Merged update from upstream sources

This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/tar.git#0bea5fee498fdb5ae3d6701be77e2b9a279390fe
2021-01-25 12:25:59 +00:00 · 2021-01-25 12:25:59 +00:00 · 2a706f8410
parent 2556287088
commit 2a706f8410
2 changed files with 127 additions and 1 deletions
--- a/tar-1.33-fix-read-header-mem-leak.patch
+++ b/tar-1.33-fix-read-header-mem-leak.patch
@ -0,0 +1,122 @@
+From: Sergey Poznyakoff <gray@gnu.org>
+Subject: [PATCH] Bug reported in https://savannah.gnu.org/bugs/?59897
+
+* src/list.c (read_header): Don't return directly from the loop.
+Instead set the status and break.  Return the status.  Free
+next_long_name and next_long_link before returning.
+---
+ src/list.c | 38 +++++++++++++++++++++++++++-----------
+ 1 file changed, 27 insertions(+), 11 deletions(-)
+
+diff --git a/src/list.c b/src/list.c
+index 95b53f8..6ad2ef2 100644
+--- a/src/list.c
+++ b/src/list.c
+@@ -419,26 +419,27 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ 	     enum read_header_mode mode)
+ {
+   union block *header;
+-  union block *header_copy;
+   char *bp;
+   union block *data_block;
+   size_t size, written;
+-  union block *next_long_name = 0;
+-  union block *next_long_link = 0;
+  union block *next_long_name = NULL;
+  union block *next_long_link = NULL;
+   size_t next_long_name_blocks = 0;
+   size_t next_long_link_blocks = 0;
+  enum read_header status = HEADER_SUCCESS;
+ 
+   while (1)
+     {
+-      enum read_header status;
+-
+       header = find_next_block ();
+       *return_block = header;
+       if (!header)
+-	return HEADER_END_OF_FILE;
+        {
+          status = HEADER_END_OF_FILE;
+          break;
+        }
+ 
+       if ((status = tar_checksum (header, false)) != HEADER_SUCCESS)
+-	return status;
+	      break;
+ 
+       /* Good block.  Decode file size and return.  */
+ 
+@@ -448,7 +449,10 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ 	{
+ 	  info->stat.st_size = OFF_FROM_HEADER (header->header.size);
+ 	  if (info->stat.st_size < 0)
+-	    return HEADER_FAILURE;
+	    {
+	      status = HEADER_FAILURE;
+	      break;
+	    }
+ 	}
+ 
+       if (header->header.typeflag == GNUTYPE_LONGNAME
+@@ -458,10 +462,14 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ 	  || header->header.typeflag == SOLARIS_XHDTYPE)
+ 	{
+ 	  if (mode == read_header_x_raw)
+-	    return HEADER_SUCCESS_EXTENDED;
+	    {
+	      status = HEADER_SUCCESS_EXTENDED;
+	      break;
+	    }
+ 	  else if (header->header.typeflag == GNUTYPE_LONGNAME
+ 		   || header->header.typeflag == GNUTYPE_LONGLINK)
+ 	    {
+        union block *header_copy;
+ 	      size_t name_size = info->stat.st_size;
+ 	      size_t n = name_size % BLOCKSIZE;
+ 	      size = name_size + BLOCKSIZE;
+@@ -528,7 +536,10 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ 	      xheader_decode_global (&xhdr);
+ 	      xheader_destroy (&xhdr);
+ 	      if (mode == read_header_x_global)
+-		return HEADER_SUCCESS_EXTENDED;
+          {
+            status = HEADER_SUCCESS_EXTENDED;
+            break;
+          }
+ 	    }
+ 
+ 	  /* Loop!  */
+@@ -547,6 +558,7 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ 	      name = next_long_name->buffer + BLOCKSIZE;
+ 	      recent_long_name = next_long_name;
+ 	      recent_long_name_blocks = next_long_name_blocks;
+        next_long_name = NULL;
+ 	    }
+ 	  else
+ 	    {
+@@ -578,6 +590,7 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ 	      name = next_long_link->buffer + BLOCKSIZE;
+ 	      recent_long_link = next_long_link;
+ 	      recent_long_link_blocks = next_long_link_blocks;
+	      next_long_link = NULL;
+ 	    }
+ 	  else
+ 	    {
+@@ -589,9 +602,12 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ 	    }
+ 	  assign_string (&info->link_name, name);
+ 
+-	  return HEADER_SUCCESS;
+	  break;
+ 	}
+     }
+  free (next_long_name);
+  free (next_long_link);
+  return status;
+ }
+ 
+ #define ISOCTAL(c) ((c)>='0'&&(c)<='7')
+-- 
+2.26.0
+
--- a/tar.spec
+++ b/tar.spec
@ -5,7 +5,7 @@ Summary: GNU file archiving program
 Name: tar
 Epoch: 2
 Version: 1.33
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: GPLv3+
 URL: https://www.gnu.org/software/tar/

@ -19,6 +19,7 @@ Patch3:  tar-1.29-wildcards.patch
 Patch4:  tar-1.28-atime-rofs.patch
 Patch9:  tar-1.28-document-exclude-mistakes.patch
 Patch10: tar-1.33-fix-capabilities-test.patch
+Patch11: tar-1.33-fix-read-header-mem-leak.patch

 BuildRequires: make
 BuildRequires:  gcc
@ -113,6 +114,9 @@ make check || (


 %changelog
+* Mon Jan 25 2021 Ondrej Dubaj <odubaj@redhat.com> - 1.33-2
+- Fixed memory leak in read_header() in list.c (#1917631)
+
 * Thu Jan 07 2021 Pavel Raiskup <praiskup@redhat.com> - 1.33-1
 - new upstream release (see the packaged NEWS file)