From 7aeedb105489894fbd1ae6733c1fec2852d6b614 Mon Sep 17 00:00:00 2001 From: Miroslav Rezanina Date: Tue, 11 May 2021 09:16:15 +0200 Subject: [PATCH] * Tue May 11 2021 Miroslav Rezanina - 11.2.5-4 - ovt-Fix-a-memory-leak-reported-by-a-partner-from-their-C.patch [bz#1954040] - Resolves: bz#1954040 ([ESXi][RHEL9.0][open-vm-tools] Coverity detected an important defect in open-vm-tools-11.2.5 rebase) --- open-vm-tools.spec | 9 ++- ...k-reported-by-a-partner-from-their-C.patch | 69 +++++++++++++++++++ 2 files changed, 77 insertions(+), 1 deletion(-) create mode 100644 ovt-Fix-a-memory-leak-reported-by-a-partner-from-their-C.patch diff --git a/open-vm-tools.spec b/open-vm-tools.spec index 9133002..df79431 100644 --- a/open-vm-tools.spec +++ b/open-vm-tools.spec @@ -28,7 +28,7 @@ Name: open-vm-tools Version: %{toolsversion} -Release: 3%{?dist} +Release: 4%{?dist} Summary: Open Virtual Machine Tools for virtual machines hosted on VMware License: GPLv2 URL: https://github.com/vmware/%{name} @@ -48,6 +48,8 @@ ExclusiveArch: %{ix86} x86_64 Patch1: %{name}-gcc11.patch # For bz#1936382 - [ESXi][RHEL-9][FTBS] open-vm-tools not working with newer gtk libraries Patch2: ovt-Fixes-necessary-to-build-open-vm-tools-with-newer-gt.patch +# For bz#1954040 - [ESXi][RHEL9.0][open-vm-tools] Coverity detected an important defect in open-vm-tools-11.2.5 rebase +Patch3: ovt-Fix-a-memory-leak-reported-by-a-partner-from-their-C.patch BuildRequires: autoconf BuildRequires: automake @@ -393,6 +395,11 @@ fi %{_bindir}/vmware-vgauth-smoketest %changelog +* Tue May 11 2021 Miroslav Rezanina - 11.2.5-4 +- ovt-Fix-a-memory-leak-reported-by-a-partner-from-their-C.patch [bz#1954040] +- Resolves: bz#1954040 + ([ESXi][RHEL9.0][open-vm-tools] Coverity detected an important defect in open-vm-tools-11.2.5 rebase) + * Fri Apr 16 2021 Mohan Boddu - 11.2.5-3 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 diff --git a/ovt-Fix-a-memory-leak-reported-by-a-partner-from-their-C.patch b/ovt-Fix-a-memory-leak-reported-by-a-partner-from-their-C.patch new file mode 100644 index 0000000..1780a54 --- /dev/null +++ b/ovt-Fix-a-memory-leak-reported-by-a-partner-from-their-C.patch @@ -0,0 +1,69 @@ +From 91bbbafc599978c5065879351715f452d2a003ea Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Sun, 25 Apr 2021 14:54:39 -0400 +Subject: [PATCH] Fix a memory leak reported by a partner from their Coverity + scans. + +RH-Author: Cathy Avery (cavery) +RH-MergeRequest: 4: Fix a memory leak reported by a partner from their Coverity scans. +RH-Commit: [1/1] 30a99cc22d39845f1fd272cf841c6a684f3174d4 +RH-Bugzilla: 1954040 +RH-Acked-by: Eduardo Otubo +RH-Acked-by: Mohamed Gamal + +commit 4f7441d8cd20923e509ff819084693bbd8c928df +Author: John Wolfe +Date: Thu Mar 25 20:21:17 2021 -0700 + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1954040 +Brew: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=36472596 +Tested: Tested by QE +Upstream Status: origin/devel +Conflicts: None + + Fix a memory leak reported by a partner from their Coverity scans. + +Signed-off-by: Cathy Avery +--- + open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c | 8 +++----- + 1 file changed, 3 insertions(+), 5 deletions(-) + +diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +index fbadee2c..aaa5082a 100644 +--- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c ++++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +@@ -1,5 +1,5 @@ + /********************************************************* +- * Copyright (C) 2016-2020 VMware, Inc. All rights reserved. ++ * Copyright (C) 2016-2021 VMware, Inc. All rights reserved. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published +@@ -872,7 +872,6 @@ VerifySubject(xmlDocPtr doc, + xmlNodePtr nameIDNode; + xmlNodePtr child; + gchar *subjectVal = NULL; +- gboolean retCode = FALSE; + gboolean validSubjectFound = FALSE; + xmlChar *tmp; + +@@ -956,14 +955,13 @@ VerifySubject(xmlDocPtr doc, + } + } + ++done: + if (validSubjectFound && (NULL != subjectRet)) { + *subjectRet = subjectVal; + } else { + g_free(subjectVal); + } +- retCode = validSubjectFound; +-done: +- return retCode; ++ return validSubjectFound; + } + + +-- +2.27.0 +