[file] fix potential memory leak introduced in previous commit

Jan Kaluža jkaluza at fedoraproject.org
Tue Feb 25 11:49:12 UTC 2014 

commit bae10229bdbe573a48064be8a959b938070cb927
Author: Jan Kaluza <jkaluza at redhat.com>
Date:   Tue Feb 25 12:50:01 2014 +0100

    fix potential memory leak introduced in previous commit

 file-5.14-CVE-2014-1943.patch |   22 +++++++++++++++++++++-
 file.spec                     |    5 ++++-
 2 files changed, 25 insertions(+), 2 deletions(-)
---
diff --git a/file-5.14-CVE-2014-1943.patch b/file-5.14-CVE-2014-1943.patch
index 9e0cc06..5885118 100644
--- a/file-5.14-CVE-2014-1943.patch
+++ b/file-5.14-CVE-2014-1943.patch
@@ -38,7 +38,7 @@ index 4641c8b..e902c15 100644
  			if ((ms->flags & MAGIC_DEBUG) != 0)
  				(void)fprintf(stderr, "softmagic %d\n", m);
 diff --git a/src/softmagic.c b/src/softmagic.c
-index 108d419..ee4b831 100644
+index 108d419..d543f87 100644
 --- a/src/softmagic.c
 +++ b/src/softmagic.c
 @@ -41,6 +41,7 @@ FILE_RCSID("@(#)$File: softmagic.c,v 1.165 2013/03/07 02:22:24 christos Exp $")
@@ -86,3 +86,23 @@ index 108d419..ee4b831 100644
  		if ((ms->flags & MAGIC_DEBUG) != 0)
  			fprintf(stderr, "indirect @offs=%u[%d]\n", offset, rv);
  		rbuf = ms->o.buf;
+@@ -1722,12 +1725,16 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m,
+ 		ms->offset = soffset;
+ 		if (rv == 1) {
+ 			if ((ms->flags & (MAGIC_MIME|MAGIC_APPLE)) == 0 &&
+-			    file_printf(ms, m->desc, offset) == -1)
++			    file_printf(ms, m->desc, offset) == -1) {
++				free(rbuf);
+ 				return -1;
+-			if (file_printf(ms, "%s", rbuf) == -1)
++			}
++			if (file_printf(ms, "%s", rbuf) == -1) {
++				free(rbuf);
+ 				return -1;
+-			free(rbuf);
++			}
+ 		}
++		free(rbuf);
+ 		return rv;
+ 
+ 	case FILE_USE:
diff --git a/file.spec b/file.spec
index 53e62ca..879a734 100644
--- a/file.spec
+++ b/file.spec
@@ -4,7 +4,7 @@
 Summary: A utility for determining file types
 Name: file
 Version: 5.14
-Release: 15%{?dist}
+Release: 16%{?dist}
 License: BSD
 Group: Applications/File
 Source0: ftp://ftp.astron.com/pub/file/file-%{version}.tar.gz
@@ -196,6 +196,9 @@ cd %{py3dir}
 %endif
 
 %changelog
+* Tue Feb 25 2014 Jan Kaluza <jkaluza at redhat.com> - 5.14-16
+- fix potential memory leak introduced in previous commit
+
 * Tue Feb 18 2014 Jan Kaluza <jkaluza at redhat.com> - 5.14-15
 - fix #1065837 - fix for CVE-2014-1943

More information about the scm-commits mailing list