From e1aa397f746b1b9364e2072cc2b147daa493068b Mon Sep 17 00:00:00 2001
From: Zhang Jun <zhangjun@kylinos.cn>
Date: Fri, 14 Oct 2022 13:32:06 +0800
Subject: [PATCH] Sync upstream patches

---
 PAM-P11-fixed-minor-mem-leak.patch            | 44 +++++++++++++++++++
 PAM-P11-fixed-mistype-in-a-log-message.patch  | 27 ++++++++++++
 ...T-mem-cache-fixed-missing-error-code.patch | 29 ++++++++++++
 ...alse-positive-warning-src-confdb-con.patch | 32 ++++++++++++++
 sssd.spec                                     | 16 ++++++-
 5 files changed, 147 insertions(+), 1 deletion(-)
 create mode 100644 PAM-P11-fixed-minor-mem-leak.patch
 create mode 100644 PAM-P11-fixed-mistype-in-a-log-message.patch
 create mode 100644 SSS_CLIENT-mem-cache-fixed-missing-error-code.patch
 create mode 100644 confdb-supress-false-positive-warning-src-confdb-con.patch

diff --git a/PAM-P11-fixed-minor-mem-leak.patch b/PAM-P11-fixed-minor-mem-leak.patch
new file mode 100644
index 0000000..72abaa3
--- /dev/null
+++ b/PAM-P11-fixed-minor-mem-leak.patch
@@ -0,0 +1,44 @@
+From f1195229e016e2a3e1a7358ff87954d573b1dcac Mon Sep 17 00:00:00 2001
+From: Alexey Tikhonov <atikhono@redhat.com>
+Date: Fri, 13 May 2022 16:21:46 +0200
+Subject: [PATCH] PAM P11: fixed minor mem-leak
+
+Reviewed-by: Justin Stephenson <jstephen@redhat.com>
+Reviewed-by: Sumit Bose <sbose@redhat.com>
+---
+ src/responder/pam/pamsrv_p11.c | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/src/responder/pam/pamsrv_p11.c b/src/responder/pam/pamsrv_p11.c
+index ae1063365..bd205eb93 100644
+--- a/src/responder/pam/pamsrv_p11.c
++++ b/src/responder/pam/pamsrv_p11.c
+@@ -523,19 +523,22 @@ static errno_t parse_p11_child_response(TALLOC_CTX *mem_ctx, uint8_t *buf,
+         cert_auth_info = talloc_zero(tmp_ctx, struct cert_auth_info);
+         if (cert_auth_info == NULL) {
+             DEBUG(SSSDBG_OP_FAILURE, "talloc_zero failed.\n");
+-            return ENOMEM;
++            ret = ENOMEM;
++            goto done;
+         }
+ 
+         pn = memchr(p, '\n', buf_len - (p - buf));
+         if (pn == NULL) {
+             DEBUG(SSSDBG_OP_FAILURE,
+                   "Missing new-line in p11_child response.\n");
+-            return EINVAL;
++            ret = EINVAL;
++            goto done;
+         }
+         if (pn == p) {
+             DEBUG(SSSDBG_OP_FAILURE,
+                   "Missing token name in p11_child response.\n");
+-            return EINVAL;
++            ret = EINVAL;
++            goto done;
+         }
+ 
+         cert_auth_info->token_name = talloc_strndup(cert_auth_info, (char *)p,
+-- 
+2.25.1
+
diff --git a/PAM-P11-fixed-mistype-in-a-log-message.patch b/PAM-P11-fixed-mistype-in-a-log-message.patch
new file mode 100644
index 0000000..c215aeb
--- /dev/null
+++ b/PAM-P11-fixed-mistype-in-a-log-message.patch
@@ -0,0 +1,27 @@
+From 1ed59fb6e6a1f244b6954e689be10c213ffebed3 Mon Sep 17 00:00:00 2001
+From: Alexey Tikhonov <atikhono@redhat.com>
+Date: Fri, 13 May 2022 16:19:01 +0200
+Subject: [PATCH] PAM P11: fixed mistype in a log message
+
+Reviewed-by: Justin Stephenson <jstephen@redhat.com>
+Reviewed-by: Sumit Bose <sbose@redhat.com>
+---
+ src/responder/pam/pamsrv_p11.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/responder/pam/pamsrv_p11.c b/src/responder/pam/pamsrv_p11.c
+index 09b247de9..ae1063365 100644
+--- a/src/responder/pam/pamsrv_p11.c
++++ b/src/responder/pam/pamsrv_p11.c
+@@ -534,7 +534,7 @@ static errno_t parse_p11_child_response(TALLOC_CTX *mem_ctx, uint8_t *buf,
+         }
+         if (pn == p) {
+             DEBUG(SSSDBG_OP_FAILURE,
+-                  "Missing counter in p11_child response.\n");
++                  "Missing token name in p11_child response.\n");
+             return EINVAL;
+         }
+ 
+-- 
+2.25.1
+
diff --git a/SSS_CLIENT-mem-cache-fixed-missing-error-code.patch b/SSS_CLIENT-mem-cache-fixed-missing-error-code.patch
new file mode 100644
index 0000000..a334170
--- /dev/null
+++ b/SSS_CLIENT-mem-cache-fixed-missing-error-code.patch
@@ -0,0 +1,29 @@
+From ffec99930ec84b586f4532246d04be6207396e54 Mon Sep 17 00:00:00 2001
+From: Alexey Tikhonov <atikhono@redhat.com>
+Date: Fri, 17 Jun 2022 15:54:24 +0200
+Subject: [PATCH] SSS_CLIENT: mem-cache: fixed missing error code
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Reviewed-by: Pavel Březina <pbrezina@redhat.com>
+Reviewed-by: Sumit Bose <sbose@redhat.com>
+---
+ src/sss_client/nss_mc_common.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/sss_client/nss_mc_common.c b/src/sss_client/nss_mc_common.c
+index b974d343a..c73a93a9a 100644
+--- a/src/sss_client/nss_mc_common.c
++++ b/src/sss_client/nss_mc_common.c
+@@ -167,6 +167,7 @@ static errno_t sss_nss_mc_init_ctx(const char *name,
+ 
+     ctx->fd = sss_open_cloexec(file, O_RDONLY, &ret);
+     if (ctx->fd == -1) {
++        ret = EIO;
+         goto done;
+     }
+ 
+-- 
+2.25.1
+
diff --git a/confdb-supress-false-positive-warning-src-confdb-con.patch b/confdb-supress-false-positive-warning-src-confdb-con.patch
new file mode 100644
index 0000000..2e41f40
--- /dev/null
+++ b/confdb-supress-false-positive-warning-src-confdb-con.patch
@@ -0,0 +1,32 @@
+From 98f2f9f581a4e6a68bf6bf6e409f8f306ee9eb93 Mon Sep 17 00:00:00 2001
+From: Alexey Tikhonov <atikhono@redhat.com>
+Date: Wed, 29 Jun 2022 11:12:26 +0200
+Subject: [PATCH] confdb: supress false positive warning:
+ src/confdb/confdb.c:260:10: warning[-Wanalyzer-use-of-uninitialized-value]:
+ use of uninitialized value 'secdn'
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Reviewed-by: Pavel Březina <pbrezina@redhat.com>
+Reviewed-by: Sumit Bose <sbose@redhat.com>
+---
+ src/confdb/confdb.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
+index 6d30338ec..ae2d90bf5 100644
+--- a/src/confdb/confdb.c
++++ b/src/confdb/confdb.c
+@@ -242,7 +242,7 @@ int confdb_get_param(struct confdb_ctx *cdb,
+     TALLOC_CTX *tmp_ctx;
+     struct ldb_result *res;
+     struct ldb_dn *dn;
+-    char *secdn;
++    char *secdn = NULL;
+     const char *attrs[] = { attribute, NULL };
+     char **vals;
+     struct ldb_message_element *el;
+-- 
+2.25.1
+
diff --git a/sssd.spec b/sssd.spec
index e6293af..fe43709 100644
--- a/sssd.spec
+++ b/sssd.spec
@@ -1,11 +1,16 @@
 Name: sssd
 Version: 2.6.1
-Release: 4
+Release: 5
 Summary: System Security Services Daemon
 License: GPLv3+ and LGPLv3+
 URL: https://pagure.io/SSSD/sssd/
 Source0: https://github.com/SSSD/sssd/releases/download/%{version}/%{name}-%{version}.tar.gz
 
+Patch0:   confdb-supress-false-positive-warning-src-confdb-con.patch
+Patch1:   SSS_CLIENT-mem-cache-fixed-missing-error-code.patch
+Patch2:   PAM-P11-fixed-minor-mem-leak.patch
+Patch3:   PAM-P11-fixed-mistype-in-a-log-message.patch
+
 Requires: python3-sssd = %{version}-%{release}
 Requires: libldb
 Requires: cyrus-sasl-gssapi%{?_isa}
@@ -517,6 +522,15 @@ fi
 %systemd_postun_with_restart sssd.service
 
 %changelog
+* Fri Oct 14 2022 zhangjun<zhangjun@kylinos.cn> - 2.6.1-5
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:fix use of uninitialized value secdn
+       fix minor mem-leak
+       fixed mistype in a log message
+       fixed mem-cache missing error code
+
 * Mon Sep 26 2022 zhujianwei001 <zhujianwei7@huawei.com> - 2.6.1-4
 - delete brken link
 
-- 
Gitee