rpms/xmlsec1
7
0
Fork 0
Code Issues Pull Requests Releases Activity
2a2170b44d
xmlsec1/0001-resource-leaks.patch
Tomas Halman 2a2170b44d Fix memory leaks found by SAST 
Resolves: RHEL-35381
2024-05-13 15:35:58 +02:00

98 lines
3.8 KiB
Diff
Raw Blame History

diff -up xmlsec1-1.2.29/src/c14n.c.orig xmlsec1-1.2.29/src/c14n.c
--- xmlsec1-1.2.29/src/c14n.c.orig 2024-05-10 13:47:12.698153446 +0200
+++ xmlsec1-1.2.29/src/c14n.c 2024-05-10 18:30:35.148285625 +0200
@@ -233,7 +233,10 @@ xmlSecTransformC14NPushXml(xmlSecTransfo
/* we are using a semi-hack here: we know that xmlSecPtrList keeps
* all pointers in the big array */
nsList = xmlSecTransformC14NGetNsList(transform);
- xmlSecAssert2(xmlSecPtrListCheckId(nsList, xmlSecStringListId), -1);
+ if (! xmlSecPtrListCheckId(nsList, xmlSecStringListId)) {
+ xmlOutputBufferClose(buf);
+ xmlSecAssert2(0, -1);
+ };
ret = xmlSecTransformC14NExecute(transform->id, nodes, (xmlChar**)(nsList->data), buf);
if(ret < 0) {
@@ -297,7 +300,10 @@ xmlSecTransformC14NPopBin(xmlSecTransfor
/* we are using a semi-hack here: we know that xmlSecPtrList keeps
* all pointers in the big array */
nsList = xmlSecTransformC14NGetNsList(transform);
- xmlSecAssert2(xmlSecPtrListCheckId(nsList, xmlSecStringListId), -1);
+ if (! xmlSecPtrListCheckId(nsList, xmlSecStringListId)) {
+ xmlOutputBufferClose(buf);
+ xmlSecAssert2(0, -1);
+ }
ret = xmlSecTransformC14NExecute(transform->id, transform->inNodes, (xmlChar**)(nsList->data), buf);
if(ret < 0) {
@@ -737,4 +743,3 @@ xmlSecTransformId
xmlSecTransformRemoveXmlTagsC14NGetKlass(void) {
return(&xmlSecTransformRemoveXmlTagsC14NKlass);
}
-
diff -up xmlsec1-1.2.29/src/gcrypt/asymkeys.c.orig xmlsec1-1.2.29/src/gcrypt/asymkeys.c
--- xmlsec1-1.2.29/src/gcrypt/asymkeys.c.orig 2024-05-10 18:47:45.800368678 +0200
+++ xmlsec1-1.2.29/src/gcrypt/asymkeys.c 2024-05-13 09:11:08.784351577 +0200
@@ -198,6 +198,9 @@ done:
gcry_sexp_release(priv_key);
}
+ /* Adopt functions assume ownership thus the caller would expect this to be released */
+ gcry_sexp_release(key_pair);
+
/* done */
return(res);
}
diff -up xmlsec1-1.2.29/src/parser.c.orig xmlsec1-1.2.29/src/parser.c
--- xmlsec1-1.2.29/src/parser.c.orig 2024-05-10 13:46:59.217160842 +0200
+++ xmlsec1-1.2.29/src/parser.c 2024-05-10 17:28:22.848994008 +0200
@@ -368,7 +368,6 @@ xmlDocPtr
xmlSecParseFile(const char *filename) {
xmlParserCtxtPtr ctxt;
xmlDocPtr res = NULL;
- char *directory = NULL;
int ret;
xmlSecAssert2(filename != NULL, NULL);
@@ -385,23 +384,15 @@ xmlSecParseFile(const char *filename) {
/* crashes on x64 xmlCtxtUseOptions (ctxt, XML_PARSE_HUGE); */
/* todo: set directories from current doc? */
- if ((ctxt->directory == NULL) && (directory == NULL)) {
- directory = xmlParserGetDirectory(filename);
- if(directory == NULL) {
+ if (ctxt->directory == NULL) {
+ ctxt->directory = xmlParserGetDirectory(filename);
+ if(ctxt->directory == NULL) {
xmlSecXmlError2("xmlParserGetDirectory", NULL,
"filename=%s", xmlSecErrorsSafeString(filename));
xmlFreeParserCtxt(ctxt);
return(NULL);
}
}
- if ((ctxt->directory == NULL) && (directory != NULL)) {
- ctxt->directory = (char *) xmlStrdup(BAD_CAST directory);
- if(ctxt->directory == NULL) {
- xmlSecStrdupError(BAD_CAST directory, NULL);
- xmlFreeParserCtxt(ctxt);
- return(NULL);
- }
- }
/* required for c14n! */
ctxt->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
@@ -559,7 +550,7 @@ xmlSecParseMemory(const xmlSecByte *buff
if(ctxt->myDoc != NULL) {
xmlFreeDoc(ctxt->myDoc);
ctxt->myDoc = NULL;
- }
+ }
xmlFreeParserCtxt(ctxt);
return(NULL);
}
@@ -580,4 +571,3 @@ xmlSecParseMemory(const xmlSecByte *buff
xmlFreeParserCtxt(ctxt);
return(res);
}
-
Reference in New Issue View Git Blame Copy Permalink