Fix OpenScanHub findings

Resolves: RHEL-54012
Resolves: RHEL-54013
Resolves: RHEL-37564
This commit is contained in:
Michal Domonkos 2024-08-13 13:54:45 +02:00
parent 4a205e4f23
commit 0c62987083
4 changed files with 100 additions and 2 deletions

View File

@ -0,0 +1,27 @@
From 65fa582b5cb267bb73c3e2b4c502f456d50c41f0 Mon Sep 17 00:00:00 2001
From: Michal Domonkos <mdomonko@redhat.com>
Date: Mon, 12 Aug 2024 17:15:48 +0200
Subject: [PATCH] Fix memory leak in rpmsign
Found by Coverity.
Fixes: RHEL-37564
---
tools/rpmsign.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/tools/rpmsign.c b/tools/rpmsign.c
index a47b2c109..c5e3e11b4 100644
--- a/tools/rpmsign.c
+++ b/tools/rpmsign.c
@@ -152,6 +152,7 @@ static int doSign(poptContext optCon, struct rpmSignArgs *sargs)
char *key = rpmExpand("%{?_file_signing_key}", NULL);
if (rstreq(key, "")) {
fprintf(stderr, _("You must set \"%%_file_signing_key\" in your macro file or on the command line with --fskpath\n"));
+ free(key);
goto exit;
}
--
2.46.0

View File

@ -0,0 +1,32 @@
From 1b90b8c7d176026b669ce28c6e185724a4b208b0 Mon Sep 17 00:00:00 2001
From: Michal Domonkos <mdomonko@redhat.com>
Date: Fri, 7 Jun 2024 10:14:25 +0200
Subject: [PATCH] Fix potential use of uninitialized pgp struct
We only call initPgpData() after base64 encoding the pubkey so if the
latter fails, the kd struct will be left uninitialized and subsequently
read from after skipping to the exit label. Fix by initializing it.
Found by Coverity.
Fixes: RHEL-22605
---
lib/rpmts.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lib/rpmts.c b/lib/rpmts.c
index 3070b97e6..76964c60a 100644
--- a/lib/rpmts.c
+++ b/lib/rpmts.c
@@ -508,6 +508,8 @@ static int makePubkeyHeader(rpmts ts, rpmPubkey key, rpmPubkey *subkeys,
int rc = -1;
int i;
+ memset(&kd, 0, sizeof(kd));
+
if ((enc = rpmPubkeyBase64(key)) == NULL)
goto exit;
--
2.46.0

View File

@ -0,0 +1,32 @@
From bff65aad8af719542c7b0c6429e09223c014a909 Mon Sep 17 00:00:00 2001
From: Michal Domonkos <mdomonko@redhat.com>
Date: Thu, 6 Jun 2024 09:15:02 +0200
Subject: [PATCH] Fix potential use of uninitialized pipe array
We only call pipe(2) after the script is written to disk so if the
latter fails, the array will be left uninitialized and subsequently read
after skipping to the exit label. Fix by initializing it.
Found by Coverity.
Fixes: RHEL-22604
---
lib/rpmscript.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/rpmscript.c b/lib/rpmscript.c
index 281c55c53..1de4acf8e 100644
--- a/lib/rpmscript.c
+++ b/lib/rpmscript.c
@@ -316,7 +316,7 @@ static rpmRC runExtScript(rpmPlugins plugins, ARGV_const_t prefixes,
char * fn = NULL;
pid_t pid, reaped;
int status;
- int inpipe[2];
+ int inpipe[2] = { -1, -1 };
FILE *in = NULL;
const char *line;
char *mline = NULL;
--
2.46.0

View File

@ -27,7 +27,7 @@
%global rpmver 4.19.1.1 %global rpmver 4.19.1.1
#global snapver rc1 #global snapver rc1
%global baserelease 2 %global baserelease 3
%global sover 10 %global sover 10
%global srcver %{rpmver}%{?snapver:-%{snapver}} %global srcver %{rpmver}%{?snapver:-%{snapver}}
@ -136,7 +136,9 @@ rpm-4.18.92-disable-sysusers.patch
rpm-4.18.90-weak-user-group.patch rpm-4.18.90-weak-user-group.patch
# Patches already upstream: # Patches already upstream:
# ... 0001-Fix-potential-use-of-uninitialized-pipe-array.patch
0001-Fix-potential-use-of-uninitialized-pgp-struct.patch
0001-Fix-memory-leak-in-rpmsign.patch
# These are not yet upstream # These are not yet upstream
rpm-4.7.1-geode-i686.patch rpm-4.7.1-geode-i686.patch
@ -614,6 +616,11 @@ fi
%doc %{_defaultdocdir}/rpm/API/ %doc %{_defaultdocdir}/rpm/API/
%changelog %changelog
* Tue Aug 13 2024 Michal Domonkos <mdomonko@redhat.com> - 4.19.1.1-3
- Fix potential use of uninitialized pipe array (RHEL-54012)
- Fix potential use of uninitialized pgp struct (RHEL-54013)
- Fix memory leak in rpmsign(8) (RHEL-37564)
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 4.19.1.1-2 * Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 4.19.1.1-2
- Bump release for June 2024 mass rebuild - Bump release for June 2024 mass rebuild