xmlsec1/0001-resource-leaks.patch

diff -up xmlsec1-1.2.25/src/c14n.c.orig xmlsec1-1.2.25/src/c14n.c
--- xmlsec1-1.2.25/src/c14n.c.orig	2017-09-12 15:21:09.000000000 +0200
+++ xmlsec1-1.2.25/src/c14n.c	2024-05-14 09:55:35.800202266 +0200
@@ -228,7 +228,10 @@ xmlSecTransformC14NPushXml(xmlSecTransfo
     /* we are using a semi-hack here: we know that xmlSecPtrList keeps
      * all pointers in the big array */
     nsList = xmlSecTransformC14NGetNsList(transform);
-    xmlSecAssert2(xmlSecPtrListCheckId(nsList, xmlSecStringListId), -1);
+    if (! xmlSecPtrListCheckId(nsList, xmlSecStringListId)) {
+        xmlOutputBufferClose(buf);
+        xmlSecAssert2(0, -1);
+    };
 
     ret = xmlSecTransformC14NExecute(transform->id, nodes, (xmlChar**)(nsList->data), buf);
     if(ret < 0) {
@@ -292,7 +295,10 @@ xmlSecTransformC14NPopBin(xmlSecTransfor
         /* we are using a semi-hack here: we know that xmlSecPtrList keeps
          * all pointers in the big array */
         nsList = xmlSecTransformC14NGetNsList(transform);
-        xmlSecAssert2(xmlSecPtrListCheckId(nsList, xmlSecStringListId), -1);
+        if (! xmlSecPtrListCheckId(nsList, xmlSecStringListId)) {
+            xmlOutputBufferClose(buf);
+            xmlSecAssert2(0, -1);
+        }
 
         ret = xmlSecTransformC14NExecute(transform->id, transform->inNodes, (xmlChar**)(nsList->data), buf);
         if(ret < 0) {
@@ -732,4 +738,3 @@ xmlSecTransformId
 xmlSecTransformRemoveXmlTagsC14NGetKlass(void) {
     return(&xmlSecTransformRemoveXmlTagsC14NKlass);
 }
-
diff -up xmlsec1-1.2.25/src/gcrypt/asymkeys.c.orig xmlsec1-1.2.25/src/gcrypt/asymkeys.c
--- xmlsec1-1.2.25/src/gcrypt/asymkeys.c.orig	2017-09-12 15:21:09.000000000 +0200
+++ xmlsec1-1.2.25/src/gcrypt/asymkeys.c	2024-05-14 09:55:35.801202265 +0200
@@ -190,6 +190,9 @@ done:
         gcry_sexp_release(priv_key);
     }
 
+    /* Adopt functions assume ownership thus the caller would expect this to be released */
+    gcry_sexp_release(key_pair);
+
     /* done */
     return(res);
 }
diff -up xmlsec1-1.2.25/src/parser.c.orig xmlsec1-1.2.25/src/parser.c
--- xmlsec1-1.2.25/src/parser.c.orig	2017-09-12 15:21:09.000000000 +0200
+++ xmlsec1-1.2.25/src/parser.c	2024-05-14 09:55:35.802202264 +0200
@@ -354,7 +354,6 @@ xmlDocPtr
 xmlSecParseFile(const char *filename) {
     xmlParserCtxtPtr ctxt;
     xmlDocPtr res = NULL;
-    char *directory = NULL;
     int ret;
 
     xmlSecAssert2(filename != NULL, NULL);
@@ -371,23 +370,15 @@ xmlSecParseFile(const char *filename) {
     /* crashes on x64 xmlCtxtUseOptions (ctxt, XML_PARSE_HUGE); */
 
     /* todo: set directories from current doc? */
-    if ((ctxt->directory == NULL) && (directory == NULL)) {
-        directory = xmlParserGetDirectory(filename);
-        if(directory == NULL) {
+    if (ctxt->directory == NULL) {
+        ctxt->directory = xmlParserGetDirectory(filename);
+        if(ctxt->directory == NULL) {
             xmlSecXmlError2("xmlParserGetDirectory", NULL,
                             "filename=%s", xmlSecErrorsSafeString(filename));
             xmlFreeParserCtxt(ctxt);
             return(NULL);
         }
     }
-    if ((ctxt->directory == NULL) && (directory != NULL)) {
-        ctxt->directory = (char *) xmlStrdup(BAD_CAST directory);
-        if(ctxt->directory == NULL) {
-            xmlSecStrdupError(BAD_CAST directory, NULL);
-            xmlFreeParserCtxt(ctxt);
-            return(NULL);
-        }
-    }
 
     /* required for c14n! */
     ctxt->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
@@ -547,4 +538,3 @@ xmlSecParseMemory(const xmlSecByte *buff
     xmlFreeParserCtxt(ctxt);
     return(res);
 }
-