From c9766468d218cbbf18e9abf8b668d33014bf3e6e Mon Sep 17 00:00:00 2001
From: "Steven.YGui" <steven_ygui@163.com>
Date: Thu, 30 Sep 2021 11:35:58 +0800
Subject: [PATCH] backport patches to fix memory leak

---
 shadow.spec                               |  8 ++++-
 useradd-free-grp-to-avoid-leak.patch      | 42 +++++++++++++++++++++++
 useradd.c-fix-memleak-in-get_groups.patch | 41 ++++++++++++++++++++++
 useradd.c-fix-memleaks-of-grp.patch       | 24 +++++++++++++
 4 files changed, 114 insertions(+), 1 deletion(-)
 create mode 100644 useradd-free-grp-to-avoid-leak.patch
 create mode 100644 useradd.c-fix-memleak-in-get_groups.patch
 create mode 100644 useradd.c-fix-memleaks-of-grp.patch

diff --git a/shadow.spec b/shadow.spec
index 2405cf2..5b55aa5 100644
--- a/shadow.spec
+++ b/shadow.spec
@@ -1,6 +1,6 @@
 Name: shadow
 Version: 4.8.1
-Release: 6
+Release: 7
 Epoch: 2
 License: BSD and GPLv2+
 Summary: Tools for managing accounts and shadow password files
@@ -24,6 +24,9 @@ Patch7:  shadow-4.1.5.1-var-lock.patch
 Patch8:  shadow-utils-fix-lock-file-residue.patch
 Patch9:  generate-mail-USER-with-the-proper-selinux-identity.patch
 Patch10: man-zh_CN-fix-typo.patch
+Patch11: useradd-free-grp-to-avoid-leak.patch
+Patch12: useradd.c-fix-memleaks-of-grp.patch
+Patch13: useradd.c-fix-memleak-in-get_groups.patch
 
 BuildRequires: gcc, libselinux-devel, audit-libs-devel, libsemanage-devel
 BuildRequires: libacl-devel, libattr-devel
@@ -170,6 +173,9 @@ done
 %{_mandir}/*/*
 
 %changelog
+* Thu Sep 30 2021 steven Y.Gui <steven_ygui@163.com> - 2:4.8.1-7
+- backport some patches to fix memory leak
+
 * Mon Jul 26 2021 wangchen<wangchen137@huawei.com> - 2:4.8.1-6
 - delete unnecessary gdb from BuildRequires
 
diff --git a/useradd-free-grp-to-avoid-leak.patch b/useradd-free-grp-to-avoid-leak.patch
new file mode 100644
index 0000000..2ebfc56
--- /dev/null
+++ b/useradd-free-grp-to-avoid-leak.patch
@@ -0,0 +1,42 @@
+From 569bd1d54f4be070d4ac88042586d9334343702d Mon Sep 17 00:00:00 2001
+From: ikerexxe <ipedrosa@redhat.com>
+Date: Tue, 27 Oct 2020 11:35:53 +0100
+Subject: [PATCH] useradd: free grp to avoid leak
+
+covscan issue:
+Error: RESOURCE_LEAK (CWE-772): [#def39] [important]
+src/useradd.c:728: alloc_fn: Storage is returned from allocation function "get_local_group".
+src/useradd.c:728: var_assign: Assigning: "grp" = storage returned from "get_local_group(list)".
+src/useradd.c:728: overwrite_var: Overwriting "grp" in "grp = get_local_group(list)" leaks the storage that "grp" points to.
+726|   		 * GID values, otherwise the string is looked up as is.
+727|   		 */
+728|-> 		grp = get_local_group (list);
+729|
+730|   		/*
+---
+ src/useradd.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/useradd.c b/src/useradd.c
+index 3544acd0..107e65f8 100644
+--- a/src/useradd.c
++++ b/src/useradd.c
+@@ -729,7 +729,7 @@ static int set_defaults (void)
+ static int get_groups (char *list)
+ {
+ 	char *cp;
+-	const struct group *grp;
++	struct group *grp;
+ 	int errors = 0;
+ 	int ngroups = 0;
+ 
+@@ -808,6 +808,7 @@ static int get_groups (char *list)
+ 		 * Add the group name to the user's list of groups.
+ 		 */
+ 		user_groups[ngroups++] = xstrdup (grp->gr_name);
++		free (grp);
+ 	} while (NULL != list);
+ 
+ 	close_group_files ();
+-- 
+
diff --git a/useradd.c-fix-memleak-in-get_groups.patch b/useradd.c-fix-memleak-in-get_groups.patch
new file mode 100644
index 0000000..37066d0
--- /dev/null
+++ b/useradd.c-fix-memleak-in-get_groups.patch
@@ -0,0 +1,41 @@
+From fd9d79a1a3438ba7703939cfcd45fc266782c64e Mon Sep 17 00:00:00 2001
+From: whzhe <wanghongzhe@huawei.com>
+Date: Thu, 17 Dec 2020 03:27:15 -0500
+Subject: [PATCH] useradd.c:fix memleak in get_groups
+
+Signed-off-by: whzhe <wanghongzhe@huawei.com>
+---
+ src/useradd.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/useradd.c b/src/useradd.c
+index 107e65f8..822b67f5 100644
+--- a/src/useradd.c
++++ b/src/useradd.c
+@@ -793,6 +793,7 @@ static int get_groups (char *list)
+ 			fprintf (stderr,
+ 			         _("%s: group '%s' is a NIS group.\n"),
+ 			         Prog, grp->gr_name);
++			gr_free(grp);
+ 			continue;
+ 		}
+ #endif
+@@ -801,6 +802,7 @@ static int get_groups (char *list)
+ 			fprintf (stderr,
+ 			         _("%s: too many groups specified (max %d).\n"),
+ 			         Prog, ngroups);
++			gr_free(grp);
+ 			break;
+ 		}
+ 
+@@ -808,7 +810,7 @@ static int get_groups (char *list)
+ 		 * Add the group name to the user's list of groups.
+ 		 */
+ 		user_groups[ngroups++] = xstrdup (grp->gr_name);
+-		free (grp);
++		gr_free (grp);
+ 	} while (NULL != list);
+ 
+ 	close_group_files ();
+-- 
+
diff --git a/useradd.c-fix-memleaks-of-grp.patch b/useradd.c-fix-memleaks-of-grp.patch
new file mode 100644
index 0000000..52b634f
--- /dev/null
+++ b/useradd.c-fix-memleaks-of-grp.patch
@@ -0,0 +1,24 @@
+From c44b71cec25d60efc51aec9de3abce1f6efbfcf5 Mon Sep 17 00:00:00 2001
+From: whzhe51 <whzhe51@126.com>
+Date: Sat, 19 Dec 2020 04:29:06 -0500
+Subject: [PATCH] useradd.c:fix memleaks of grp Signed-off-by: whzhe51
+ <wanghongzhe@huawei.com>
+
+---
+ src/useradd.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/useradd.c b/src/useradd.c
+index 107e65f8..29c54e44 100644
+--- a/src/useradd.c
++++ b/src/useradd.c
+@@ -411,6 +411,7 @@ static void get_defaults (void)
+ 			} else {
+ 				def_group = grp->gr_gid;
+ 				def_gname = xstrdup (grp->gr_name);
++				gr_free(grp);
+ 			}
+ 		}
+ 
+-- 
+
-- 
Gitee