From 18496a137d0306adbc2eb4889ca6891841e81b25 Mon Sep 17 00:00:00 2001 From: "Brian C. Lane" Date: Mon, 14 Jun 2021 09:42:14 -0700 Subject: [PATCH] - Fix issues that covscan classifies as important Resolves: rhbz#1938836 - Work around a mkswap bug --- ...bparted-Fix-fd-check-in-_flush_cache.patch | 26 +++++++++ ...tential-memory-leak-in-sdmmc_get_pro.patch | 38 +++++++++++++ ...copy-paste-error-in-HFS-journal-code.patch | 34 +++++++++++ ...rted-Fix-end_input-leak-in-do_mkpart.patch | 53 +++++++++++++++++ ...arted-Free-tmp-usage-inside-do_print.patch | 25 ++++++++ ...ed-Fix-memory-leaks-in-do_resizepart.patch | 43 ++++++++++++++ ...rning-about-buffer-size-in-Atari-lab.patch | 57 +++++++++++++++++++ ...x-potential-memory-leak-in-gpt_write.patch | 44 ++++++++++++++ ...-around-a-mkswap-bug-by-using-dev-ze.patch | 34 +++++++++++ ...dev-zero-for-temporary-file-and-mksw.patch | 46 +++++++++++++++ parted.spec | 17 +++++- 11 files changed, 416 insertions(+), 1 deletion(-) create mode 100644 0006-libparted-Fix-fd-check-in-_flush_cache.patch create mode 100644 0007-libparted-Fix-potential-memory-leak-in-sdmmc_get_pro.patch create mode 100644 0008-fs-Fix-copy-paste-error-in-HFS-journal-code.patch create mode 100644 0009-parted-Fix-end_input-leak-in-do_mkpart.patch create mode 100644 0010-parted-Free-tmp-usage-inside-do_print.patch create mode 100644 0011-parted-Fix-memory-leaks-in-do_resizepart.patch create mode 100644 0012-libparted-Fix-warning-about-buffer-size-in-Atari-lab.patch create mode 100644 0013-libparted-Fix-potential-memory-leak-in-gpt_write.patch create mode 100644 0014-tests-t0400-Work-around-a-mkswap-bug-by-using-dev-ze.patch create mode 100644 0015-tests-t9050-Use-dev-zero-for-temporary-file-and-mksw.patch diff --git a/0006-libparted-Fix-fd-check-in-_flush_cache.patch b/0006-libparted-Fix-fd-check-in-_flush_cache.patch new file mode 100644 index 0000000..ab81467 --- /dev/null +++ b/0006-libparted-Fix-fd-check-in-_flush_cache.patch @@ -0,0 +1,26 @@ +From dacdfc20957d92eff7a3c9fd72baa849b45485e3 Mon Sep 17 00:00:00 2001 +From: "Brian C. Lane" +Date: Thu, 10 Jun 2021 15:39:04 -0700 +Subject: [PATCH 06/13] libparted: Fix fd check in _flush_cache + +In theory open() could return 0 so the correct error value is -1. +--- + libparted/arch/linux.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libparted/arch/linux.c b/libparted/arch/linux.c +index 94ea176..9dc90b5 100644 +--- a/libparted/arch/linux.c ++++ b/libparted/arch/linux.c +@@ -1678,7 +1678,7 @@ _flush_cache (PedDevice* dev) + break; + if (!_partition_is_mounted_by_path (name)) { + fd = open (name, WR_MODE, 0); +- if (fd > 0) { ++ if (fd > -1) { + ioctl (fd, BLKFLSBUF); + retry: + if (fsync (fd) < 0 || close (fd) < 0) +-- +2.31.1 + diff --git a/0007-libparted-Fix-potential-memory-leak-in-sdmmc_get_pro.patch b/0007-libparted-Fix-potential-memory-leak-in-sdmmc_get_pro.patch new file mode 100644 index 0000000..4da211b --- /dev/null +++ b/0007-libparted-Fix-potential-memory-leak-in-sdmmc_get_pro.patch @@ -0,0 +1,38 @@ +From 8e6976661409d7c87b1f0a80ebdddc450b4db2dd Mon Sep 17 00:00:00 2001 +From: "Brian C. Lane" +Date: Thu, 10 Jun 2021 15:41:33 -0700 +Subject: [PATCH 07/13] libparted: Fix potential memory leak in + sdmmc_get_product_info + +--- + libparted/arch/linux.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/libparted/arch/linux.c b/libparted/arch/linux.c +index 9dc90b5..aacc94f 100644 +--- a/libparted/arch/linux.c ++++ b/libparted/arch/linux.c +@@ -1399,13 +1399,19 @@ static int + init_sdmmc (PedDevice* dev) + { + char id[128]; +- char *type, *name; ++ char *type = NULL; ++ char *name = NULL; + + if (sdmmc_get_product_info (dev, &type, &name)) { + snprintf (id, sizeof(id) - 1, "%s %s", type, name); + free (type); + free (name); + } else { ++ // One or the other may have been allocated, free it ++ if (type) ++ free(type); ++ if (name) ++ free(name); + snprintf (id, sizeof(id) - 1, "%s", + _("Generic SD/MMC Storage Card")); + } +-- +2.31.1 + diff --git a/0008-fs-Fix-copy-paste-error-in-HFS-journal-code.patch b/0008-fs-Fix-copy-paste-error-in-HFS-journal-code.patch new file mode 100644 index 0000000..3965a91 --- /dev/null +++ b/0008-fs-Fix-copy-paste-error-in-HFS-journal-code.patch @@ -0,0 +1,34 @@ +From acb5300bfc37f8b8c217758e83a31b7ecca84f4a Mon Sep 17 00:00:00 2001 +From: "Brian C. Lane" +Date: Thu, 10 Jun 2021 15:45:57 -0700 +Subject: [PATCH 08/13] fs: Fix copy-paste error in HFS journal code + +--- + libparted/fs/r/hfs/journal.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/libparted/fs/r/hfs/journal.c b/libparted/fs/r/hfs/journal.c +index 862d3d3..c7cd009 100644 +--- a/libparted/fs/r/hfs/journal.c ++++ b/libparted/fs/r/hfs/journal.c +@@ -337,12 +337,14 @@ hfsj_replay_journal(PedFileSystem* fs) + } + jh->checksum = HFS_CPU_TO_32(cksum, is_le); + +- /* The 2 following test are in the XNU Darwin source code */ +- /* so I assume they're needed */ ++ /* https://github.com/apple-opensource/hfs/blob/master/core/hfs_journal.c#L1167 ++ * indicates that this is: ++ * wrap the start ptr if it points to the very end of the journal ++ */ + if (jh->start == jh->size) + jh->start = HFS_CPU_TO_64(PED_SECTOR_SIZE_DEFAULT, is_le); + if (jh->end == jh->size) +- jh->start = HFS_CPU_TO_64(PED_SECTOR_SIZE_DEFAULT, is_le); ++ jh->end = HFS_CPU_TO_64(PED_SECTOR_SIZE_DEFAULT, is_le); + + if (jh->start == jh->end) + return 1; +-- +2.31.1 + diff --git a/0009-parted-Fix-end_input-leak-in-do_mkpart.patch b/0009-parted-Fix-end_input-leak-in-do_mkpart.patch new file mode 100644 index 0000000..9df39be --- /dev/null +++ b/0009-parted-Fix-end_input-leak-in-do_mkpart.patch @@ -0,0 +1,53 @@ +From 3a7f644f21703afcf7088a5994be1a6dff19f679 Mon Sep 17 00:00:00 2001 +From: "Brian C. Lane" +Date: Thu, 10 Jun 2021 15:51:12 -0700 +Subject: [PATCH 09/13] parted: Fix end_input leak in do_mkpart + +--- + parted/parted.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/parted/parted.c b/parted/parted.c +index 41edb7f..e9aa240 100644 +--- a/parted/parted.c ++++ b/parted/parted.c +@@ -645,6 +645,7 @@ do_mkpart (PedDevice** dev, PedDisk** diskp) + char* part_name = NULL; + char *start_usr = NULL, *end_usr = NULL; + char *start_sol = NULL, *end_sol = NULL; ++ char *end_input = NULL; + + if (*diskp) + disk = *diskp; +@@ -698,12 +699,10 @@ do_mkpart (PedDevice** dev, PedDisk** diskp) + + if (!command_line_get_sector (_("Start?"), *dev, &start, &range_start, NULL)) + goto error; +- char *end_input; + if (!command_line_get_sector (_("End?"), *dev, &end, &range_end, &end_input)) + goto error; + + _adjust_end_if_iec(&start, &end, range_end, end_input); +- free(end_input); + + /* processing starts here */ + part = ped_partition_new (disk, part_type, fs_type, start, end); +@@ -839,6 +838,7 @@ do_mkpart (PedDevice** dev, PedDisk** diskp) + free (end_usr); + free (start_sol); + free (end_sol); ++ free(end_input); + + if ((*dev)->type != PED_DEVICE_FILE) + disk_is_modified = 1; +@@ -860,6 +860,7 @@ error: + free (end_usr); + free (start_sol); + free (end_sol); ++ free(end_input); + + return 0; + } +-- +2.31.1 + diff --git a/0010-parted-Free-tmp-usage-inside-do_print.patch b/0010-parted-Free-tmp-usage-inside-do_print.patch new file mode 100644 index 0000000..d243374 --- /dev/null +++ b/0010-parted-Free-tmp-usage-inside-do_print.patch @@ -0,0 +1,25 @@ +From fbd83d9df7bf5fd0c830935decb9bbc482bf95f4 Mon Sep 17 00:00:00 2001 +From: "Brian C. Lane" +Date: Thu, 10 Jun 2021 15:52:28 -0700 +Subject: [PATCH 10/13] parted: Free tmp usage inside do_print + +str_list_create calls gettext_to_wchar which makes a copy of it. +--- + parted/parted.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/parted/parted.c b/parted/parted.c +index e9aa240..ba152c3 100644 +--- a/parted/parted.c ++++ b/parted/parted.c +@@ -1192,6 +1192,7 @@ do_print (PedDevice** dev, PedDisk** diskp) + sprintf (tmp, "%2s ", ""); + + StrList *row = str_list_create (tmp, NULL); ++ free(tmp); + + start = ped_unit_format (*dev, part->geom.start); + end = ped_unit_format_byte ( +-- +2.31.1 + diff --git a/0011-parted-Fix-memory-leaks-in-do_resizepart.patch b/0011-parted-Fix-memory-leaks-in-do_resizepart.patch new file mode 100644 index 0000000..24ef01f --- /dev/null +++ b/0011-parted-Fix-memory-leaks-in-do_resizepart.patch @@ -0,0 +1,43 @@ +From 6c4050af2c6c0abdbe1d553fdf2f19a6b600e9d1 Mon Sep 17 00:00:00 2001 +From: "Brian C. Lane" +Date: Thu, 10 Jun 2021 15:55:59 -0700 +Subject: [PATCH 11/13] parted: Fix memory leaks in do_resizepart + +--- + parted/parted.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/parted/parted.c b/parted/parted.c +index ba152c3..22b5818 100644 +--- a/parted/parted.c ++++ b/parted/parted.c +@@ -1582,7 +1582,6 @@ do_resizepart (PedDevice** dev, PedDisk** diskp) + /* Push the End value back onto the command_line, if it exists */ + if (end_size) { + command_line_push_word(end_size); +- free(end_size); + } + + start = part->geom.start; +@@ -1590,7 +1589,7 @@ do_resizepart (PedDevice** dev, PedDisk** diskp) + if (!command_line_get_sector (_("End?"), *dev, &end, &range_end, &end_input)) + goto error; + _adjust_end_if_iec(&start, &end, range_end, end_input); +- free(end_input); ++ + /* Do not move start of the partition */ + constraint = constraint_from_start_end_fixed_start (*dev, start, range_end); + if (!ped_disk_set_partition_geom (disk, part, constraint, +@@ -1616,6 +1615,9 @@ error_destroy_constraint: + error: + if (range_end != NULL) + ped_geometry_destroy (range_end); ++ free(end_input); ++ free(end_size); ++ + return rc; + } + +-- +2.31.1 + diff --git a/0012-libparted-Fix-warning-about-buffer-size-in-Atari-lab.patch b/0012-libparted-Fix-warning-about-buffer-size-in-Atari-lab.patch new file mode 100644 index 0000000..b7cd8e3 --- /dev/null +++ b/0012-libparted-Fix-warning-about-buffer-size-in-Atari-lab.patch @@ -0,0 +1,57 @@ +From 86594612f8ae4dbc416e3cd1bc8bb05445df09e5 Mon Sep 17 00:00:00 2001 +From: "Brian C. Lane" +Date: Fri, 11 Jun 2021 12:05:22 -0700 +Subject: [PATCH 12/13] libparted: Fix warning about buffer size in Atari label + +When the Atari table is empty it copies 'PARTEDATARI' into the id, and +the start and size bytes. This can be confusion, so turn it into a +union of the string and the non-empty values. +--- + libparted/labels/atari.c | 17 +++++++++++------ + 1 file changed, 11 insertions(+), 6 deletions(-) + +diff --git a/libparted/labels/atari.c b/libparted/labels/atari.c +index 7923487..2ac03d2 100644 +--- a/libparted/labels/atari.c ++++ b/libparted/labels/atari.c +@@ -137,9 +137,14 @@ static AtariFS2PartId atr_fs2pid[] = { + + struct __attribute__ ((packed)) _AtariRawPartition { + uint8_t flag; /* bit 0: active; bit 7: bootable */ +- uint8_t id[3]; /* "GEM", "BGM", "XGM", ... */ +- uint32_t start; /* start of partition */ +- uint32_t size; /* length of partition */ ++ union { ++ uint8_t empty[11]; /* Empty table */ ++ struct __attribute__ ((packed)) { ++ uint8_t id[3]; /* "GEM", "BGM", "XGM", ... */ ++ uint32_t start; /* start of partition */ ++ uint32_t size; /* length of partition */ ++ }; ++ }; + }; + typedef struct _AtariRawPartition AtariRawPartition; + +@@ -241,8 +246,8 @@ static int + atr_is_signature_entry (AtariRawPartition* part) + { + return part->flag == 0 +- && !memcmp (part->id, SIGNATURE_EMPTY_TABLE, +- SIGNATURE_EMPTY_SIZE ); ++ && !memcmp (part->empty, SIGNATURE_EMPTY_TABLE, ++ SIGNATURE_EMPTY_SIZE ); + } + + /* Set Parted signature in an AHDI entry */ +@@ -250,7 +255,7 @@ static void + atr_put_signature_entry (AtariRawPartition* part) + { + part->flag = 0; +- memcpy (part->id, SIGNATURE_EMPTY_TABLE, SIGNATURE_EMPTY_SIZE); ++ memcpy (part->empty, SIGNATURE_EMPTY_TABLE, SIGNATURE_EMPTY_SIZE); + } + + #define atr_part_known(part, pid_list) (atr_pid_known ((part)->id, pid_list)) +-- +2.31.1 + diff --git a/0013-libparted-Fix-potential-memory-leak-in-gpt_write.patch b/0013-libparted-Fix-potential-memory-leak-in-gpt_write.patch new file mode 100644 index 0000000..1164a27 --- /dev/null +++ b/0013-libparted-Fix-potential-memory-leak-in-gpt_write.patch @@ -0,0 +1,44 @@ +From 16751493376db612abcceae5ae81fd798c0a4d18 Mon Sep 17 00:00:00 2001 +From: "Brian C. Lane" +Date: Fri, 11 Jun 2021 13:43:02 -0700 +Subject: [PATCH 13/13] libparted: Fix potential memory leak in gpt_write + +_generate_header() can return with 1 after allocating gpt so it needs to +be freed in the error path. +--- + libparted/labels/gpt.c | 12 ++++++++---- + 1 file changed, 8 insertions(+), 4 deletions(-) + +diff --git a/libparted/labels/gpt.c b/libparted/labels/gpt.c +index 93f7add..9b987c1 100644 +--- a/libparted/labels/gpt.c ++++ b/libparted/labels/gpt.c +@@ -1292,8 +1292,10 @@ gpt_write (const PedDisk *disk) + + /* Write PTH and PTEs */ + /* FIXME: Caution: this code is nearly identical to what's just below. */ +- if (_generate_header (disk, 0, ptes_crc, &gpt) != 0) +- goto error_free_ptes; ++ if (_generate_header (disk, 0, ptes_crc, &gpt) != 0) { ++ pth_free(gpt); ++ goto error_free_ptes; ++ } + pth_raw = pth_get_raw (disk->dev, gpt); + pth_free (gpt); + if (pth_raw == NULL) +@@ -1307,8 +1309,10 @@ gpt_write (const PedDisk *disk) + + /* Write Alternate PTH & PTEs */ + /* FIXME: Caution: this code is nearly identical to what's just above. */ +- if (_generate_header (disk, 1, ptes_crc, &gpt) != 0) +- goto error_free_ptes; ++ if (_generate_header (disk, 1, ptes_crc, &gpt) != 0) { ++ pth_free(gpt); ++ goto error_free_ptes; ++ } + pth_raw = pth_get_raw (disk->dev, gpt); + pth_free (gpt); + if (pth_raw == NULL) +-- +2.31.1 + diff --git a/0014-tests-t0400-Work-around-a-mkswap-bug-by-using-dev-ze.patch b/0014-tests-t0400-Work-around-a-mkswap-bug-by-using-dev-ze.patch new file mode 100644 index 0000000..cc4a682 --- /dev/null +++ b/0014-tests-t0400-Work-around-a-mkswap-bug-by-using-dev-ze.patch @@ -0,0 +1,34 @@ +From f801496427db11cc468065dcd77d1c610c0a1047 Mon Sep 17 00:00:00 2001 +From: "Brian C. Lane" +Date: Mon, 14 Jun 2021 14:23:46 -0700 +Subject: [PATCH 14/15] tests: t0400 - Work around a mkswap bug by using + /dev/zero + +mkswap gets stuck, in some situations, when operating on a file full of +holes (see https://bugzilla.redhat.com/show_bug.cgi?id=1971877) so work +around that by using /dev/zero instead of /dev/null +--- + tests/t0400-loop-clobber-infloop.sh | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/tests/t0400-loop-clobber-infloop.sh b/tests/t0400-loop-clobber-infloop.sh +index 2d2190d..d05a8e0 100644 +--- a/tests/t0400-loop-clobber-infloop.sh ++++ b/tests/t0400-loop-clobber-infloop.sh +@@ -22,7 +22,12 @@ + + N=1M + dev=loop-file +-dd if=/dev/null of=$dev bs=1 seek=$N || fail=1 ++ ++cleanup_() { ++ rm -f $dev; ++} ++ ++dd if=/dev/zero of=$dev bs=$N count=1 || fail=1 + + mkswap $dev || fail=1 + +-- +2.31.1 + diff --git a/0015-tests-t9050-Use-dev-zero-for-temporary-file-and-mksw.patch b/0015-tests-t9050-Use-dev-zero-for-temporary-file-and-mksw.patch new file mode 100644 index 0000000..06e058e --- /dev/null +++ b/0015-tests-t9050-Use-dev-zero-for-temporary-file-and-mksw.patch @@ -0,0 +1,46 @@ +From ea1a97b57d4e84005c66bc9c05f2e7c9244b5118 Mon Sep 17 00:00:00 2001 +From: "Brian C. Lane" +Date: Mon, 14 Jun 2021 15:04:05 -0700 +Subject: [PATCH 15/15] tests: t9050 Use /dev/zero for temporary file and + mkswap + +and clean up the usage a little bit by giving it a proper name and +removing the file when finished. +--- + tests/t9050-partition-table-types.sh | 14 ++++++++++---- + 1 file changed, 10 insertions(+), 4 deletions(-) + +diff --git a/tests/t9050-partition-table-types.sh b/tests/t9050-partition-table-types.sh +index 57e004a..d63fa80 100755 +--- a/tests/t9050-partition-table-types.sh ++++ b/tests/t9050-partition-table-types.sh +@@ -35,16 +35,22 @@ pc98 + sun + mkswap + ' ++N=1M ++dev=loop-file + +-dd if=/dev/null of=f bs=1 seek=30M || framework_failure_ ++cleanup_() { ++ rm -f $dev; ++} ++ ++dd if=/dev/zero of=$dev bs=$N count=30 || framework_failure_ + + for i in $types; do + for j in $types; do + echo $i:$j +- case $i in mkswap) mkswap f || fail=1;; +- *) parted -s f mklabel $i || fail=1;; esac ++ case $i in mkswap) mkswap $dev || fail=1;; ++ *) parted -s $dev mklabel $i || fail=1;; esac + case $j in mkswap) continue;; esac +- parted -s f mklabel $j || fail=1 ++ parted -s $dev mklabel $j || fail=1 + done + done + +-- +2.31.1 + diff --git a/parted.spec b/parted.spec index a2af387..290644f 100644 --- a/parted.spec +++ b/parted.spec @@ -4,7 +4,7 @@ Summary: The GNU disk partition manipulation program Name: parted Version: 3.4 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv3+ URL: http://www.gnu.org/software/parted @@ -19,6 +19,16 @@ Patch0002: 0002-doc-Document-fix-flag.patch Patch0003: 0003-tests-Add-tests-for-fix.patch Patch0004: 0004-tests-Fix-test-t1700-probe-fs.patch Patch0005: 0005-tests-Fix-t9041-undetected-in-use-16th-partition.patch +Patch0006: 0006-libparted-Fix-fd-check-in-_flush_cache.patch +Patch0007: 0007-libparted-Fix-potential-memory-leak-in-sdmmc_get_pro.patch +Patch0008: 0008-fs-Fix-copy-paste-error-in-HFS-journal-code.patch +Patch0009: 0009-parted-Fix-end_input-leak-in-do_mkpart.patch +Patch0010: 0010-parted-Free-tmp-usage-inside-do_print.patch +Patch0011: 0011-parted-Fix-memory-leaks-in-do_resizepart.patch +Patch0012: 0012-libparted-Fix-warning-about-buffer-size-in-Atari-lab.patch +Patch0013: 0013-libparted-Fix-potential-memory-leak-in-gpt_write.patch +Patch0014: 0014-tests-t0400-Work-around-a-mkswap-bug-by-using-dev-ze.patch +Patch0015: 0015-tests-t9050-Use-dev-zero-for-temporary-file-and-mksw.patch BuildRequires: gcc BuildRequires: e2fsprogs-devel @@ -122,6 +132,11 @@ make check %changelog +* Thu Jun 10 2021 Brian C. Lane - 3.4-4 +- Fix issues that covscan classifies as important + Resolves: rhbz#1938836 +- Work around a mkswap bug + * Fri Apr 16 2021 Mohan Boddu - 3.4-3 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937