Accepting request 1133810 from home:dancermak:branches:devel:microos

Add fix-incorrect-free-in-conn_sock.patch OBS-URL: https://build.opensuse.org/request/show/1133810 OBS-URL: https://build.opensuse.org/package/show/devel:microos/conmon?expand=0&rev=22
2023-12-18 09:13:37 +00:00 · 2023-12-18 09:13:37 +00:00 · 2be36a56e6
commit 2be36a56e6
parent 342328a62e
3 changed files with 40 additions and 0 deletions
--- a/conmon.changes
+++ b/conmon.changes
@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Mon Dec 18 09:02:52 UTC 2023 - Dan Čermák <dcermak@suse.com>
+
+- Add fix-incorrect-free-in-conn_sock.patch
+  This fixes a regression in 2.1.9
+  (https://github.com/containers/conmon/issues/475 and
+  https://github.com/containers/conmon/issues/477)
+
 -------------------------------------------------------------------
 Fri Dec 15 09:54:35 UTC 2023 - Dan Čermák <dcermak@suse.com>

--- a/conmon.spec
+++ b/conmon.spec
@ -24,6 +24,7 @@ License:        Apache-2.0
 Group:          System/Management
 URL:            https://github.com/containers/conmon
 Source0:        %{name}-%{version}.tar.xz
+Patch0:         https://github.com/containers/conmon/pull/476.patch#./fix-incorrect-free-in-conn_sock.patch
 BuildRequires:  pkgconfig
 BuildRequires:  golang(API) >= 1.20
 BuildRequires:  pkgconfig(glib-2.0)
--- a/fix-incorrect-free-in-conn_sock.patch
+++ b/fix-incorrect-free-in-conn_sock.patch
@ -0,0 +1,31 @@
+From 8557c117bcab03e3c16e40ffb7bd450d697f72c7 Mon Sep 17 00:00:00 2001
+From: Dominique Martinet <dominique.martinet@atmark-techno.com>
+Date: Fri, 15 Dec 2023 12:44:03 +0900
+Subject: [PATCH] Fix incorrect free in conn_sock
+
+Earlier commit freed socket_parent_dir()'s result which is correct in
+the case it returns a path from g_build_filename, but when it returns
+opt_bundle_path the string should not be freed.
+
+Make the function always return an allocated string that can be freed
+
+Fixes: #475
+Fixes: fad6bac8e65f ("fix some issues flagged by SAST scan")
+Signed-off-by: Dominique Martinet <dominique.martinet@atmark-techno.com>
+---
+ src/conn_sock.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/conn_sock.c b/src/conn_sock.c
+index 62a02266..3b854e33 100644
+--- a/src/conn_sock.c
+++ b/src/conn_sock.c
+@@ -314,7 +314,7 @@ char *socket_parent_dir(gboolean use_full_attach_path, size_t desired_len)
+ {
+ 	/* if we're to use the full path, ignore the socket path and only use the bundle_path */
+ 	if (use_full_attach_path)
+-		return opt_bundle_path;
+		return strdup(opt_bundle_path);
+ 
+ 	char *base_path = g_build_filename(opt_socket_path, opt_cuuid, NULL);
+