Fix resource leaks

Resolves: #1938896
2021-03-31 12:03:54 +02:00 · 2021-03-31 12:03:54 +02:00 · 08cb7b7c09
commit 08cb7b7c09
parent ffd9f3acd6
2 changed files with 68 additions and 1 deletions
--- a/volume_key-0.3.12-fix_resource_leaks.patch
+++ b/volume_key-0.3.12-fix_resource_leaks.patch
@ -0,0 +1,59 @@
+diff --git a/lib/kmip.c b/lib/kmip.c
+index dda819a..333603c 100644
+--- a/lib/kmip.c
+++ b/lib/kmip.c
+@@ -1152,6 +1152,7 @@ kmip_decode_key_value (struct kmip_decoding_state *kmip,
+       break;
+ 
+     default:
+      kmip_key_value_free (res);
+       g_return_val_if_reached (-1);
+     }
+   res->attributes = g_ptr_array_new ();
+@@ -1348,6 +1349,7 @@ kmip_decode_object_symmetric_key (struct kmip_decoding_state *kmip,
+       g_snprintf (num, sizeof (num), "%" G_GUINT32_FORMAT, res->block->type);
+       g_set_error (error, LIBVK_ERROR, LIBVK_ERROR_KMIP_UNSUPPORTED_VALUE,
+ 		   _("Unsupported symmetric key format %s"), num);
+      kmip_object_symmetric_key_free (res);
+       return -1;
+     }
+   *obj = res;
+@@ -1384,6 +1386,7 @@ kmip_decode_object_secret_data (struct kmip_decoding_state *kmip,
+       g_snprintf (num, sizeof (num), "%" G_GUINT32_FORMAT, res->block->type);
+       g_set_error (error, LIBVK_ERROR, LIBVK_ERROR_KMIP_UNSUPPORTED_VALUE,
+ 		   _("Unsupported symmetric key format %s"), num);
+      kmip_object_secret_data_free (res);
+       return -1;
+     }
+   *obj = res;
+diff --git a/lib/volume_luks.c b/lib/volume_luks.c
+index d1c5d47..4d32d9b 100644
+--- a/lib/volume_luks.c
+++ b/lib/volume_luks.c
+@@ -547,8 +547,8 @@ luks_apply_secret (struct libvk_volume *vol, const struct libvk_volume *packet,
+     }
+   g_free (last_log_entry);
+ 
+-  g_return_val_if_fail (vol->v.luks->key_bytes == packet->v.luks->key_bytes,
+-			-1);
+  if (vol->v.luks->key_bytes != packet->v.luks->key_bytes)
+    goto err_passphrase;
+   luks_replace_key (vol, packet->v.luks->key);
+   luks_replace_passphrase (vol, passphrase);
+   vol->v.luks->passphrase_slot = res;
+diff --git a/src/volume_key.c b/src/volume_key.c
+index 074b187..24b70d6 100644
+--- a/src/volume_key.c
+++ b/src/volume_key.c
+@@ -735,6 +735,11 @@ write_packet (struct packet_output_state *pos, const char *filename,
+       || g_file_set_contents (filename, packet, size, error) == FALSE)
+     {
+       g_prefix_error (error, _("Error creating `%s': "), filename);
+      if (packet != NULL) {
+        if (output_format_cleartext != 0)
+          memset (packet, 0, size);
+        g_free (packet);
+      }
+       return -1;
+     }
+   if (output_format_cleartext != 0)
--- a/volume_key.spec
+++ b/volume_key.spec
@ -32,7 +32,7 @@
 Summary: An utility for manipulating storage encryption keys and passphrases
 Name: volume_key
 Version: 0.3.12
-Release: 10%{?dist}
+Release: 11%{?dist}
 # lib/{SECerrs,SSLerrs}.h are both licensed under MPLv1.1, GPLv2 and LGPLv2
 License: GPLv2 and (MPLv1.1 or GPLv2 or LGPLv2)
 URL: https://pagure.io/%{name}/
@ -42,6 +42,9 @@ Source0: https://releases.pagure.org/%{name}/%{name}-%{version}.tar.xz
 # Support all LUKS devices
 # - backport of 26c09768662d8958debe8c9410dae9fda02292c3
 Patch0: volume_key-0.3.12-support_LUKS2_and_more.patch
+# Fix resource leaks
+# - backport of bf6618ec0b09b4e51fc97fa021e687fbd87599ba
+Patch1: volume_key-0.3.12-fix_resource_leaks.patch
 BuildRequires: make
 BuildRequires: gcc
 BuildRequires: cryptsetup-luks-devel, gettext-devel, glib2-devel, /usr/bin/gpg2
@ -117,6 +120,7 @@ Requires: %{name}-libs%{?_isa} = %{version}-%{release}
 %prep
 %setup -q
 %patch0 -p1
+%patch1 -p1

 %build
 %configure %{?with_pythons}
@ -167,6 +171,10 @@ exit 1; \
 %endif

 %changelog
+* Wed Mar 31 2021 Jiri Kucera <jkucera@redhat.com> - 0.3.12-11
+- Fix resource leaks
+  Resolves: #1938896
+
 * Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.12-10
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild