From ba6a3ab7a4de65153eb09e250ceb253fb1a21dfe Mon Sep 17 00:00:00 2001
From: Evgeny Kolesnikov <ekolesni@redhat.com>
Date: Wed, 7 Oct 2020 22:39:38 +0200
Subject: [PATCH] openscap-1.3.4

---
 .gitignore                            | 69 +-------------------------
 openscap-1.3.4-plug-memory-leak.patch | 71 +++++++++++++++++++++++++++
 openscap.spec                         |  8 ++-
 sources                               |  2 +-
 4 files changed, 79 insertions(+), 71 deletions(-)
 create mode 100644 openscap-1.3.4-plug-memory-leak.patch

diff --git a/.gitignore b/.gitignore
index 7514231..0768770 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,68 +1 @@
-openscap-0.6.0.tar.gz
-/openscap-0.6.2.tar.gz
-/openscap-0.6.3.tar.gz
-/openscap-0.6.4.tar.gz
-/openscap-0.6.5.tar.gz
-/openscap-0.6.7.tar.gz
-/openscap-0.6.8.tar.gz
-/openscap-0.7.0.tar.gz
-/openscap-0.7.1.tar.gz
-/openscap-0.7.2.tar.gz
-/openscap-0.7.3.tar.gz
-/openscap-0.7.4.tar.gz
-/openscap-0.8.0.tar.gz
-/openscap-0.8.1.tar.gz
-/openscap-0.8.2.tar.gz
-/openscap-0.8.3.tar.gz
-/openscap-0.8.4.tar.gz
-/openscap-0.8.5.tar.gz
-/openscap-0.9.0.tar.gz
-/openscap-0.9.1.tar.gz
-/openscap-0.9.2.tar.gz
-/openscap-0.9.3.tar.gz
-/openscap-0.9.4.tar.gz
-/openscap-0.9.4.1.tar.gz
-/openscap-0.9.5.tar.gz
-/openscap-0.9.6.tar.gz
-/openscap-0.9.7.tar.gz
-/openscap-0.9.8.tar.gz
-/openscap-0.9.10.tar.gz
-/openscap-0.9.11.tar.gz
-/openscap-0.9.12.tar.gz
-/openscap-0.9.13.tar.gz
-/openscap-1.0.0.tar.gz
-/openscap-1.0.1.tar.gz
-/openscap-1.0.2.tar.gz
-/openscap-1.0.3.tar.gz
-/openscap-1.0.4.tar.gz
-/openscap-1.0.5.tar.gz
-/openscap-1.0.6.tar.gz
-/openscap-1.0.7.tar.gz
-/openscap-1.0.8.tar.gz
-/openscap-1.0.9.tar.gz
-/openscap-1.1.0.tar.gz
-/openscap-1.1.1.tar.gz
-/openscap-1.2.0.tar.gz
-/openscap-1.2.1.tar.gz
-/openscap-1.2.2.tar.gz
-/openscap-1.2.3.tar.gz
-/openscap-1.2.4.tar.gz
-/openscap-1.2.5.tar.gz
-/openscap-1.2.6.tar.gz
-/openscap-1.2.7.tar.gz
-/openscap-1.2.8.tar.gz
-/openscap-1.2.9.tar.gz
-/openscap-1.2.10.tar.gz
-/openscap-1.2.11.tar.gz
-/openscap-1.2.12.tar.gz
-/openscap-1.2.13.tar.gz
-/openscap-1.2.14.tar.gz
-/openscap-1.2.15.tar.gz
-/openscap-1.2.16.tar.gz
-/openscap-1.2.17.tar.gz
-/openscap-1.3.0_alpha1.tar.gz
-/openscap-1.3.0_alpha2.tar.gz
-/openscap-1.3.0.tar.gz
-/openscap-1.3.1.tar.gz
-/openscap-1.3.2.tar.gz
-/openscap-1.3.3.tar.gz
+/openscap-1.3.*.tar.gz
diff --git a/openscap-1.3.4-plug-memory-leak.patch b/openscap-1.3.4-plug-memory-leak.patch
new file mode 100644
index 0000000..8c8f4cf
--- /dev/null
+++ b/openscap-1.3.4-plug-memory-leak.patch
@@ -0,0 +1,71 @@
+From d5518f3f4c32ac19fcf3427602d5b2978b7ef1b4 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Mon, 5 Oct 2020 16:02:29 +0200
+Subject: [PATCH] Plug a memory leak
+
+Addressing:
+
+8 bytes in 1 blocks are indirectly lost in loss record 7 of 235
+   at 0x483A809: malloc (vg_replace_malloc.c:307)
+   by 0x48F15CA: oval_collection_new (oval_collection.c:64)
+   by 0x48F4FCC: oval_result_criteria_node_new (oval_resultCriteriaNode.c:106)
+   by 0x48F5580: make_result_criteria_node_from_oval_criteria_node (oval_resultCriteriaNode.c:249)
+   by 0x48F6B51: make_result_definition_from_oval_definition (oval_resultDefinition.c:130)
+   by 0x48F7F41: oval_result_system_get_new_definition_with_check (oval_resultSystem.c:217)
+   by 0x48F5686: make_result_criteria_node_from_oval_criteria_node (oval_resultCriteriaNode.c:279)
+   by 0x48F55BD: make_result_criteria_node_from_oval_criteria_node (oval_resultCriteriaNode.c:260)
+   by 0x48F6B51: make_result_definition_from_oval_definition (oval_resultDefinition.c:130)
+   by 0x48F8794: oval_result_system_prepare_definition (oval_resultSystem.c:395)
+   by 0x48F86A6: oval_result_system_eval_definition (oval_resultSystem.c:369)
+   by 0x48C23FD: oval_agent_eval_definition (oval_agent.c:181)
+
+8 bytes in 1 blocks are definitely lost in loss record 8 of 235
+   at 0x483A809: malloc (vg_replace_malloc.c:307)
+   by 0x48F1799: oval_collection_iterator (oval_collection.c:120)
+   by 0x48CCE4C: oval_criteria_node_get_subnodes (oval_criteriaNode.c:161)
+   by 0x48F5590: make_result_criteria_node_from_oval_criteria_node (oval_resultCriteriaNode.c:255)
+   by 0x48F6B51: make_result_definition_from_oval_definition (oval_resultDefinition.c:130)
+   by 0x48F7F41: oval_result_system_get_new_definition_with_check (oval_resultSystem.c:217)
+   by 0x48F5686: make_result_criteria_node_from_oval_criteria_node (oval_resultCriteriaNode.c:279)
+   by 0x48F55BD: make_result_criteria_node_from_oval_criteria_node (oval_resultCriteriaNode.c:260)
+   by 0x48F6B51: make_result_definition_from_oval_definition (oval_resultDefinition.c:130)
+   by 0x48F8794: oval_result_system_prepare_definition (oval_resultSystem.c:395)
+   by 0x48F86A6: oval_result_system_eval_definition (oval_resultSystem.c:369)
+   by 0x48C23FD: oval_agent_eval_definition (oval_agent.c:181)
+
+48 (40 direct, 8 indirect) bytes in 1 blocks are definitely lost in loss record 125 of 235
+   at 0x483A809: malloc (vg_replace_malloc.c:307)
+   by 0x48F4F50: oval_result_criteria_node_new (oval_resultCriteriaNode.c:98)
+   by 0x48F5580: make_result_criteria_node_from_oval_criteria_node (oval_resultCriteriaNode.c:249)
+   by 0x48F6B51: make_result_definition_from_oval_definition (oval_resultDefinition.c:130)
+   by 0x48F7F41: oval_result_system_get_new_definition_with_check (oval_resultSystem.c:217)
+   by 0x48F5686: make_result_criteria_node_from_oval_criteria_node (oval_resultCriteriaNode.c:279)
+   by 0x48F55BD: make_result_criteria_node_from_oval_criteria_node (oval_resultCriteriaNode.c:260)
+   by 0x48F6B51: make_result_definition_from_oval_definition (oval_resultDefinition.c:130)
+   by 0x48F8794: oval_result_system_prepare_definition (oval_resultSystem.c:395)
+   by 0x48F86A6: oval_result_system_eval_definition (oval_resultSystem.c:369)
+   by 0x48C23FD: oval_agent_eval_definition (oval_agent.c:181)
+   by 0x48C2671: oval_agent_eval_system (oval_agent.c:286)
+
+This leak has been created by #1610.
+---
+ src/OVAL/results/oval_resultCriteriaNode.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/OVAL/results/oval_resultCriteriaNode.c b/src/OVAL/results/oval_resultCriteriaNode.c
+index 807283206..f6e980861 100644
+--- a/src/OVAL/results/oval_resultCriteriaNode.c
++++ b/src/OVAL/results/oval_resultCriteriaNode.c
+@@ -258,8 +258,11 @@ struct oval_result_criteria_node *make_result_criteria_node_from_oval_criteria_n
+ 					    = oval_criteria_node_iterator_next(oval_subnodes);
+ 					struct oval_result_criteria_node *rslt_subnode
+ 						= make_result_criteria_node_from_oval_criteria_node(sys, oval_subnode, visited_definitions, variable_instance);
+-					if (rslt_subnode == NULL)
++					if (rslt_subnode == NULL) {
++						oval_criteria_node_iterator_free(oval_subnodes);
++						oval_result_criteria_node_free(rslt_node);
+ 						return NULL;
++					}
+ 					oval_result_criteria_node_add_subnode(rslt_node, rslt_subnode);
+ 				}
+ 				oval_criteria_node_iterator_free(oval_subnodes);
diff --git a/openscap.spec b/openscap.spec
index 836448d..700af10 100644
--- a/openscap.spec
+++ b/openscap.spec
@@ -1,11 +1,12 @@
 Name:           openscap
-Version:        1.3.3
-Release:        6%{?dist}
+Version:        1.3.4
+Release:        1%{?dist}
 Epoch:          1
 Summary:        Set of open source libraries enabling integration of the SCAP line of standards
 License:        LGPLv2+
 URL:            http://www.open-scap.org/
 Source0:        https://github.com/OpenSCAP/%{name}/releases/download/%{version}/%{name}-%{version}.tar.gz
+Patch0:         openscap-1.3.4-plug-memory-leak.patch
 BuildRequires:  cmake >= 2.6
 BuildRequires:  gcc
 BuildRequires:  gcc-c++
@@ -197,6 +198,9 @@ pathfix.py -i %{__python3} -p -n $RPM_BUILD_ROOT%{_bindir}/scap-as-rpm
 %{_mandir}/man8/oscap-podman.8*
 
 %changelog
+* Wed Oct 07 2020 Evgenii Kolesnikov <ekolesni@redhat.com> - 1:1.3.4-1
+- Upgrade to the latest upstream release
+
 * Thu Aug 27 2020 Jan Černý <jcerny@redhat.com> - 1:1.3.3-6
 - Disabled the gconf probe, and removed the gconf dependency.
   gconf is a legacy system not used any more, and it blocks testing of oscap-anaconda-addon
diff --git a/sources b/sources
index 5cbe2ac..3a07ce7 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (openscap-1.3.3.tar.gz) = e230668cdf900a2f31ccabc20787dce6c4174740aa7d2cc7b91c1c095e2a5b73d81bb614aa767d2e51383b5472def360c4204e9a6c4c85110c58b9999566613e
+SHA512 (openscap-1.3.4.tar.gz) = 686dbae35fa7b3a3fcb05b0e8babc15249b1830b61388d57b4107507c3a133b9c87a8d32bdd7a796c2726f13774a706b8ed0c9bab158f98eaebec7859fc96755