From 932f257251b5423fdaa07552103b0be3ee06f809 Mon Sep 17 00:00:00 2001
From: lb1107039128 <liubo1@xfusion.com>
Date: Wed, 27 Dec 2023 11:22:18 +0800
Subject: [PATCH] Missing return on error causes use-after-free in SASL code

Signed-off-by: lb1107039128 <liubo1@xfusion.com>
---
 ...n-error-causes-use-after-free-in-SAS.patch | 24 +++++++++++++++++++
 librdkafka.spec                               |  6 ++++-
 2 files changed, 29 insertions(+), 1 deletion(-)
 create mode 100644 0001-Missing-return-on-error-causes-use-after-free-in-SAS.patch

diff --git a/0001-Missing-return-on-error-causes-use-after-free-in-SAS.patch b/0001-Missing-return-on-error-causes-use-after-free-in-SAS.patch
new file mode 100644
index 0000000..f0e872b
--- /dev/null
+++ b/0001-Missing-return-on-error-causes-use-after-free-in-SAS.patch
@@ -0,0 +1,24 @@
+From 0c3840e614e49090785ae8b33ff00c59d354c188 Mon Sep 17 00:00:00 2001
+From: Huzaifa Sidhpurwala <huzaifas@redhat.com>
+Date: Wed, 16 May 2018 09:16:19 +0530
+Subject: [PATCH] Missing return on error causes use-after-free in SASL code
+
+---
+ src/rdkafka_sasl_scram.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/rdkafka_sasl_scram.c b/src/rdkafka_sasl_scram.c
+index 968d8791..6d955452 100644
+--- a/src/rdkafka_sasl_scram.c
++++ b/src/rdkafka_sasl_scram.c
+@@ -602,6 +602,7 @@ rd_kafka_sasl_scram_handle_server_first_message (rd_kafka_transport_t *rktrans,
+                             "Invalid Base64 Salt in server-first-message");
+                 rd_free(server_nonce);
+                 rd_free(salt_b64.ptr);
++                return -1;
+         }
+         rd_free(salt_b64.ptr);
+ 
+-- 
+2.42.0.windows.2
+
diff --git a/librdkafka.spec b/librdkafka.spec
index a85d3da..da5f3b2 100644
--- a/librdkafka.spec
+++ b/librdkafka.spec
@@ -1,6 +1,6 @@
 Name:           librdkafka
 Version:        0.11.4
-Release:        4
+Release:        5
 Summary:        C library implementation of the Apache Kafka protocol
 License:        BSD
 URL:            https://github.com/edenhill/librdkafka
@@ -9,6 +9,7 @@ Source0:        https://github.com/edenhill/librdkafka/archive/v%{version}.tar.g
 BuildRequires:  gcc-c++ python2 openssl-devel cyrus-sasl-devel lz4-devel
 
 Patch0001:      0001-tests-skip-tests-on-Win32-that-rely-on-kafka-topics.patch
+Patch0002:      0001-Missing-return-on-error-causes-use-after-free-in-SAS.patch
 
 %description
 ibrdkafka is a C library implementation of the Apache Kafka protocol, providing Producer, Consumer
@@ -55,6 +56,9 @@ make check
 %{_libdir}/pkgconfig/*
 
 %changelog
+* Wed Dec 27 2023 liubo <liubo1@xfusion.com> - 0.11.4-5
+- Missing return on error causes use-after-free in SASL code
+
 * Mon Dec 25 2023 liubo <liubo1@xfusion.com> - 0.11.4-4
 - tests: skip tests on Win32 that rely on kafka-topics.sh
 
-- 
Gitee