diff --git a/ruby-2.6.0-Fix-issues-detected-by-code-analysis-tool.patch b/ruby-2.6.0-Fix-issues-detected-by-code-analysis-tool.patch new file mode 100644 index 0000000..00e1b4d --- /dev/null +++ b/ruby-2.6.0-Fix-issues-detected-by-code-analysis-tool.patch @@ -0,0 +1,78 @@ +From 893949167bdb911c7db9fd59de85f288c09741e1 Mon Sep 17 00:00:00 2001 +From: nobu +Date: Sat, 15 Sep 2018 09:59:14 +0000 +Subject: [PATCH] Fix issues detected by code analysis tool (mainly Coverity). + +* Fix leaked storage in addr2line.c. +* Fix for "top_root" leaking the resource. + +[Fix GH-1956] + +From: Jun Aruga + +git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64750 b2dd03c8-39d4-4d8f-98ff-823fe69b080e +--- + addr2line.c | 8 ++++++-- + regcomp.c | 3 +++ + 2 files changed, 9 insertions(+), 2 deletions(-) + +diff --git a/addr2line.c b/addr2line.c +index 2c422cc1697a..b266e44d5d4b 100644 +--- a/addr2line.c ++++ b/addr2line.c +@@ -593,11 +593,12 @@ fill_lines(int num_traces, void **traces, int check_debuglink, + h = dlopen(NULL, RTLD_NOW|RTLD_LOCAL); + if (!h) continue; + s = dlsym(h, strtab + sym->st_name); +- if (!s) continue; +- if (dladdr(s, &info)) { ++ if (s && dladdr(s, &info)) { + dladdr_fbase = (uintptr_t)info.dli_fbase; ++ dlclose(h); + break; + } ++ dlclose(h); + } + if (ehdr->e_type == ET_EXEC) { + obj->base_addr = 0; +@@ -655,6 +656,9 @@ fill_lines(int num_traces, void **traces, int check_debuglink, + finish: + return dladdr_fbase; + fail: ++ if (file != NULL) { ++ munmap(file, (size_t)filesize); ++ } + return (uintptr_t)-1; + } + +diff --git a/regcomp.c b/regcomp.c +index 0f6bee60d576..df7f73bac501 100644 +--- a/regcomp.c ++++ b/regcomp.c +@@ -3596,6 +3596,7 @@ expand_case_fold_string(Node* node, regex_t* reg) + if (n == 0 || varlen == 0) { + if (IS_NULL(snode)) { + if (IS_NULL(root) && IS_NOT_NULL(prev_node)) { ++ onig_node_free(top_root); + top_root = root = onig_node_list_add(NULL_NODE, prev_node); + if (IS_NULL(root)) { + onig_node_free(prev_node); +@@ -3627,6 +3628,7 @@ expand_case_fold_string(Node* node, regex_t* reg) + } + } + if (IS_NULL(root) && IS_NOT_NULL(prev_node)) { ++ onig_node_free(top_root); + top_root = root = onig_node_list_add(NULL_NODE, prev_node); + if (IS_NULL(root)) { + onig_node_free(prev_node); +@@ -3677,6 +3679,7 @@ expand_case_fold_string(Node* node, regex_t* reg) + if (r != 0) goto mem_err; + + if (IS_NOT_NULL(prev_node) && IS_NULL(root)) { ++ onig_node_free(top_root); + top_root = root = onig_node_list_add(NULL_NODE, prev_node); + if (IS_NULL(root)) { + onig_node_free(srem); +-- +2.21.0 + diff --git a/ruby.spec b/ruby.spec index bfeab34..925f62e 100644 --- a/ruby.spec +++ b/ruby.spec @@ -147,6 +147,11 @@ Patch20: ruby-2.6.0-rdoc-6.0.1-fix-template-typo.patch # Properly harden package using -fstack-protector-strong. # https://bugs.ruby-lang.org/issues/15053 Patch24: ruby-2.6.0-configure-fstack-protector-strong.patch +# Fix CovScan issues. +# https://bugzilla.redhat.com/show_bug.cgi?id=1628592 +# https://bugs.ruby-lang.org/issues/15116 +# https://github.com/ruby/ruby/commit/893949167bdb911c7db9fd59de85f288c09741e1 +Patch25: ruby-2.6.0-Fix-issues-detected-by-code-analysis-tool.patch # Add support for .include directive used by OpenSSL config files. # https://github.com/ruby/openssl/pull/216 @@ -542,6 +547,7 @@ rm -rf ext/fiddle/libffi* %patch22 -p1 %patch23 -p1 %patch24 -p1 +%patch25 -p1 # Provide an example of usage of the tapset: cp -a %{SOURCE3} . @@ -1103,6 +1109,8 @@ OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file OPENSSL_CONF='' \ Resolves: rhbz#1688758 - Don't ship .stp files when SystemTap support is disabled. Related: rhbz#1657915 +- Fix CovScan issues. + Resolves: rhbz#1628592 * Fri Jan 11 2019 Jun Aruga - 2.5.3-103 - Refresh expired certificates to fix FTBFS.