From e065ea3b217f2c24d57dd077f2df1304bdfd3de8 Mon Sep 17 00:00:00 2001 From: Stefan Berger Date: Mon, 25 Apr 2016 18:33:28 -0400 Subject: [PATCH] Fix various memory leaks in file signature related functions. Fix various memory leaks in file signature related functions. Signed-off-by: Stefan Berger --- lib/rpmsignfiles.c | 2 ++ rpmsign.c | 4 +++- sign/rpmgensig.c | 24 +++++++++++++++++------- 3 files changed, 22 insertions(+), 8 deletions(-) diff --git a/lib/rpmsignfiles.c b/lib/rpmsignfiles.c index 95ac85154..b7d9cccaf 100644 --- a/lib/rpmsignfiles.c +++ b/lib/rpmsignfiles.c @@ -152,10 +152,12 @@ rpmRC rpmSignFiles(Header h, const char *key, char *keypass) goto exit; } if (!headerPutString(h, RPMTAG_FILESIGNATURES, signature)) { + free(signature); rpmlog(RPMLOG_ERR, _("headerPutString failed\n")); rc = RPMRC_FAIL; goto exit; } + free(signature); } exit: diff --git a/rpmsign.c b/rpmsign.c index a61981a15..ddbc5c580 100644 --- a/rpmsign.c +++ b/rpmsign.c @@ -60,6 +60,7 @@ static int doSign(poptContext optCon) char * passPhrase = NULL; char * name = rpmExpand("%{?_gpg_name}", NULL); struct rpmSignArgs sig = {NULL, 0, 0}; + char *key = NULL; if (rstreq(name, "")) { fprintf(stderr, _("You must set \"%%_gpg_name\" in your macro file\n")); @@ -71,7 +72,7 @@ static int doSign(poptContext optCon) } if (signfiles) { - const char *key = rpmExpand("%{?_file_signing_key}", NULL); + key = rpmExpand("%{?_file_signing_key}", NULL); if (rstreq(key, "")) { fprintf(stderr, _("You must set \"$$_file_signing_key\" in your macro file or on the command line with --fskpath\n")); goto exit; @@ -102,6 +103,7 @@ static int doSign(poptContext optCon) } exit: + free(key); free(passPhrase); free(name); return rc; diff --git a/sign/rpmgensig.c b/sign/rpmgensig.c index 77b6d5a1b..0b23db3a6 100644 --- a/sign/rpmgensig.c +++ b/sign/rpmgensig.c @@ -576,8 +576,10 @@ static rpmRC includeFileSignatures(FD_t fd, const char *rpm, key = rpmExpand("%{?_file_signing_key}", NULL); keypass = rpmExpand("%{_file_signing_key_password}", NULL); - if (rstreq(keypass, "")) + if (rstreq(keypass, "")) { + free(keypass); keypass = NULL; + } rc = rpmSignFiles(*hdrp, key, keypass); if (rc != RPMRC_OK) { @@ -641,11 +643,15 @@ static rpmRC includeFileSignatures(FD_t fd, const char *rpm, sigTargetSize = Ftell(fd) - headerStart; fdFiniDigest(fd, PGPHASHALGO_MD5, (void **)&MD5, &md5len, 0); - if (headerGet(*sigp, RPMSIGTAG_MD5, &osigtd, HEADERGET_DEFAULT)) + if (headerGet(*sigp, RPMSIGTAG_MD5, &osigtd, HEADERGET_DEFAULT)) { memcpy(o_md5, osigtd.data, 16); + rpmtdFreeData(&osigtd); + } - if (headerGet(*sigp, RPMSIGTAG_SHA1, &osigtd, HEADERGET_DEFAULT)) + if (headerGet(*sigp, RPMSIGTAG_SHA1, &osigtd, HEADERGET_DEFAULT)) { o_sha1 = xstrdup(osigtd.data); + rpmtdFreeData(&osigtd); + } if (memcmp(MD5, o_md5, md5len) == 0 && strcmp(SHA1, o_sha1) == 0) rpmlog(RPMLOG_WARNING, @@ -655,6 +661,12 @@ static rpmRC includeFileSignatures(FD_t fd, const char *rpm, replaceSigDigests(fd, rpm, sigp, sigStart, sigTargetSize, SHA1, MD5); exit: + free(trpm); + free(MD5); + free(SHA1); + free(o_sha1); + free(keypass); + free(key); if (ofd) (void) closeFile(&ofd); return rc; @@ -675,7 +687,7 @@ static int rpmSign(const char *rpm, int deleting, int signfiles) char *trpm = NULL; Header sigh = NULL; Header h = NULL; - char * msg = NULL; + char *msg = NULL; int res = -1; /* assume failure */ rpmRC rc; struct rpmtd_s utd; @@ -693,7 +705,6 @@ static int rpmSign(const char *rpm, int deleting, int signfiles) if ((rc = rpmLeadRead(fd, &lead, NULL, &msg)) != RPMRC_OK) { rpmlog(RPMLOG_ERR, "%s: %s\n", rpm, msg); - free(msg); goto exit; } @@ -702,14 +713,12 @@ static int rpmSign(const char *rpm, int deleting, int signfiles) if (rc != RPMRC_OK) { rpmlog(RPMLOG_ERR, _("%s: rpmReadSignature failed: %s"), rpm, (msg && *msg ? msg : "\n")); - msg = _free(msg); goto exit; } headerStart = Ftell(fd); if (rpmReadHeader(NULL, fd, &h, &msg) != RPMRC_OK) { rpmlog(RPMLOG_ERR, _("%s: headerRead failed: %s\n"), rpm, msg); - msg = _free(msg); goto exit; } @@ -845,6 +854,7 @@ exit: rpmFreeSignature(sigh); headerFree(h); rpmLeadFree(lead); + free(msg); /* Clean up intermediate target */ if (trpm) {