import open-vm-tools-11.2.5-2.el8

This commit is contained in:
CentOS Sources 2021-05-27 04:13:26 +00:00 committed by Andrew Lukoshko
parent e6b22bfedc
commit 3478da39bd
5 changed files with 91 additions and 257 deletions

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/open-vm-tools-11.2.0-16938113.tar.gz
SOURCES/open-vm-tools-11.2.5-17337674.tar.gz

View File

@ -1 +1 @@
bc13fc234d845604a9d84ab09fd41054a0ee9578 SOURCES/open-vm-tools-11.2.0-16938113.tar.gz
bf29ee42227601fe0c0380822fa4cd2cc0f46c55 SOURCES/open-vm-tools-11.2.5-17337674.tar.gz

View File

@ -0,0 +1,72 @@
From 46b67e93a5458ef50eebfeb6a16e1df417274003 Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Sun, 25 Apr 2021 14:54:39 -0400
Subject: [PATCH] Fix a memory leak reported by a partner from their Coverity
scans.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Cathy Avery (cavery)
RH-MergeRequest: 3: Fix a memory leak reported by a partner from their Coverity scans.
RH-Commit: [1/1] 31c94232c885c6d902cae33720a063ab0de401ce
RH-Bugzilla: 1935807
RH-Acked-by: Mohammed Gamal <mgamal@redhat.com>
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
commit 4f7441d8cd20923e509ff819084693bbd8c928df
Author: John Wolfe <jwolfe@vmware.com>
Date: Thu Mar 25 20:21:17 2021 -0700
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1935807
Brew: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=36406926
Tested: Tested by QE
Upstream Status: origin/devel
Conflicts: None
Fix a memory leak reported by a partner from their Coverity scans.
Signed-off-by: Cathy Avery <cavery@redhat.com>
---
open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c
index fbadee2c..aaa5082a 100644
--- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c
+++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c
@@ -1,5 +1,5 @@
/*********************************************************
- * Copyright (C) 2016-2020 VMware, Inc. All rights reserved.
+ * Copyright (C) 2016-2021 VMware, Inc. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
@@ -872,7 +872,6 @@ VerifySubject(xmlDocPtr doc,
xmlNodePtr nameIDNode;
xmlNodePtr child;
gchar *subjectVal = NULL;
- gboolean retCode = FALSE;
gboolean validSubjectFound = FALSE;
xmlChar *tmp;
@@ -956,14 +955,13 @@ VerifySubject(xmlDocPtr doc,
}
}
+done:
if (validSubjectFound && (NULL != subjectRet)) {
*subjectRet = subjectVal;
} else {
g_free(subjectVal);
}
- retCode = validSubjectFound;
-done:
- return retCode;
+ return validSubjectFound;
}
--
2.27.0

View File

@ -1,249 +0,0 @@
From 95800c144d2ab2af95cdc8f08df0518c496a579a Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com>
Date: Thu, 12 Nov 2020 09:01:08 -0500
Subject: [PATCH] Fix memory leaks.
RH-Author: Cathy Avery (cavery)
RH-MergeRequest: 2: Fix memory leaks.
RH-Commit: [1/1] 79ac85f5e8c31cc48b7b0834682c6320afcc2288 (cavery/open-vm-tools)
RH-Bugzilla: 1896804
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1896804
Brew: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=33050983
Tested: By QE
Upstream Status: devel branch
A Coverity scan of open-vm-tools reported a number of memory leaks
on error code paths. Fix seven reported leaks, and modify code
to address two false positives in order to make the code clearer
and/or keep Coverity from reporting the issues. Also fix additional
leaks found in the routine Proto_TextContents during code review.
(cherry picked from commit e18e67f727d0354b08a55b685178fd05f542c6da)
Signed-off-by: Cathy Avery <cavery@redhat.com>
---
open-vm-tools/libvmtools/vmtoolsLog.c | 6 ++---
.../plugins/guestInfo/guestInfoServer.c | 2 +-
open-vm-tools/services/vmtoolsd/pluginMgr.c | 1 +
open-vm-tools/vgauth/lib/proto.c | 23 +++++++++++++++----
open-vm-tools/vgauth/serviceImpl/alias.c | 4 ++++
5 files changed, 28 insertions(+), 8 deletions(-)
diff --git a/open-vm-tools/libvmtools/vmtoolsLog.c b/open-vm-tools/libvmtools/vmtoolsLog.c
index a991b49f..bea5abd4 100644
--- a/open-vm-tools/libvmtools/vmtoolsLog.c
+++ b/open-vm-tools/libvmtools/vmtoolsLog.c
@@ -2395,7 +2395,6 @@ VMTools_ChangeLogFilePath(const gchar *delimiter, // IN
{
gchar key[128];
gchar *path = NULL;
- gchar *userLogTemp = NULL;
gchar **tokens;
gboolean retVal = FALSE;
@@ -2412,8 +2411,9 @@ VMTools_ChangeLogFilePath(const gchar *delimiter, // IN
tokens = g_strsplit(path, delimiter, 2);
if (tokens != NULL && *tokens != NULL){
- userLogTemp = g_strjoin(appendString, *tokens, " ", NULL);
- userLogTemp = g_strchomp (userLogTemp);
+ char *userLogTemp = g_strjoin(appendString, *tokens, " ", NULL);
+
+ g_strchomp(userLogTemp);
if (*(tokens+1) != NULL){
gchar *userLog;
userLog = g_strjoin(delimiter, userLogTemp, *(tokens+1), NULL);
diff --git a/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c b/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c
index c1ab6962..ab6725fe 100644
--- a/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c
+++ b/open-vm-tools/services/plugins/guestInfo/guestInfoServer.c
@@ -1298,12 +1298,12 @@ GuestInfoSendDiskInfoV1(ToolsAppCtx *ctx, // IN
b64name,
pdi->partitionList[i].freeBytes,
pdi->partitionList[i].totalBytes);
+ g_free(b64name);
if (len <= 0) {
goto exit;
}
DynBuf_Append(&dynBuffer, tmpBuf, len);
- g_free(b64name);
if (pdi->partitionList[i].fsType[0] != '\0') {
len = Str_Snprintf(tmpBuf, sizeof tmpBuf, jsonPerDiskFsTypeFmt,
diff --git a/open-vm-tools/services/vmtoolsd/pluginMgr.c b/open-vm-tools/services/vmtoolsd/pluginMgr.c
index 53b91f7a..d5f2c0ef 100644
--- a/open-vm-tools/services/vmtoolsd/pluginMgr.c
+++ b/open-vm-tools/services/vmtoolsd/pluginMgr.c
@@ -512,6 +512,7 @@ ToolsCoreLoadDirectory(ToolsAppCtx *ctx,
dir = g_dir_open(pluginPath, 0, &err);
if (dir == NULL) {
g_warning("Error opening dir: %s\n", err->message);
+ g_clear_error(&err);
goto exit;
}
diff --git a/open-vm-tools/vgauth/lib/proto.c b/open-vm-tools/vgauth/lib/proto.c
index 12386918..01df9df7 100644
--- a/open-vm-tools/vgauth/lib/proto.c
+++ b/open-vm-tools/vgauth/lib/proto.c
@@ -830,8 +830,10 @@ Proto_TextContents(GMarkupParseContext *parseContext,
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
"Found pipeName in reply type %d",
reply->expectedReplyType);
+ g_free(val);
+ } else {
+ reply->replyData.sessionReq.pipeName = val;
}
- reply->replyData.sessionReq.pipeName = val;
break;
case PARSE_STATE_TICKET:
@@ -839,8 +841,10 @@ Proto_TextContents(GMarkupParseContext *parseContext,
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
"Found ticket in reply type %d",
reply->expectedReplyType);
+ g_free(val);
+ } else {
+ reply->replyData.createTicket.ticket = val;
}
- reply->replyData.createTicket.ticket = val;
break;
case PARSE_STATE_TOKEN:
@@ -853,6 +857,7 @@ Proto_TextContents(GMarkupParseContext *parseContext,
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
"Found token in reply type %d",
reply->expectedReplyType);
+ g_free(val);
}
break;
@@ -863,6 +868,7 @@ Proto_TextContents(GMarkupParseContext *parseContext,
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
"Found token in reply type %d",
reply->expectedReplyType);
+ g_free(val);
}
break;
@@ -878,6 +884,7 @@ Proto_TextContents(GMarkupParseContext *parseContext,
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
"Found username in reply type %d",
reply->expectedReplyType);
+ g_free(val);
}
break;
@@ -890,6 +897,7 @@ Proto_TextContents(GMarkupParseContext *parseContext,
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
"Found pemCert in reply type %d",
reply->expectedReplyType);
+ g_free(val);
}
break;
case PARSE_STATE_CERTCOMMENT:
@@ -899,6 +907,7 @@ Proto_TextContents(GMarkupParseContext *parseContext,
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
"Found cert comment in reply type %d",
reply->expectedReplyType);
+ g_free(val);
}
break;
@@ -923,6 +932,7 @@ Proto_TextContents(GMarkupParseContext *parseContext,
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
"Found SAMLSubject in reply type %d",
reply->expectedReplyType);
+ g_free(val);
}
break;
case PARSE_STATE_USERHANDLETYPE:
@@ -968,6 +978,7 @@ Proto_TextContents(GMarkupParseContext *parseContext,
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
"Found NamedSubject in reply type %d",
reply->expectedReplyType);
+ g_free(val);
}
break;
case PARSE_STATE_ANYSUBJECT:
@@ -990,6 +1001,7 @@ Proto_TextContents(GMarkupParseContext *parseContext,
"Found AnySubject in reply type %d",
reply->expectedReplyType);
}
+ g_free(val);
break;
case PARSE_STATE_COMMENT:
if (PROTO_REPLY_QUERYALIASES == reply->expectedReplyType) {
@@ -1005,11 +1017,13 @@ Proto_TextContents(GMarkupParseContext *parseContext,
g_set_error(error, G_MARKUP_ERROR_PARSE, VGAUTH_E_INVALID_ARGUMENT,
"Found comment in reply type %d",
reply->expectedReplyType);
+ g_free(val);
}
break;
default:
g_warning("Unexpected value '%s' in unhandled parseState %d in %s\n",
val, reply->parseState, __FUNCTION__);
+ g_free(val);
ASSERT(0);
}
}
@@ -1200,7 +1214,6 @@ VGAuth_ReadAndParseResponse(VGAuthContext *ctx,
VGAuthError err = VGAUTH_E_OK;
GMarkupParseContext *parseContext;
gsize len;
- gchar *rawReply = NULL;
ProtoReply *reply;
gboolean bRet;
GError *gErr = NULL;
@@ -1217,6 +1230,8 @@ VGAuth_ReadAndParseResponse(VGAuthContext *ctx,
* transport.
*/
while (!reply->complete) {
+ gchar *rawReply = NULL;
+
err = VGAuth_CommReadData(ctx, &len, &rawReply);
if (0 == len) { // EOF -- not expected
err = VGAUTH_E_COMM;
@@ -1237,6 +1252,7 @@ VGAuth_ReadAndParseResponse(VGAuthContext *ctx,
rawReply,
len,
&gErr);
+ g_free(rawReply);
if (!bRet) {
/*
* XXX Could drain the wire here, but since this should
@@ -1252,7 +1268,6 @@ VGAuth_ReadAndParseResponse(VGAuthContext *ctx,
* XXX need some way to break out if packet never completed
* yet socket left valid. timer?
*/
- g_free(rawReply);
}
#if VGAUTH_PROTO_TRACE
diff --git a/open-vm-tools/vgauth/serviceImpl/alias.c b/open-vm-tools/vgauth/serviceImpl/alias.c
index f6cde02c..0a43811e 100644
--- a/open-vm-tools/vgauth/serviceImpl/alias.c
+++ b/open-vm-tools/vgauth/serviceImpl/alias.c
@@ -3158,6 +3158,9 @@ ServiceIDVerifyStoreContents(void)
* a blacklist of bad files and keep going. but that's
* a lot of risky work that's very hard to test, so punt for now.
*/
+ g_free(badFileName);
+ g_free(fullFileName);
+ g_dir_close(dir);
return VGAUTH_E_FAIL;
} else {
Audit_Event(TRUE,
@@ -3408,6 +3411,7 @@ ServiceAliasInitAliasStore(void)
"Failed to rename suspect Alias store directory '%s' to '%s'"),
aliasStoreRootDir, badRootDirName);
// XXX making this fatal for now. can we do anything better?
+ g_free(badRootDirName);
return VGAUTH_E_FAIL;
}
g_free(badRootDirName);
--
2.18.4

View File

@ -1,5 +1,5 @@
################################################################################
### Copyright 2013-2020 VMware, Inc. All rights reserved.
### Copyright 2013-2021 VMware, Inc. All rights reserved.
###
### RPM SPEC file for building open-vm-tools packages.
###
@ -20,8 +20,8 @@
%global _hardened_build 1
%global majorversion 11.2
%global minorversion 0
%global toolsbuild 16938113
%global minorversion 5
%global toolsbuild 17337674
%global toolsversion %{majorversion}.%{minorversion}
%global toolsdaemon vmtoolsd
@ -41,11 +41,13 @@ Source3: run-vmblock\x2dfuse.mount
Source4: open-vm-tools.conf
Source5: vmtoolsd.pam
# For bz#1935807 - [ESXi][RHEL-8.5][open-vm-tools] Coverity detected an important defect in open-vm-tools-11.2.5 rebase
Patch1: ovt-Fix-a-memory-leak-reported-by-a-partner-from-their-C.patch
ExclusiveArch: x86_64
# For bz#1896804 - [ESXi][open-vm-tools] Coverity detected important defects in open-vm-tools-11.2.0 rebase
Patch1: ovt-Fix-memory-leaks.patch
BuildRequires: make
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: libtool
@ -57,7 +59,6 @@ BuildRequires: glib2-devel >= 2.14.0
BuildRequires: gdk-pixbuf2-xlib-devel
BuildRequires: gtk3-devel >= 3.10.0
BuildRequires: gtkmm30-devel >= 3.10.0
BuildRequires: libdnet-devel
BuildRequires: libicu-devel
BuildRequires: libmspack-devel
# Unfortunately, xmlsec1-openssl does not add libtool-ltdl
@ -365,6 +366,16 @@ fi
%{_bindir}/vmware-vgauth-smoketest
%changelog
* Thu Apr 29 2021 Miroslav Rezanina <mrezanin@redhat.com> - 11.2.5-2.el8
- ovt-Fix-a-memory-leak-reported-by-a-partner-from-their-C.patch [bz#1935807]
- Resolves: bz#1935807
([ESXi][RHEL-8.5][open-vm-tools] Coverity detected an important defect in open-vm-tools-11.2.5 rebase)
* Tue Mar 02 2021 Miroslav Rezanina <mrezanin@redhat.com> - 11.2.5-1.el8
- Rebase to 11.2.5 [bz#1916561]
- Resolves: bz#1916561
([ESXi][RHEL8.5]Open-vm-tools update release 11.2.5 has been released)
* Tue Dec 01 2020 Miroslav Rezanina <mrezanin@redhat.com> - 11.2.0-2.el8
- ovt-Fix-memory-leaks.patch [bz#1896804]
- Resolves: bz#1896804