixing it, also enhanced code to handle different error cases
properly because we would want valid content to be decoded even
when there are invalid marks in the log file. Invalid log marks
are possible when vmware.log gets rotated in the middle of guest
logging.
While verifying the fix using valgrind, found a couple of more
leaks in panic and warning stubs. Addressed those as well.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/lib/stubs/stub-panic.c | 3 ++-
open-vm-tools/lib/stubs/stub-warning.c | 5 ++--
open-vm-tools/xferlogs/xferlogs.c | 47 ++++++++++++++++++++++++++++------
3 files changed, 44 insertions(+), 11 deletions(-)
diff --git a/lib/stubs/stub-panic.c b/lib/stubs/stub-panic.c
index 615a810..4b88f59 100644
--- a/lib/stubs/stub-panic.c
+++ b/lib/stubs/stub-panic.c
@@ -1,5 +1,5 @@
/*********************************************************
- * Copyright (C) 2008 VMware, Inc. All rights reserved.
+ * Copyright (C) 2008,2019 VMware, Inc. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
@@ -43,6 +43,7 @@ Panic(const char *fmt, ...)
if (str != NULL) {
fputs(str, stderr);
+ free(str);
}
assert(FALSE);
diff --git a/lib/stubs/stub-warning.c b/lib/stubs/stub-warning.c
index c32fa69..3a49617 100644
--- a/lib/stubs/stub-warning.c
+++ b/lib/stubs/stub-warning.c
@@ -1,5 +1,5 @@
/*********************************************************
- * Copyright (C) 2008-2016 VMware, Inc. All rights reserved.
+ * Copyright (C) 2008-2016,2019 VMware, Inc. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
@@ -24,6 +24,7 @@
*/
#include <stdio.h>
+#include <stdlib.h>
#include "str.h"
@@ -39,6 +40,6 @@ Warning(const char *fmt, ...)
if (str != NULL) {
fputs(str, stderr);
+ free(str);
}
}
-
diff --git a/xferlogs/xferlogs.c b/xferlogs/xferlogs.c
index 9aa9b3a..d4a600f 100644
--- a/xferlogs/xferlogs.c
+++ b/xferlogs/xferlogs.c
@@ -184,8 +184,19 @@ extractFile(char *filename) //IN: vmx log filename e.g. vmware.log
char tstamp[32];
time_t now;
- ASSERT(outfp == NULL);
- ASSERT(state == NOT_IN_GUEST_LOGGING);
+ /*
+ * There could be multiple LOG_START_MARK in the log,
+ * close existing one before opening a new file.
+ */
+ if (outfp) {
+ ASSERT(state == IN_GUEST_LOGGING);
+ Warning("Found a new start mark before end mark for "
+ "previous one\n");
+ fclose(outfp);
+ outfp = NULL;
+ } else {
+ ASSERT(state == NOT_IN_GUEST_LOGGING);
+ }
DEBUG_ONLY(state = IN_GUEST_LOGGING);
/*
@@ -234,23 +245,32 @@ extractFile(char *filename) //IN: vmx log filename e.g. vmware.log
ver = ver + sizeof "ver - " - 1;
version = strtol(ver, NULL, 0);
if (version != LOG_VERSION) {
- Warning("input version %d doesnt match the\
+ Warning("Input version %d doesn't match the\
version of this binary %d", version, LOG_VERSION);
} else {
- printf("reading file %s to %s \n", logInpFilename, fname);
+ printf("Reading file %s to %s \n", logInpFilename, fname);
if (!(outfp = fopen(fname, "wb"))) {
Warning("Error opening file %s\n", fname);
}
}
}
} else if (strstr(buf, LOG_END_MARK)) { // close the output file.
- ASSERT(state == IN_GUEST_LOGGING);
+ /*
+ * Need to check outfp, because we might get LOG_END_MARK
+ * before LOG_START_MARK due to log rotation.
+ */
+ if (outfp) {
+ ASSERT(state == IN_GUEST_LOGGING);
+ fclose(outfp);
+ outfp = NULL;
+ } else {
+ ASSERT(state == NOT_IN_GUEST_LOGGING);
+ Warning("Reached file end mark without start mark\n");
+ }
DEBUG_ONLY(state = NOT_IN_GUEST_LOGGING);
- fclose(outfp);
- outfp = NULL;
} else { // write to the output file
- ASSERT(state == IN_GUEST_LOGGING);
if (outfp) {
+ ASSERT(state == IN_GUEST_LOGGING);
ptrStr = strstr(buf, LOG_GUEST_MARK);
ptrStr += sizeof LOG_GUEST_MARK - 1;
if (Base64_Decode(ptrStr, base64Out, BUF_OUT_SIZE, &lenOut)) {
@@ -260,10 +280,21 @@ extractFile(char *filename) //IN: vmx log filename e.g. vmware.log
} else {
Warning("Error decoding output %s\n", ptrStr);
}
+ } else {
+ ASSERT(state == NOT_IN_GUEST_LOGGING);
+ Warning("Missing file start mark\n");
}
}
}
}
+
+ /*
+ * We may need to close file in case LOG_END_MARK is missing.
+ */
+ if (outfp) {
+ ASSERT(state == IN_GUEST_LOGGING);
+ fclose(outfp);
+ }
fclose(fp);
}
--
1.8.3.1

60
SOURCES/ovt-Rectify-a-log-spew-in-vmsvc-logging-vmware-vmsvc-roo.patch Normal file
View File

@ -0,0 +1,60 @@
From 6536375aa0f30fe9226ec687d7854d5c2aef5a7d Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Fri, 14 Feb 2020 12:23:09 +0100
Subject: [PATCH] Rectify a log spew in vmsvc logging (vmware-vmsvc-root.log )
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20200214122309.5769-1-cavery@redhat.com>
Patchwork-id: 93876
O-Subject: [RHEL8.2 open-vm-tools PATCH] Rectify a log spew in vmsvc logging (vmware-vmsvc-root.log )
Bugzilla: 1800812
RH-Acked-by: Eduardo Otubo <otubo@redhat.com>
RH-Acked-by: Mohammed Gamal <mgamal@redhat.com>
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1800812
Brew: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=26372468
Branch: rhel8/master-11.0.0
Tested: By QE
Upstream Status: stable-11.0.5-suse-bug-1162435 targeted for 11.1.0
commit 4ee0bd3c8ead89541ab7d196fb54e940e397420d
Author: Oliver Kurth <okurth@vmware.com>
Date: Fri, 7 Feb 2020 10:39:38 -0800
Rectify a log spew in vmsvc logging (vmware-vmsvc-root.log )
When a LSI Logic Parallel SCSI controller sits in PCI bus 0
(SCSI controller 0), the Linux disk device enumeration does not provide
a "label" file with the controller name. This results in messages like
"GuestInfoGetDiskDevice: Missing disk device name; VMDK mapping unavailable for "/var/log", fsName: "/dev/sda2"
repeatedly appearing in the vmsvc logging. The patch converts what previously
was a warning message to a debug message and thus avoids the log spew.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
open-vm-tools/services/plugins/guestInfo/diskInfo.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/open-vm-tools/services/plugins/guestInfo/diskInfo.c b/open-vm-tools/services/plugins/guestInfo/diskInfo.c
index a8234a4..c974dbd 100644
--- a/open-vm-tools/services/plugins/guestInfo/diskInfo.c
+++ b/open-vm-tools/services/plugins/guestInfo/diskInfo.c
@@ -837,9 +837,9 @@ GuestInfoGetDiskDevice(const char *fsName,
*/
for (indx = 0; indx < partEntry->diskDevCnt; indx++) {
if (partEntry->diskDevNames[indx][0] == '\0') {
- g_warning("%s: Missing disk device name; VMDK mapping unavailable "
- "for \"%s\", fsName: \"%s\"\n", __FUNCTION__,
- partEntry->name, fsName);
+ g_debug("%s: Missing disk device name; VMDK mapping unavailable "
+ "for \"%s\", fsName: \"%s\"\n", __FUNCTION__,
+ partEntry->name, fsName);
partEntry->diskDevCnt = 0;
free(partEntry->diskDevNames);
partEntry->diskDevNames = NULL;
--
1.8.3.1

115
SOURCES/ovt-copyPasteCompatX11.c-code-generating-unnecessary-Cov.patch
View File

@ -1,115 +0,0 @@
From d56ab64ed0b7a863cc2b0bf1dc78bbf3d3953226 Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Thu, 25 Jul 2019 12:32:37 +0200
Subject: [PATCH 14/16] copyPasteCompatX11.c code generating unnecessary
Coverity warning
RH-Author: Cathy Avery <cavery@redhat.com>
Message-id: <20190725123239.18274-15-cavery@redhat.com>
Patchwork-id: 89721
O-Subject: [RHEL8.1 open-vm-tools PATCH 14/16] copyPasteCompatX11.c code generating unnecessary Coverity warning
Bugzilla: 1602648
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
commit 9c30be3448c743e51718480543142bf833ea553a
Author: Oliver Kurth <okurth@vmware.com>
Date: Mon Jun 17 11:41:38 2019 -0700
copyPasteCompatX11.c code generating unnecessary Coverity warning
This patch aims to fix an issue found by Coverity Scan.
This issue is a False Positive, the outBuf is only freed in specific
scenario, so there is no 'BAD FREE'. But it's better to reconstruct the
related code to clear the SCA error.
Signed-off-by: Cathy Avery <cavery@redhat.com>
Conflicts: Minor copyright
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
.../services/plugins/dndcp/copyPasteCompatX11.c | 43 +++++++++-------------
1 file changed, 17 insertions(+), 26 deletions(-)
diff --git a/services/plugins/dndcp/copyPasteCompatX11.c b/services/plugins/dndcp/copyPasteCompatX11.c
index d5a0fdf..3b2f2bc 100644
--- a/services/plugins/dndcp/copyPasteCompatX11.c
+++ b/services/plugins/dndcp/copyPasteCompatX11.c
@@ -1,5 +1,5 @@
/*********************************************************
- * Copyright (C) 2005-2016 VMware, Inc. All rights reserved.
+ * Copyright (C) 2005-2019 VMware, Inc. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
@@ -579,50 +579,41 @@ CopyPasteSelectionGetCB(GtkWidget *widget, // IN: unused
return;
}
- /* If it is text copy paste, return gHostClipboardBuf. */
+ GdkAtom target;
#ifndef GTK3
- if (GDK_SELECTION_TYPE_STRING == selection_data->target ||
- GDK_SELECTION_TYPE_UTF8_STRING == selection_data->target) {
+ target = selection_data->target;
#else
- if (GDK_SELECTION_TYPE_STRING == gtk_selection_data_get_target(selection_data) ||
- GDK_SELECTION_TYPE_UTF8_STRING == gtk_selection_data_get_target(selection_data)) {
+ target = gtk_selection_data_get_target(selection_data);
#endif
+
+ /* If it is text copy paste, return gHostClipboardBuf. */
+ if (GDK_SELECTION_TYPE_STRING == target ||
+ GDK_SELECTION_TYPE_UTF8_STRING == target) {
char *outBuf = gHostClipboardBuf;
+ char *outStringBuf = NULL;
size_t len = strlen(gHostClipboardBuf);
/*
* If target is GDK_SELECTION_TYPE_STRING, assume encoding is local code
* set. Convert from utf8 to local one.
*/
-#ifndef GTK3
- if (GDK_SELECTION_TYPE_STRING == selection_data->target &&
-#else
- if (GDK_SELECTION_TYPE_STRING == gtk_selection_data_get_target(selection_data) &&
-#endif
+ if (GDK_SELECTION_TYPE_STRING == target &&
!CodeSet_Utf8ToCurrent(gHostClipboardBuf,
strlen(gHostClipboardBuf),
- &outBuf,
+ &outStringBuf,
&len)) {
g_debug("CopyPasteSelectionGetCB: can not convert to current codeset\n");
return;
}
-#ifndef GTK3
- gtk_selection_data_set(selection_data, selection_data->target, 8,
-#else
- gtk_selection_data_set(selection_data, gtk_selection_data_get_target(selection_data), 8,
-#endif
- outBuf, len);
- g_debug("CopyPasteSelectionGetCB: Set text [%s]\n", outBuf);
-
-#ifndef GTK3
- if (GDK_SELECTION_TYPE_STRING == selection_data->target) {
-#else
- if (GDK_SELECTION_TYPE_STRING == gtk_selection_data_get_target(selection_data)) {
-#endif
- free(outBuf);
+ if (outStringBuf != NULL) {
+ outBuf = outStringBuf;
}
+ gtk_selection_data_set(selection_data, target, 8, outBuf, len);
+ g_debug("CopyPasteSelectionGetCB: Set text [%s]\n", outBuf);
+
+ free(outStringBuf);
return;
}
}
--
1.8.3.1

14
SOURCES/vmtoolsd-init.service
View File

@ -1,14 +0,0 @@
[Unit]
Description=One-time configuration for vmtoolsd
ConditionVirtualization=vmware
ConditionPathExists=|!/etc/vmware-tools/GuestProxyData/server/cert.pem
ConditionPathExists=|!/etc/vmware-tools/GuestProxyData/server/key.pem
PartOf=vmtoolsd.service
[Service]
Type=oneshot
RemainAfterExit=no
ExecStart=/usr/bin/vmware-guestproxycerttool -g
[Install]
RequiredBy=vmtoolsd.service

148
SPECS/open-vm-tools.spec
View File

@ -19,64 +19,36 @@
################################################################################
%global _hardened_build 1
%global majorversion 10.3
%global minorversion 10
%global toolsbuild 12406962
%global majorversion 11.0
%global minorversion 0
%global toolsbuild 14549434
%global toolsversion %{majorversion}.%{minorversion}
%global toolsdaemon vmtoolsd
%global vgauthdaemon vgauthd
Name: open-vm-tools
Version: %{toolsversion}
Release: 3%{?dist}.1
Release: 4%{?dist}
Summary: Open Virtual Machine Tools for virtual machines hosted on VMware
Group: Applications/System
License: GPLv2
URL: https://github.com/vmware/%{name}
Source0: https://github.com/vmware/%{name}/releases/download/stable-%{version}/%{name}-%{version}-%{toolsbuild}.tar.gz
Source1: %{toolsdaemon}-init.service
Source2: %{toolsdaemon}.service
Source3: %{vgauthdaemon}.service
Source1: %{toolsdaemon}.service
Source2: %{vgauthdaemon}.service
ExclusiveArch: x86_64
# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
Patch2: ovt-End-VGAuth-impersonation-in-the-case-of-error.patch
# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
Patch3: ovt-Fix-memory-leak-in-GetFormattedCommandLine-function-.patch
# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
Patch4: ovt-Fix-a-leak-if-VGAuth-setup-fails.-Coverity-issue.patch
# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
Patch5: ovt-Fix-minor-leak-in-FileRotateByRenumber-Coverity-scan.patch
# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
Patch6: ovt-Fix-memory-leak-in-SNEBuildHash-function.patch
# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
Patch7: ovt-Fix-Coverity-reported-issues-in-i18n.c-code-VMTools-.patch
# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
Patch8: ovt-Fix-a-memory-leak-in-the-unicode-library.patch
# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
Patch9: ovt-Fix-a-trivial-Coverity-reported-memory-leak-in-vgaut.patch
# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
Patch10: ovt-Fixes-for-few-leaks-and-improved-error-handling.patch
# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
Patch11: ovt-Fix-Coverity-reported-double-memory-free-errors.patch
# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
Patch12: ovt-Fix-a-trivial-Coverity-reported-memory-leak.patch
# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
Patch13: ovt-Fix-RH-Covscan-Coverity-reported-memory-leaks-in-too.patch
# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
Patch14: ovt-Fix-Using-uninitialized-value-issue-reported-by-Cove.patch
# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
Patch15: ovt-copyPasteCompatX11.c-code-generating-unnecessary-Cov.patch
# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
Patch16: ovt-Fix-a-Coverity-issue-reported-in-vgauth-serviceImpl-.patch
# For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package
Patch17: ovt-Fix-two-coverity-issues-reported-by-a-customer.patch
# For bz#1773903 - [ESXi][RHEL8.0]Need to backport some severe memory leak fixes from upstream [rhel-8.1.0.z]
Patch18: ovt-Fix-memory-leaks-in-vix-tools-plugin.patch
# For bz#1773903 - [ESXi][RHEL8.0]Need to backport some severe memory leak fixes from upstream [rhel-8.1.0.z]
Patch19: ovt-End-VGAuth-impersonation-in-the-case-of-error2.patch
# For bz#1773903 - [ESXi][RHEL8.0]Need to backport some severe memory leak fixes from upstream [rhel-8.1.0.z]
Patch20: ovt-Fix-leaks-in-ListAliases-and-ListMappedAliases-9bc72.patch
Patch0002: 0002-Fix-leaks-in-ListAliases-and-ListMappedAliases.patch
# For bz#1769881 - [ESXi][RHEL8.2]Important issues found by covscan in "open-vm-tools-11.0.0-2.el8" package
Patch3: ovt-Address-Coverity-issues-reported-in-bora-lib-file-fi.patch
# For bz#1769881 - [ESXi][RHEL8.2]Important issues found by covscan in "open-vm-tools-11.0.0-2.el8" package
Patch4: ovt-Fix-a-potential-NULL-pointer-dereference-in-the-vmba.patch
# For bz#1769881 - [ESXi][RHEL8.2]Important issues found by covscan in "open-vm-tools-11.0.0-2.el8" package
Patch5: ovt-Address-two-Coverity-reported-issues-in-hostinfoPosi.patch
# For bz#1769881 - [ESXi][RHEL8.2]Important issues found by covscan in "open-vm-tools-11.0.0-2.el8" package
Patch6: ovt-Fix-a-resource-leak-issue-in-deployPkg.patch
# For bz#1800812 - [ESXi][RHEL8]Log spew "[ warning] [guestinfo] GuestInfoGetDiskDevice: Missing disk device name
Patch7: ovt-Rectify-a-log-spew-in-vmsvc-logging-vmware-vmsvc-roo.patch
BuildRequires: autoconf
BuildRequires: automake
@ -167,27 +139,7 @@ useful for verifying the functioning of %{name} in VMware virtual
machines.
%prep
%setup -q -n %{name}-%{version}-%{toolsbuild}
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch17 -p1
%patch18 -p1
%patch19 -p1
%patch20 -p1
%autosetup -p2 -n %{name}-%{version}-%{toolsbuild}
%build
# Required for regenerating configure script when
@ -236,9 +188,8 @@ rm -fr %{buildroot}%{_sbindir} %{buildroot}/sbin/mount.vmhgfs
mv %{buildroot}%{_sysconfdir}/vmware-tools/vm-support %{buildroot}%{_bindir}
# Systemd unit files
install -p -m 644 -D %{SOURCE1} %{buildroot}%{_unitdir}/%{toolsdaemon}-init.service
install -p -m 644 -D %{SOURCE2} %{buildroot}%{_unitdir}/%{toolsdaemon}.service
install -p -m 644 -D %{SOURCE3} %{buildroot}%{_unitdir}/%{vgauthdaemon}.service
install -p -m 644 -D %{SOURCE1} %{buildroot}%{_unitdir}/%{toolsdaemon}.service
install -p -m 644 -D %{SOURCE2} %{buildroot}%{_unitdir}/%{vgauthdaemon}.service
# 'make check' in open-vm-tools rebuilds docs and ends up regenerating
# the font file. We can add %%check secion once 'make check' is fixed
@ -258,12 +209,24 @@ if [ -f %{_bindir}/vmware-checkvm -a \
mkdir -p /mnt/hgfs
fi
%systemd_post %{toolsdaemon}-init.service
if [ "$1" = "2" ]; then
# Cleanup GuestProxy certs, relevant for upgrades only
if [ -f %{_bindir}/vmware-guestproxycerttool ]; then
%{_bindir}/vmware-guestproxycerttool -e &> /dev/null || /bin/true
fi
if [ -d /etc/vmware-tools/GuestProxyData ]; then
rm -rf /etc/vmware-tools/GuestProxyData &> /dev/null || /bin/true
fi
# Cleanup vmtoolsd-init.service in case of upgrades
%{_bindir}/systemctl disable %{toolsdaemon}-init.service &> /dev/null || /bin/true
fi
%systemd_post %{vgauthdaemon}.service
%systemd_post %{toolsdaemon}.service
%preun
%systemd_preun %{toolsdaemon}-init.service
%systemd_preun %{toolsdaemon}.service
%systemd_preun %{vgauthdaemon}.service
@ -283,14 +246,10 @@ if [ "$1" = "0" -a \
umount /mnt/hgfs &> /dev/null || /bin/true
rmdir /mnt/hgfs &> /dev/null || /bin/true
fi
# Cleanup GuestProxy certs
%{_bindir}/vmware-guestproxycerttool -e &> /dev/null || /bin/true
fi
%postun
%{?ldconfig}
%systemd_postun_with_restart %{toolsdaemon}-init.service
%systemd_postun_with_restart %{toolsdaemon}.service
%systemd_postun_with_restart %{vgauthdaemon}.service
@ -302,6 +261,8 @@ fi
%dir %{_sysconfdir}/vmware-tools/vgauth
%dir %{_sysconfdir}/vmware-tools/vgauth/schemas
%config(noreplace) %{_sysconfdir}/vmware-tools/*.conf
# Don't expect users to modify example tools.conf file
%config %{_sysconfdir}/vmware-tools/tools.conf.example
# Don't expect users to modify VGAuth schema files
%config %{_sysconfdir}/vmware-tools/vgauth/schemas/*
%{_sysconfdir}/vmware-tools/*-vm-default
@ -312,7 +273,6 @@ fi
%{_bindir}/vmhgfs-fuse
%{_bindir}/vmtoolsd
%{_bindir}/vmware-checkvm
%{_bindir}/vmware-guestproxycerttool
%{_bindir}/vmware-hgfsclient
%{_bindir}/vmware-namespace-cmd
%{_bindir}/vmware-rpctool
@ -332,7 +292,6 @@ fi
%{_libdir}/%{name}/plugins/vmsvc/*.so
%{_datadir}/%{name}/
%{_udevrulesdir}/99-vmware-scsi-udev.rules
%{_unitdir}/%{toolsdaemon}-init.service
%{_unitdir}/%{toolsdaemon}.service
%{_unitdir}/%{vgauthdaemon}.service
@ -358,14 +317,30 @@ fi
%{_bindir}/vmware-vgauth-smoketest
%changelog
* Fri Nov 22 2019 Miroslav Rezanina <mrezanin@redhat.com> - 10.3.10-3.el8_1_0.1
- ovt-Fix-memory-leaks-in-vix-tools-plugin.patch [bz#1773903]
- ovt-End-VGAuth-impersonation-in-the-case-of-error2.patch [bz#1773903]
- ovt-Fix-leaks-in-ListAliases-and-ListMappedAliases-9bc72.patch [bz#1773903]
- Resolves: bz#1773903
([ESXi][RHEL8.0]Need to backport some severe memory leak fixes from upstream [rhel-8.1.0.z])
* Tue Feb 18 2020 Miroslav Rezanina <mrezanin@redhat.com> - 11.0.0-4.el8
- ovt-Rectify-a-log-spew-in-vmsvc-logging-vmware-vmsvc-roo.patch [bz#1800812]
- Resolves: bz#1800812
([ESXi][RHEL8]Log spew "[ warning] [guestinfo] GuestInfoGetDiskDevice: Missing disk device name)
* Thu Aug 01 2019 Miroslav Rezanina <mrezanin@redhat.com> - 10.3.10-3
* Thu Dec 05 2019 Miroslav Rezanina <mrezanin@redhat.com> - 11.0.0-3.el8
- ovt-Address-Coverity-issues-reported-in-bora-lib-file-fi.patch [bz#1769881]
- ovt-Fix-a-potential-NULL-pointer-dereference-in-the-vmba.patch [bz#1769881]
- ovt-Address-two-Coverity-reported-issues-in-hostinfoPosi.patch [bz#1769881]
- ovt-Fix-a-resource-leak-issue-in-deployPkg.patch [bz#1769881]
- Resolves: bz#1769881
([ESXi][RHEL8.2]Important issues found by covscan in "open-vm-tools-11.0.0-2.el8" package)
* Tue Oct 15 2019 Miroslav Rezanina <mrezanin@redhat.com> - 11.0.0-2.el8
- Add missing gating tests
* Mon Oct 14 2019 Miroslav Rezanina <mrezanin@redhat.com> - 11.0.0-1.el8
- Rebase to 11.0.0 [bz#1754658]
- Resolves: bz#1754658
(Rebase open-vm-tools to 11.0 for 8.2.0)
- Resolves: bz#1760891
(Need to backport some severe memory leak fixes from upstream)
* Thu Aug 01 2019 Miroslav Rezanina <mrezanin@redhat.com> - 10.3.10-3.el8
- ovt-End-VGAuth-impersonation-in-the-case-of-error.patch [bz#1602648]
- ovt-Fix-memory-leak-in-GetFormattedCommandLine-function-.patch [bz#1602648]
- ovt-Fix-a-leak-if-VGAuth-setup-fails.-Coverity-issue.patch [bz#1602648]
@ -390,6 +365,11 @@ fi
- Resolves: bz#1702784
(Rebase open-vm-tools to 10.3.10)
* Tue Jan 08 2019 Miroslav Rezanina <mrezanin@redhat.com> - 10.3.0-2.el8
- ovt-Enable-cloud-init-by-default-to-change-the-systemd-u.patch [bz#1660713]
- Resolves: bz#1660713
([ESXi][RHEL8.0]Enable cloud-init by default to change the systemd unit file vmtoolsd.service)
* Tue Oct 16 2018 Miroslav Rezanina <mrezanin@redhat.com> - 10.3.0-1
- Rebase to 10.3.0 [bz#1626578]
- Resolves: bz#1626578