opencryptoki/SOURCES/opencryptoki-3.19.0-fix-memory-leak.patch

commit d5ccb00e52f5b0c66533f085cda36f63f7583d44
Author: Ingo Franzki <ifranzki@linux.ibm.com>
Date:   Tue Jul 19 16:16:55 2022 +0200

    common: fix memory leak in save_private_token_object
    
    Reported by coverty scan:
    
    Error: RESOURCE_LEAK (CWE-772):
    opencryptoki-3.18.0/usr/lib/common/loadsave.c:2311: alloc_fn:
    Storage is returned from allocation function "fopen".
    opencryptoki-3.18.0/usr/lib/common/loadsave.c:2311: var_assign:
    Assigning: "fp" = storage returned from "fopen(fname, "r")".
    opencryptoki-3.18.0/usr/lib/common/loadsave.c:2316: noescape:
    Resource "fp" is not freed or pointed-to in "fileno".
    opencryptoki-3.18.0/usr/lib/common/loadsave.c:2407: overwrite_var:
    Overwriting "fp" in "fp = fopen(fname, "w")" leaks the storage that "fp" points to.
    
    Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

diff --git a/usr/lib/common/loadsave.c b/usr/lib/common/loadsave.c
index bbd691c0..91955f47 100644
--- a/usr/lib/common/loadsave.c
+++ b/usr/lib/common/loadsave.c
@@ -2344,6 +2344,8 @@ CK_RV save_private_token_object(STDLL_TokData_t *tokdata, OBJECT *obj)
         /* New token objects files created by mkstemp have a size of zero */
         if (sb.st_size == 0) {
             new = 1;
+            fclose(fp);
+            fp = NULL;
             goto do_work;
         }
import opencryptoki-3.18.0-5.el8_7 2023-01-12 08:26:42 +00:00			`commit d5ccb00e52f5b0c66533f085cda36f63f7583d44`
			`Author: Ingo Franzki <ifranzki@linux.ibm.com>`
			`Date: Tue Jul 19 16:16:55 2022 +0200`

			`common: fix memory leak in save_private_token_object`

			`Reported by coverty scan:`

			`Error: RESOURCE_LEAK (CWE-772):`
			`opencryptoki-3.18.0/usr/lib/common/loadsave.c:2311: alloc_fn:`
			`Storage is returned from allocation function "fopen".`
			`opencryptoki-3.18.0/usr/lib/common/loadsave.c:2311: var_assign:`
			`Assigning: "fp" = storage returned from "fopen(fname, "r")".`
			`opencryptoki-3.18.0/usr/lib/common/loadsave.c:2316: noescape:`
			`Resource "fp" is not freed or pointed-to in "fileno".`
			`opencryptoki-3.18.0/usr/lib/common/loadsave.c:2407: overwrite_var:`
			`Overwriting "fp" in "fp = fopen(fname, "w")" leaks the storage that "fp" points to.`

			`Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>`

			`diff --git a/usr/lib/common/loadsave.c b/usr/lib/common/loadsave.c`
			`index bbd691c0..91955f47 100644`
			`--- a/usr/lib/common/loadsave.c`
			`+++ b/usr/lib/common/loadsave.c`
			`@@ -2344,6 +2344,8 @@ CK_RV save_private_token_object(STDLL_TokData_t tokdata, OBJECT obj)`
			`/* New token objects files created by mkstemp have a size of zero */`
			`if (sb.st_size == 0) {`
			`new = 1;`
			`+ fclose(fp);`
			`+ fp = NULL;`
			`goto do_work;`
			`}`