* Tue May 11 2021 Miroslav Rezanina <mrezanin@redhat.com> - 11.2.5-4 - ovt-Fix-a-memory-leak-reported-by-a-partner-from-their-C.patch [bz#1954040] - Resolves: bz#1954040 ([ESXi][RHEL9.0][open-vm-tools] Coverity detected an important defect in open-vm-tools-11.2.5 rebase)

open-vm-tools.spec

@@ -28,7 +28,7 @@
 
 Name:             open-vm-tools
 Version:          %{toolsversion}
-Release:          3%{?dist}
+Release:          4%{?dist}
 Summary:          Open Virtual Machine Tools for virtual machines hosted on VMware
 License:          GPLv2
 URL:              https://github.com/vmware/%{name}
@@ -48,6 +48,8 @@ ExclusiveArch:    %{ix86} x86_64
 Patch1:           %{name}-gcc11.patch
 # For bz#1936382 - [ESXi][RHEL-9][FTBS] open-vm-tools not working with newer gtk libraries
 Patch2: ovt-Fixes-necessary-to-build-open-vm-tools-with-newer-gt.patch
+# For bz#1954040 - [ESXi][RHEL9.0][open-vm-tools] Coverity detected an important defect in open-vm-tools-11.2.5 rebase
+Patch3: ovt-Fix-a-memory-leak-reported-by-a-partner-from-their-C.patch
 
 BuildRequires:    autoconf
 BuildRequires:    automake
@@ -393,6 +395,11 @@ fi
 %{_bindir}/vmware-vgauth-smoketest
 
 %changelog
+* Tue May 11 2021 Miroslav Rezanina <mrezanin@redhat.com> - 11.2.5-4
+- ovt-Fix-a-memory-leak-reported-by-a-partner-from-their-C.patch [bz#1954040]
+- Resolves: bz#1954040
+  ([ESXi][RHEL9.0][open-vm-tools] Coverity detected an important defect in open-vm-tools-11.2.5 rebase)
+
 * Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 11.2.5-3
 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
 

ovt-Fix-a-memory-leak-reported-by-a-partner-from-their-C.patch

@@ -0,0 +1,69 @@
+From 91bbbafc599978c5065879351715f452d2a003ea Mon Sep 17 00:00:00 2001
+From: Cathy Avery <cavery@redhat.com>
+Date: Sun, 25 Apr 2021 14:54:39 -0400
+Subject: [PATCH] Fix a memory leak reported by a partner from their Coverity
+ scans.
+
+RH-Author: Cathy Avery (cavery)
+RH-MergeRequest: 4: Fix a memory leak reported by a partner from their Coverity scans.
+RH-Commit: [1/1] 30a99cc22d39845f1fd272cf841c6a684f3174d4
+RH-Bugzilla: 1954040
+RH-Acked-by: Eduardo Otubo <otubo@redhat.com>
+RH-Acked-by: Mohamed Gamal <mgamal@redhat.com>
+
+commit 4f7441d8cd20923e509ff819084693bbd8c928df
+Author: John Wolfe <jwolfe@vmware.com>
+Date:   Thu Mar 25 20:21:17 2021 -0700
+
+Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1954040
+Brew: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=36472596
+Tested: Tested by QE
+Upstream Status: origin/devel
+Conflicts: None
+
+    Fix a memory leak reported by a partner from their Coverity scans.
+
+Signed-off-by: Cathy Avery <cavery@redhat.com>
+---
+ open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c | 8 +++-----
+ 1 file changed, 3 insertions(+), 5 deletions(-)
+
+diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c
+index fbadee2c..aaa5082a 100644
+--- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c
++++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c
+@@ -1,5 +1,5 @@
+ /*********************************************************
+- * Copyright (C) 2016-2020 VMware, Inc. All rights reserved.
++ * Copyright (C) 2016-2021 VMware, Inc. All rights reserved.
+  *
+  * This program is free software; you can redistribute it and/or modify it
+  * under the terms of the GNU Lesser General Public License as published
+@@ -872,7 +872,6 @@ VerifySubject(xmlDocPtr doc,
+    xmlNodePtr nameIDNode;
+    xmlNodePtr child;
+    gchar *subjectVal = NULL;
+-   gboolean retCode = FALSE;
+    gboolean validSubjectFound = FALSE;
+    xmlChar *tmp;
+ 
+@@ -956,14 +955,13 @@ VerifySubject(xmlDocPtr doc,
+       }
+    }
+ 
++done:
+    if (validSubjectFound && (NULL != subjectRet)) {
+       *subjectRet = subjectVal;
+    } else {
+       g_free(subjectVal);
+    }
+-   retCode = validSubjectFound;
+-done:
+-   return retCode;
++   return validSubjectFound;
+ }
+ 
+ 
+-- 
+2.27.0
+