diff --git a/kbd-2.0.4-covscan-fixes.patch b/kbd-2.0.4-covscan-fixes.patch new file mode 100644 index 0000000..127f09c --- /dev/null +++ b/kbd-2.0.4-covscan-fixes.patch @@ -0,0 +1,71 @@ +diff -up kbd-2.0.4/src/kdmapop.c.orig kbd-2.0.4/src/kdmapop.c +--- kbd-2.0.4/src/kdmapop.c.orig 2018-11-05 10:06:05.208744333 +0100 ++++ kbd-2.0.4/src/kdmapop.c 2018-11-05 10:14:16.149215908 +0100 +@@ -154,6 +154,7 @@ int getunimap(int fd, struct unimapdesc + } + if (ioctl(fd, GIO_UNIMAP, &ud)) { + perror("GIO_UNIMAP"); ++ free(ud.entries); + return -1; + } + if (ct != ud.entry_ct) +diff -up kbd-2.0.4/src/libkeymap/common.c.orig kbd-2.0.4/src/libkeymap/common.c +--- kbd-2.0.4/src/libkeymap/common.c.orig 2016-12-19 16:01:51.000000000 +0100 ++++ kbd-2.0.4/src/libkeymap/common.c 2018-11-05 10:05:50.207730393 +0100 +@@ -246,5 +246,8 @@ int lk_free(struct lk_ctx *ctx) + ctx->key_line = NULL; + } + ++ free(ctx); ++ ctx = NULL; ++ + return 0; + } +diff -up kbd-2.0.4/src/libkeymap/parser.c.orig kbd-2.0.4/src/libkeymap/parser.c +diff -up kbd-2.0.4/src/psffontop.c.orig kbd-2.0.4/src/psffontop.c +--- kbd-2.0.4/src/psffontop.c.orig 2018-11-05 10:20:13.336587498 +0100 ++++ kbd-2.0.4/src/psffontop.c 2018-11-05 10:27:26.342994244 +0100 +@@ -271,8 +271,10 @@ int readpsffont(FILE *fontf, char **allb + ftoffset = assemble_int((unsigned char *)&psfhdr.headersize); + fontwidth = assemble_int((unsigned char *)&psfhdr.width); + utf8 = 1; +- } else ++ } else { ++ free(inputbuf); + return -1; /* not psf */ ++ } + + /* tests required - we divide by these */ + if (fontlen == 0) { +@@ -301,8 +303,10 @@ int readpsffont(FILE *fontf, char **allb + if (fontwidthp) + *fontwidthp = fontwidth; + +- if (!uclistheadsp) ++ if (!uclistheadsp) { ++ free(inputbuf); + return 0; /* got font, don't need unicode_list */ ++ } + + *uclistheadsp = xrealloc(*uclistheadsp, + (fontpos0 + fontlen) * sizeof(struct unicode_list)); +@@ -330,6 +334,7 @@ int readpsffont(FILE *fontf, char **allb + } + } + ++ free(inputbuf); + return 0; /* got psf font */ + } + +diff -up kbd-2.0.4/src/setfont.c.orig kbd-2.0.4/src/setfont.c +--- kbd-2.0.4/src/setfont.c.orig 2018-11-05 10:28:01.994027734 +0100 ++++ kbd-2.0.4/src/setfont.c 2018-11-05 10:35:54.933477039 +0100 +@@ -327,6 +327,8 @@ do_loadfont(int fd, char *inbuf, int wid + + if (putfont(fd, buf, fontsize, width, hwunit)) + exit(EX_OSERR); ++ ++ free(buf); + } + + static void diff --git a/kbd.spec b/kbd.spec index 3edfbac..580bde4 100644 --- a/kbd.spec +++ b/kbd.spec @@ -1,6 +1,6 @@ Name: kbd Version: 2.0.4 -Release: 9%{?dist} +Release: 10%{?dist} Summary: Tools for configuring the console (keyboard, virtual terminals, etc.) License: GPLv2+ URL: http://www.kbd-project.org/ @@ -27,6 +27,8 @@ Patch5: kbd-1.15.5-loadkeys-search-path.patch # Patch6: don't hardcode font used in unicode_start, take it from vconsole.conf, # bz 1101007 Patch6: kbd-2.0.2-unicode-start-font.patch +# Patch7: fixes issues found by static analysis, accepted upstream +Patch7: kbd-2.0.4-covscan-fixes.patch BuildRequires: gcc, bison, flex, gettext, pam-devel, check-devel BuildRequires: console-setup, xkeyboard-config @@ -69,6 +71,7 @@ cp -fp %{SOURCE6} . %patch4 -p1 -b .sg-decimal-separator %patch5 -p1 -b .loadkeys-search-path %patch6 -p1 -b .unicode-start-font +%patch7 -p1 -b .covscan-fixes # 7-bit maps are obsolete; so are non-euro maps pushd data/keymaps/i386 @@ -186,6 +189,9 @@ gzip $RPM_BUILD_ROOT/lib/kbd/keymaps/xkb/cz.map /lib/kbd/keymaps/legacy %changelog +* Mon Nov 12 2018 Vitezslav Crhonek - 2.0.4-10 +- Fix issues detected by static analysis + * Mon Aug 13 2018 Vitezslav Crhonek - 2.0.4-9 - Remove the link from open to openvt (related discussion and rationale in Debian bug tracker, bug #732796)