import rpcbind-1.2.5-5.el8

SOURCES/rpcbind-1.2.5-covscan-resource-leaks.patch

@@ -0,0 +1,83 @@
+diff -up rpcbind-1.2.5/src/rpcbind.c.orig rpcbind-1.2.5/src/rpcbind.c
+--- rpcbind-1.2.5/src/rpcbind.c.orig	2018-08-15 10:51:19.000000000 -0400
++++ rpcbind-1.2.5/src/rpcbind.c	2019-11-11 10:53:56.753677937 -0500
+@@ -340,7 +340,7 @@ init_transport(struct netconfig *nconf)
+ {
+ 	int fd = -1;
+ 	struct t_bind taddr;
+-	struct addrinfo hints, *res;
++	struct addrinfo hints, *res = NULL;
+ 	struct __rpc_sockinfo si;
+ 	SVCXPRT	*my_xprt = NULL;
+ 	int status;	/* bound checking ? */
+@@ -817,8 +817,12 @@ got_socket:
+ 	}
+ #endif
+ 
++	if (res != NULL)
++		freeaddrinfo(res);
+ 	return (0);
+ error:
++	if (res != NULL)
++		freeaddrinfo(res);
+ 	close(fd);
+ 	return (1);
+ }
+diff -up rpcbind-1.2.5/src/rpcb_stat.c.orig rpcbind-1.2.5/src/rpcb_stat.c
+--- rpcbind-1.2.5/src/rpcb_stat.c.orig	2018-08-15 10:51:19.000000000 -0400
++++ rpcbind-1.2.5/src/rpcb_stat.c	2019-11-11 10:53:56.754677944 -0500
+@@ -151,7 +151,7 @@ rpcbs_rmtcall(rpcvers_t rtype, rpcproc_t
+ 	rpcbs_rmtcalllist *rl;
+ 	struct netconfig *nconf;
+ 
+-	if (rtype > RPCBVERS_STAT)
++	if (rtype >= RPCBVERS_STAT)
+ 		return;
+ 	for (rl = inf[rtype].rmtinfo; rl; rl = rl->next) {
+ 
+diff -up rpcbind-1.2.5/src/rpcinfo.c.orig rpcbind-1.2.5/src/rpcinfo.c
+--- rpcbind-1.2.5/src/rpcinfo.c.orig	2019-11-11 10:52:54.212281436 -0500
++++ rpcbind-1.2.5/src/rpcinfo.c	2019-11-11 10:53:56.755677950 -0500
+@@ -693,11 +693,11 @@ reply_proc (res, who, nconf)
+     }
+   if (!(uaddr = taddr2uaddr (nconf, who)))
+     {
+-      uaddr = UNKNOWN;
++      printf ("%s\t%s\n", UNKNOWN, hostname);
++    } else {
++      printf ("%s\t%s\n", uaddr, hostname);
++      free ((char *) uaddr);
+     }
+-  printf ("%s\t%s\n", uaddr, hostname);
+-  if (strcmp (uaddr, UNKNOWN))
+-    free ((char *) uaddr);
+   return (FALSE);
+ }
+ 
+diff -up rpcbind-1.2.5/src/util.c.orig rpcbind-1.2.5/src/util.c
+--- rpcbind-1.2.5/src/util.c.orig	2018-08-15 10:51:19.000000000 -0400
++++ rpcbind-1.2.5/src/util.c	2019-11-11 10:53:56.756677956 -0500
+@@ -322,9 +322,10 @@ network_init()
+ 	/*
+ 	 * Now join the RPC ipv6 multicast group on all interfaces.
+ 	 */
+-	if (getifaddrs(&ifp) < 0)
++	if (getifaddrs(&ifp) < 0) {
++		freeaddrinfo (res);
+ 		return;
+-
++	}
+ 	mreq6.ipv6mr_interface = 0;
+ 	inet_pton(AF_INET6, RPCB_MULTICAST_ADDR, &mreq6.ipv6mr_multiaddr);
+ 
+@@ -352,8 +353,8 @@ network_init()
+ 				perror("setsockopt v6 multicast");
+ 	}
+ #endif
+-
+-	/* close(s); */
++	freeaddrinfo (res);
++	close(s);
+ }
+ 
+ struct sockaddr *

SPECS/rpcbind.spec

@@ -4,7 +4,7 @@
 
 Name:           rpcbind
 Version:        1.2.5
-Release:        3%{?dist}
+Release:        5%{?dist}
 Summary:        Universal Addresses to RPC Program Number Mapper
 Group:          System Environment/Daemons
 License:        BSD
@@ -27,6 +27,11 @@ Requires(postun): systemd coreutils
 #
 Patch001: rpcbind-1.2.5-rpcinfo-bufoverflow.patch
 
+#
+# RHEL 8.2
+#
+Patch002: rpcbind-1.2.5-covscan-resource-leaks.patch
+
 Patch100: rpcbind-0.2.3-systemd-envfile.patch
 Patch101: rpcbind-0.2.3-systemd-tmpfiles.patch
 Patch102: rpcbind-0.2.4-runstatdir.patch
@@ -47,6 +52,9 @@ RPC calls on a server on that machine.
 # 1637565 - rpcinfo: Fix stack buffer overflow 
 %patch001 -p1
 
+# 1602680 - Please review important issues found by covscan...
+%patch002 -p1
+
 %patch100 -p1
 %patch101 -p1
 %patch102 -p1
@@ -141,6 +149,12 @@ fi
 %attr(0700, %{rpcbind_user_group}, %{rpcbind_user_group}) %dir %{rpcbind_state_dir}
 
 %changelog
+* Mon Nov 11 2019 Steve Dickson <steved@redhat.com> - 1.2.5-5
+- Removed some issues found by covscan (bz 1602680)
+
+* Fri Jul 26 2019 Steve Dickson <steved@redhat.com> - 1.2.5-4
+- Enable gating using reverse dependency testing of nfs-utils (bz 1681967
+
 * Sat Oct 20 2018 Steve Dickson <steved@redhat.com> - 1.2.5-3
 - Update the URL (bz 1638664)