[Rpm-maint] [PATCH 2/5] Fix various memory leaks in file signature related functions.
Stefan Berger
stefanb at linux.vnet.ibm.com
Mon Apr 25 22:33:28 UTC 2016
From: Stefan Berger <stefanb at us.ibm.com>
Fix various memory leaks in file signature related functions.
Signed-off-by: Stefan Berger <stefanb at linux.vnet.ibm.com>
---
lib/rpmsignfiles.c | 2 ++
rpmsign.c | 4 +++-
sign/rpmgensig.c | 24 +++++++++++++++++-------
3 files changed, 22 insertions(+), 8 deletions(-)
diff --git a/lib/rpmsignfiles.c b/lib/rpmsignfiles.c
index 95ac851..b7d9ccc 100644
--- a/lib/rpmsignfiles.c
+++ b/lib/rpmsignfiles.c
@@ -152,10 +152,12 @@ rpmRC rpmSignFiles(Header h, const char *key, char *keypass)
goto exit;
}
if (!headerPutString(h, RPMTAG_FILESIGNATURES, signature)) {
+ free(signature);
rpmlog(RPMLOG_ERR, _("headerPutString failed\n"));
rc = RPMRC_FAIL;
goto exit;
}
+ free(signature);
}
exit:
diff --git a/rpmsign.c b/rpmsign.c
index a61981a..ddbc5c5 100644
--- a/rpmsign.c
+++ b/rpmsign.c
@@ -60,6 +60,7 @@ static int doSign(poptContext optCon)
char * passPhrase = NULL;
char * name = rpmExpand("%{?_gpg_name}", NULL);
struct rpmSignArgs sig = {NULL, 0, 0};
+ char *key = NULL;
if (rstreq(name, "")) {
fprintf(stderr, _("You must set \"%%_gpg_name\" in your macro file\n"));
@@ -71,7 +72,7 @@ static int doSign(poptContext optCon)
}
if (signfiles) {
- const char *key = rpmExpand("%{?_file_signing_key}", NULL);
+ key = rpmExpand("%{?_file_signing_key}", NULL);
if (rstreq(key, "")) {
fprintf(stderr, _("You must set \"$$_file_signing_key\" in your macro file or on the command line with --fskpath\n"));
goto exit;
@@ -102,6 +103,7 @@ static int doSign(poptContext optCon)
}
exit:
+ free(key);
free(passPhrase);
free(name);
return rc;
diff --git a/sign/rpmgensig.c b/sign/rpmgensig.c
index 77b6d5a..0b23db3 100644
--- a/sign/rpmgensig.c
+++ b/sign/rpmgensig.c
@@ -576,8 +576,10 @@ static rpmRC includeFileSignatures(FD_t fd, const char *rpm,
key = rpmExpand("%{?_file_signing_key}", NULL);
keypass = rpmExpand("%{_file_signing_key_password}", NULL);
- if (rstreq(keypass, ""))
+ if (rstreq(keypass, "")) {
+ free(keypass);
keypass = NULL;
+ }
rc = rpmSignFiles(*hdrp, key, keypass);
if (rc != RPMRC_OK) {
@@ -641,11 +643,15 @@ static rpmRC includeFileSignatures(FD_t fd, const char *rpm,
sigTargetSize = Ftell(fd) - headerStart;
fdFiniDigest(fd, PGPHASHALGO_MD5, (void **)&MD5, &md5len, 0);
- if (headerGet(*sigp, RPMSIGTAG_MD5, &osigtd, HEADERGET_DEFAULT))
+ if (headerGet(*sigp, RPMSIGTAG_MD5, &osigtd, HEADERGET_DEFAULT)) {
memcpy(o_md5, osigtd.data, 16);
+ rpmtdFreeData(&osigtd);
+ }
- if (headerGet(*sigp, RPMSIGTAG_SHA1, &osigtd, HEADERGET_DEFAULT))
+ if (headerGet(*sigp, RPMSIGTAG_SHA1, &osigtd, HEADERGET_DEFAULT)) {
o_sha1 = xstrdup(osigtd.data);
+ rpmtdFreeData(&osigtd);
+ }
if (memcmp(MD5, o_md5, md5len) == 0 && strcmp(SHA1, o_sha1) == 0)
rpmlog(RPMLOG_WARNING,
@@ -655,6 +661,12 @@ static rpmRC includeFileSignatures(FD_t fd, const char *rpm,
replaceSigDigests(fd, rpm, sigp, sigStart, sigTargetSize, SHA1, MD5);
exit:
+ free(trpm);
+ free(MD5);
+ free(SHA1);
+ free(o_sha1);
+ free(keypass);
+ free(key);
if (ofd)
(void) closeFile(&ofd);
return rc;
@@ -675,7 +687,7 @@ static int rpmSign(const char *rpm, int deleting, int signfiles)
char *trpm = NULL;
Header sigh = NULL;
Header h = NULL;
- char * msg = NULL;
+ char *msg = NULL;
int res = -1; /* assume failure */
rpmRC rc;
struct rpmtd_s utd;
@@ -693,7 +705,6 @@ static int rpmSign(const char *rpm, int deleting, int signfiles)
if ((rc = rpmLeadRead(fd, &lead, NULL, &msg)) != RPMRC_OK) {
rpmlog(RPMLOG_ERR, "%s: %s\n", rpm, msg);
- free(msg);
goto exit;
}
@@ -702,14 +713,12 @@ static int rpmSign(const char *rpm, int deleting, int signfiles)
if (rc != RPMRC_OK) {
rpmlog(RPMLOG_ERR, _("%s: rpmReadSignature failed: %s"), rpm,
(msg && *msg ? msg : "\n"));
- msg = _free(msg);
goto exit;
}
headerStart = Ftell(fd);
if (rpmReadHeader(NULL, fd, &h, &msg) != RPMRC_OK) {
rpmlog(RPMLOG_ERR, _("%s: headerRead failed: %s\n"), rpm, msg);
- msg = _free(msg);
goto exit;
}
@@ -845,6 +854,7 @@ exit:
rpmFreeSignature(sigh);
headerFree(h);
rpmLeadFree(lead);
+ free(msg);
/* Clean up intermediate target */
if (trpm) {
--
2.5.5
More information about the Rpm-maint
mailing list