From 73ce41b45417f87ffe3d25113adbc5fbb2b444a0 Mon Sep 17 00:00:00 2001 From: Li Jinlin Date: Tue, 29 Mar 2022 11:17:45 +0800 Subject: [PATCH] fix memory leak in libparted --- ...arch-free-node-when-hfsplus_file_rea.patch | 35 +++++++++++ ...free-part-and-partition-when-constra.patch | 35 +++++++++++ ..._info-fix-memleak-and-avoid-to-use-N.patch | 58 +++++++++++++++++++ ...ew-free-ctx-remap-and-goto-correct-l.patch | 49 ++++++++++++++++ ...fsplus_cache_from_extent-fix-memleak.patch | 32 ++++++++++ ...boot_sector-NULL-and-free-boot_secto.patch | 38 ++++++++++++ parted.spec | 11 +++- 7 files changed, 257 insertions(+), 1 deletion(-) create mode 100644 0004-hfsplus_btree_search-free-node-when-hfsplus_file_rea.patch create mode 100644 0005-amiga_read-need-free-part-and-partition-when-constra.patch create mode 100644 0006-scsi_get_product_info-fix-memleak-and-avoid-to-use-N.patch create mode 100644 0007-fat_op_context_new-free-ctx-remap-and-goto-correct-l.patch create mode 100644 0008-hfsplus_cache_from_extent-fix-memleak.patch create mode 100644 0009-fat_clobber-set-boot_sector-NULL-and-free-boot_secto.patch diff --git a/0004-hfsplus_btree_search-free-node-when-hfsplus_file_rea.patch b/0004-hfsplus_btree_search-free-node-when-hfsplus_file_rea.patch new file mode 100644 index 0000000..ba4b966 --- /dev/null +++ b/0004-hfsplus_btree_search-free-node-when-hfsplus_file_rea.patch @@ -0,0 +1,35 @@ +From f7e08c5cb68f84541bb982c3dd6ab50a163bd2c2 Mon Sep 17 00:00:00 2001 +From: Li Jinlin +Date: Tue, 29 Mar 2022 11:00:07 +0800 +Subject: [PATCH 1/6] hfsplus_btree_search: free node when hfsplus_file_read + failed + +when hfsplus_file_read() return error, need to free node, otherwise there +will be memory leak + +Signed-off-by: Wu Guanghao +Signed-off-by: Li Jinlin +--- + libparted/fs/r/hfs/advfs_plus.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/libparted/fs/r/hfs/advfs_plus.c b/libparted/fs/r/hfs/advfs_plus.c +index 55e88cd..b1cc644 100644 +--- a/libparted/fs/r/hfs/advfs_plus.c ++++ b/libparted/fs/r/hfs/advfs_plus.c +@@ -101,9 +101,10 @@ hfsplus_btree_search (HfsPPrivateFile* b_tree_file, HfsPPrivateGenericKey* key, + + /* Read the root node */ + if (!hfsplus_file_read (b_tree_file, node, +- (PedSector) node_number * size, size)) ++ (PedSector) node_number * size, size)) { ++ free(node); + return 0; +- ++ } + /* Follow the white rabbit */ + while (1) { + record_number = PED_BE16_TO_CPU (desc->rec_nb); +-- +2.27.0 + diff --git a/0005-amiga_read-need-free-part-and-partition-when-constra.patch b/0005-amiga_read-need-free-part-and-partition-when-constra.patch new file mode 100644 index 0000000..17d2234 --- /dev/null +++ b/0005-amiga_read-need-free-part-and-partition-when-constra.patch @@ -0,0 +1,35 @@ +From 853f6bd35f22092f31595504d27c4910042631c5 Mon Sep 17 00:00:00 2001 +From: Li Jinlin +Date: Tue, 29 Mar 2022 11:01:43 +0800 +Subject: [PATCH 2/6] amiga_read: need free part and partition when + constraint_exact is NULL + +When constraint_exact is NULL and exit, need to release part and partition, +otherwise there will be memory leaks + +Signed-off-by: Wu Guanghao +Signed-off-by: Li Jinlin +--- + libparted/labels/rdb.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/libparted/labels/rdb.c b/libparted/labels/rdb.c +index cbbf29a..8096285 100644 +--- a/libparted/labels/rdb.c ++++ b/libparted/labels/rdb.c +@@ -545,8 +545,11 @@ amiga_read (PedDisk* disk) + + PedConstraint *constraint_exact + = ped_constraint_exact (&part->geom); +- if (constraint_exact == NULL) ++ if (constraint_exact == NULL) { ++ ped_partition_destroy(part); ++ free(partition); + return 0; ++ } + bool ok = ped_disk_add_partition (disk, part, constraint_exact); + ped_constraint_destroy (constraint_exact); + if (!ok) { +-- +2.27.0 + diff --git a/0006-scsi_get_product_info-fix-memleak-and-avoid-to-use-N.patch b/0006-scsi_get_product_info-fix-memleak-and-avoid-to-use-N.patch new file mode 100644 index 0000000..0b0c1fc --- /dev/null +++ b/0006-scsi_get_product_info-fix-memleak-and-avoid-to-use-N.patch @@ -0,0 +1,58 @@ +From 1fdae37b82d0cf16df80f648b5489f7ffd15eae1 Mon Sep 17 00:00:00 2001 +From: Li Jinlin +Date: Tue, 29 Mar 2022 11:02:38 +0800 +Subject: [PATCH 3/6] scsi_get_product_info: fix memleak and avoid to use NULL + pointer + +Need to ensure that *vendor and *product are not NULL in scsi_query_product_info() +before return 1, otherwise a null pointer may be used. + +Regardless of whether scsi_query_product_info() returns success or failed, +vendor and product should be released, otherwise there will be a memory leak + +Signed-off-by: Wu Guanghao +Signed-off-by: Li Jinlin +--- + libparted/arch/linux.c | 9 +++++---- + 1 file changed, 5 insertions(+), 4 deletions(-) + +diff --git a/libparted/arch/linux.c b/libparted/arch/linux.c +index 94ea176..23ec55a 100644 +--- a/libparted/arch/linux.c ++++ b/libparted/arch/linux.c +@@ -1130,7 +1130,9 @@ scsi_query_product_info (PedDevice* dev, char **vendor, char **product) + buf[16] = '\0'; + *product = strip_name (buf); + +- return 1; ++ if (*vendor && *product) ++ return 1; ++ return 0; + } + + /* This function provides the vendor and product name for a SCSI device. +@@ -1144,7 +1146,6 @@ scsi_get_product_info (PedDevice* dev, char **vendor, char **product) + *product = read_device_sysfs_file (dev, "model"); + if (*vendor && *product) + return 1; +- + return scsi_query_product_info (dev, vendor, product); + } + +@@ -1188,11 +1189,11 @@ init_scsi (PedDevice* dev) + + if (scsi_get_product_info (dev, &vendor, &product)) { + sprintf (dev->model, "%.8s %.16s", vendor, product); +- free (vendor); +- free (product); + } else { + strcpy (dev->model, "Generic SCSI"); + } ++ free (vendor); ++ free (product); + + if (!_device_probe_geometry (dev)) + goto error_close_dev; +-- +2.27.0 + diff --git a/0007-fat_op_context_new-free-ctx-remap-and-goto-correct-l.patch b/0007-fat_op_context_new-free-ctx-remap-and-goto-correct-l.patch new file mode 100644 index 0000000..5442d2c --- /dev/null +++ b/0007-fat_op_context_new-free-ctx-remap-and-goto-correct-l.patch @@ -0,0 +1,49 @@ +From fa8544b4229e19679db070c31969c9739f702fd0 Mon Sep 17 00:00:00 2001 +From: Li Jinlin +Date: Tue, 29 Mar 2022 11:07:33 +0800 +Subject: [PATCH 4/6] fat_op_context_new: free ctx->remap and goto correct + label to avoid memleak + +When calc_deltas returns an error, need to release ctx->remap, +and eed to jump to the correct label to release ctx, otherwise +there will be memory leaks + +Signed-off-by: Wu Guanghao +Signed-off-by: Li Jinlin +--- + libparted/fs/r/fat/context.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/libparted/fs/r/fat/context.c b/libparted/fs/r/fat/context.c +index 5ca154c..fce77af 100644 +--- a/libparted/fs/r/fat/context.c ++++ b/libparted/fs/r/fat/context.c +@@ -86,9 +86,9 @@ fat_op_context_new (PedFileSystem* new_fs, PedFileSystem* old_fs) + ctx->frag_sectors = PED_MIN (old_fs_info->cluster_sectors, + new_fs_info->cluster_sectors); + if (!fat_set_frag_sectors (new_fs, ctx->frag_sectors)) +- goto error; ++ goto error_free_ctx; + if (!fat_set_frag_sectors (old_fs, ctx->frag_sectors)) +- goto error; ++ goto error_free_ctx; + + ctx->buffer_frags = old_fs_info->buffer_sectors / ctx->frag_sectors; + ctx->buffer_map = (FatFragment*) ped_malloc (sizeof (FatFragment) +@@ -104,10 +104,12 @@ fat_op_context_new (PedFileSystem* new_fs, PedFileSystem* old_fs) + ctx->new_fs = new_fs; + ctx->old_fs = old_fs; + if (!calc_deltas (ctx)) +- goto error_free_buffer_map; ++ goto error_free_remap; + + return ctx; + ++error_free_remap: ++ free(ctx->remap); + error_free_buffer_map: + free (ctx->buffer_map); + error_free_ctx: +-- +2.27.0 + diff --git a/0008-hfsplus_cache_from_extent-fix-memleak.patch b/0008-hfsplus_cache_from_extent-fix-memleak.patch new file mode 100644 index 0000000..8e550fc --- /dev/null +++ b/0008-hfsplus_cache_from_extent-fix-memleak.patch @@ -0,0 +1,32 @@ +From ab6fde7a74ae90446a1ae88da82fee572a8a0466 Mon Sep 17 00:00:00 2001 +From: Li Jinlin +Date: Tue, 29 Mar 2022 11:08:46 +0800 +Subject: [PATCH 5/6] hfsplus_cache_from_extent: fix memleak + +Need to release node when an error occurs + +Signed-off-by: Wu Guanghao +Signed-off-by: Li Jinlin +--- + libparted/fs/r/hfs/reloc_plus.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/libparted/fs/r/hfs/reloc_plus.c b/libparted/fs/r/hfs/reloc_plus.c +index f065406..44e3490 100644 +--- a/libparted/fs/r/hfs/reloc_plus.c ++++ b/libparted/fs/r/hfs/reloc_plus.c +@@ -670,8 +670,10 @@ hfsplus_cache_from_extent(HfsCPrivateCache* cache, PedFileSystem* fs, + _("The extents overflow file should not" + " contain its own extents! You should " + "check the file system.")) +- != PED_EXCEPTION_IGNORE) ++ != PED_EXCEPTION_IGNORE) { ++ free(node); + return 0; ++ } + where = CR_BTREE_EXT_EXT; + break; + case PED_CPU_TO_BE32 (HFS_CATALOG_ID) : +-- +2.27.0 + diff --git a/0009-fat_clobber-set-boot_sector-NULL-and-free-boot_secto.patch b/0009-fat_clobber-set-boot_sector-NULL-and-free-boot_secto.patch new file mode 100644 index 0000000..cb34fd4 --- /dev/null +++ b/0009-fat_clobber-set-boot_sector-NULL-and-free-boot_secto.patch @@ -0,0 +1,38 @@ +From 1512dc33b36ad0feff9dbdcfe38e6d2acdcb38a0 Mon Sep 17 00:00:00 2001 +From: Li Jinlin +Date: Tue, 29 Mar 2022 11:10:19 +0800 +Subject: [PATCH 6/6] fat_clobber: set boot_sector = NULL and free boot_sector + after failed of fat_boot_sector_read + +When fat_boot_sector_read() returns failure, boot_sector may have +allocated memory, and memory leak will occur + +Signed-off-by: Wu Guanghao +Signed-off-by: Li Jinlin +--- + libparted/fs/r/fat/fat.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/libparted/fs/r/fat/fat.c b/libparted/fs/r/fat/fat.c +index 396494a..33a4284 100644 +--- a/libparted/fs/r/fat/fat.c ++++ b/libparted/fs/r/fat/fat.c +@@ -117,11 +117,13 @@ fat_set_frag_sectors (PedFileSystem* fs, PedSector frag_sectors) + int + fat_clobber (PedGeometry* geom) + { +- FatBootSector *boot_sector; ++ FatBootSector *boot_sector = NULL; + int ok; + +- if (!fat_boot_sector_read (&boot_sector, geom)) ++ if (!fat_boot_sector_read (&boot_sector, geom)) { ++ free(boot_sector); + return 1; ++ } + + boot_sector->system_id[0] = 0; + boot_sector->boot_sign = 0; +-- +2.27.0 + diff --git a/parted.spec b/parted.spec index 495700b..98a8dca 100644 --- a/parted.spec +++ b/parted.spec @@ -16,7 +16,7 @@ Summary: The GNU disk partition manipulation program Name: parted Version: 3.4 -Release: 3 +Release: 4 URL: https://www.gnu.org/software/parted/ Source0: ftp://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.xz License: GPLv3+ @@ -29,6 +29,12 @@ BuildRequires: device-mapper-devel, libselinux-devel libsepol-devel Patch1: 0001-add-support-of-gpt_sync_mbr.patch Patch2: 0002-Add-extra-judgment-for-a-partition-created-success.patch Patch3: 0003-bugfix-parted-fix-failure-of-mklabel-gpt_sync_mbr.patch +Patch4: 0004-hfsplus_btree_search-free-node-when-hfsplus_file_rea.patch +Patch5: 0005-amiga_read-need-free-part-and-partition-when-constra.patch +Patch6: 0006-scsi_get_product_info-fix-memleak-and-avoid-to-use-N.patch +Patch7: 0007-fat_op_context_new-free-ctx-remap-and-goto-correct-l.patch +Patch8: 0008-hfsplus_cache_from_extent-fix-memleak.patch +Patch9: 0009-fat_clobber-set-boot_sector-NULL-and-free-boot_secto.patch %description The GNU Parted program allows you to create, destroy, resize, move, @@ -113,6 +119,9 @@ fi %{_libdir}/pkgconfig/libparted*.pc %changelog +* Thu Mar 3 2022 Li Jinlin - 3.4-4 +- fix memory leak in libparted + * Thu Mar 3 2022 Li Jinlin - 3.4-3 - add need root for build -- Gitee