11 changed files with 6 additions and 335 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/trace-cmd-libtracecmd-1.5.2.tar.gz
+SOURCES/trace-cmd-libtracecmd-1.5.1.tar.gz
--- a/.libtracecmd.metadata
+++ b/.libtracecmd.metadata
@ -1 +1 @@
-0cca186f458362023ff33875dcd1e353280c89f5 SOURCES/trace-cmd-libtracecmd-1.5.2.tar.gz
+7b7c521fbc62f094a77f849cf0b831fbb200c0cd SOURCES/trace-cmd-libtracecmd-1.5.1.tar.gz
--- a/SOURCES/trace-cmd-dump-Prevent-buffer-overrun-in-dump_clock.patch
+++ b/SOURCES/trace-cmd-dump-Prevent-buffer-overrun-in-dump_clock.patch
@ -1,34 +0,0 @@
 From 7a0d3baf2ab09f7a729e4de592b784e307caa70f Mon Sep 17 00:00:00 2001
 From: Jerome Marchand <jmarchan@redhat.com>
 Date: Tue, 29 Oct 2024 09:01:13 +0100
 Subject: [PATCH 4/8] trace-cmd dump: Prevent buffer overrun in dump_clock()
 The clock isn't big enough to hold the string with the null
 terminating character. Worse, clock[size], which is out of range, is
 set to 0. Allocate a big enough buffer.
 Fixes an OVERRUN error (CWE-119)
 Link: https://lore.kernel.org/20241029080117.625177-5-jmarchan@redhat.com
 Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
 Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
 ---
 tracecmd/trace-dump.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/tracecmd/trace-dump.c b/tracecmd/trace-dump.c
 index 11c1baf1..0a21356e 100644
 --- a/tracecmd/trace-dump.c
 +++ b/tracecmd/trace-dump.c
@@ -961,7 +961,7 @@ static void dump_clock(int fd)
 	}
 	if (read_file_number(fd, &size, 8))
 		die("cannot read clock size");
 -	clock = calloc(1, size);
 +	clock = calloc(1, size + 1);
 	if (!clock)
 		die("cannot allocate clock %lld bytes", size);
 -- 
 2.47.0
--- a/SOURCES/trace-cmd-lib-Check-the-return-value-of-do_lseek-in-.patch
+++ b/SOURCES/trace-cmd-lib-Check-the-return-value-of-do_lseek-in-.patch
@ -1,36 +0,0 @@
 From ea419e8e8f5e56c166b14aef26be814daebe2832 Mon Sep 17 00:00:00 2001
 From: Jerome Marchand <jmarchan@redhat.com>
 Date: Tue, 29 Oct 2024 09:01:12 +0100
 Subject: [PATCH 3/8] trace-cmd lib: Check the return value of do_lseek() in
 trace_get_options()
 Check that do_lseek doesn't fail before calling malloc() with a -1
 argument.
 This is flagged as an overrun error (CWE-119) by static anaysis
 because of the call to read() later, but I don't imagine that malloc
 would succeed.
 Link: https://lore.kernel.org/20241029080117.625177-4-jmarchan@redhat.com
 Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
 Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
 ---
 lib/trace-cmd/trace-output.c | 2 ++
 1 file changed, 2 insertions(+)
 diff --git a/lib/trace-cmd/trace-output.c b/lib/trace-cmd/trace-output.c
 index 66e11ddc..8bc9325c 100644
 --- a/lib/trace-cmd/trace-output.c
 +++ b/lib/trace-cmd/trace-output.c
@@ -2070,6 +2070,8 @@ __hidden void *trace_get_options(struct tracecmd_output *handle, size_t *len)
 	}
 	offset = do_lseek(&out_handle, 0, SEEK_CUR);
 +	if (offset == (off_t)-1)
 +		goto out;
 	buf = malloc(offset);
 	if (!buf)
 		goto out;
 -- 
 2.47.0
--- a/SOURCES/trace-cmd-lib-Prevent-a-memory-leak-in-handle_option.patch
+++ b/SOURCES/trace-cmd-lib-Prevent-a-memory-leak-in-handle_option.patch
@ -1,57 +0,0 @@
 From 3be4066b9a9c6a76a824fc7a7a6a983fd23088a7 Mon Sep 17 00:00:00 2001
 From: Jerome Marchand <jmarchan@redhat.com>
 Date: Tue, 29 Oct 2024 09:01:10 +0100
 Subject: [PATCH 1/8] trace-cmd lib: Prevent a memory leak in handle_options()
 Buf isn't always fred in the error path. Instead of freing buf at the
 end of the loop, free it in the exit path and before reallocating it.
 Fixes a RESOURCE_LEAK error (CWE-772)
 Link: https://lore.kernel.org/20241029080117.625177-2-jmarchan@redhat.com
 Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
 Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
 ---
 lib/trace-cmd/trace-input.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)
 diff --git a/lib/trace-cmd/trace-input.c b/lib/trace-cmd/trace-input.c
 index 8b6e3d0c..ad662fc6 100644
 --- a/lib/trace-cmd/trace-input.c
 +++ b/lib/trace-cmd/trace-input.c
@@ -4006,7 +4006,7 @@ static int handle_options(struct tracecmd_input *handle)
 	char *cpustats = NULL;
 	struct hook_list *hook;
 	bool compress = false;
 -	char *buf;
 +	char *buf = NULL;
 	int cpus;
 	int ret;
@@ -4036,6 +4036,7 @@ static int handle_options(struct tracecmd_input *handle)
 		ret = read4(handle, &size);
 		if (ret)
 			goto out;
 +		free(buf);
 		buf = malloc(size);
 		if (!buf) {
 			ret = -ENOMEM;
@@ -4189,14 +4190,12 @@ static int handle_options(struct tracecmd_input *handle)
 			tracecmd_warning("unknown option %d", option);
 			break;
 		}
 -
 -		free(buf);
 -
 	}
 	ret = 0;
 out:
 +	free(buf);
 	if (compress)
 		in_uncompress_reset(handle);
 	return ret;
 -- 
 2.47.0
--- a/SOURCES/trace-cmd-lib-Prevent-memory-leak-in-tracecmd_create.patch
+++ b/SOURCES/trace-cmd-lib-Prevent-memory-leak-in-tracecmd_create.patch
@ -1,33 +0,0 @@
 From cbe42ab193ac866e9a6644b8509ab341a8aa474d Mon Sep 17 00:00:00 2001
 From: Jerome Marchand <jmarchan@redhat.com>
 Date: Tue, 29 Oct 2024 09:01:15 +0100
 Subject: [PATCH 6/8] trace-cmd lib: Prevent memory leak in
 tracecmd_create_event_hook()
 Free hook and hook->str in the error path.
 Fixes a RESOURCE_LEAK error (CWE-772)
 Link: https://lore.kernel.org/20241029080117.625177-7-jmarchan@redhat.com
 Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
 Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
 ---
 lib/trace-cmd/trace-hooks.c | 2 ++
 1 file changed, 2 insertions(+)
 diff --git a/lib/trace-cmd/trace-hooks.c b/lib/trace-cmd/trace-hooks.c
 index a58b5356..aa12f6e9 100644
 --- a/lib/trace-cmd/trace-hooks.c
 +++ b/lib/trace-cmd/trace-hooks.c
@@ -151,6 +151,8 @@ struct hook_list *tracecmd_create_event_hook(const char *arg)
 invalid_tok:
 	tracecmd_warning("Invalid hook format '%s'", arg);
 +	free(hook->str);
 +	free(hook);
 	return NULL;
 }
 -- 
 2.47.0
--- a/SOURCES/trace-cmd-mem-Prevent-a-memory-leak-in-trace_mem.patch
+++ b/SOURCES/trace-cmd-mem-Prevent-a-memory-leak-in-trace_mem.patch
@ -1,36 +0,0 @@
 From b0e1a9c5c099282d30fee8f6aa89bd12ce5e8a73 Mon Sep 17 00:00:00 2001
 From: Jerome Marchand <jmarchan@redhat.com>
 Date: Tue, 29 Oct 2024 09:01:16 +0100
 Subject: [PATCH 7/8] trace-cmd mem: Prevent a memory leak in trace_mem()
 Close the tracecmd handle in the error path.
 Fixes a RESOURCE_LEAK error (CWE-772)
 Link: https://lore.kernel.org/20241029080117.625177-8-jmarchan@redhat.com
 Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
 Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
 ---
 tracecmd/trace-mem.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)
 diff --git a/tracecmd/trace-mem.c b/tracecmd/trace-mem.c
 index 3e1ac9f3..b8babbbc 100644
 --- a/tracecmd/trace-mem.c
 +++ b/tracecmd/trace-mem.c
@@ -554,10 +554,8 @@ void trace_mem(int argc, char **argv)
 		die("can't open %s\n", input_file);
 	ret = tracecmd_read_headers(handle, 0);
 -	if (ret)
 -		return;
 -
 -	do_trace_mem(handle);
 +	if (!ret)
 +		do_trace_mem(handle);
 	tracecmd_close(handle);
 }
 -- 
 2.47.0
--- a/SOURCES/trace-cmd-record-Check-the-length-of-the-protocol-ve.patch
+++ b/SOURCES/trace-cmd-record-Check-the-length-of-the-protocol-ve.patch
@ -1,39 +0,0 @@
 From 75d8bba90d8b4cbe1a80381f1dfbd80cbb0fbd60 Mon Sep 17 00:00:00 2001
 From: Jerome Marchand <jmarchan@redhat.com>
 Date: Tue, 29 Oct 2024 09:01:17 +0100
 Subject: [PATCH 8/8] trace-cmd record: Check the length of the protocol
 version received
 In check_protocol_version we compare the protocol version string with
 the expected one ("V3") with memcmp(). The received string could be
 longer than the constant string used for the comparison. That could
 lead to out of range access.
 Use the known length of the fixed "V3" string for the comparison and
 check that the received protocol version is not too short.
 Fixes a OVERRUN error (CWE-119)
 Link: https://lore.kernel.org/20241029080117.625177-9-jmarchan@redhat.com
 Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
 Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
 ---
 tracecmd/trace-record.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/tracecmd/trace-record.c b/tracecmd/trace-record.c
 index d78c13c2..febf8578 100644
 --- a/tracecmd/trace-record.c
 +++ b/tracecmd/trace-record.c
@@ -3811,7 +3811,7 @@ static void check_protocol_version(struct tracecmd_msg_handle *msg_handle)
 		msg_handle->version = V1_PROTOCOL;
 		tracecmd_plog("Use the v1 protocol\n");
 	} else {
 -		if (memcmp(buf, "V3", n) != 0)
 +		if (n < 3 || memcmp(buf, "V3", 3) != 0)
 			die("Cannot handle the protocol %s", buf);
 		/* OK, let's use v3 protocol */
 		write(fd, V3_MAGIC, sizeof(V3_MAGIC));
 -- 
 2.47.0
--- a/SOURCES/trace-cmd-record-Prevent-a-memory-leak-in-show_error.patch
+++ b/SOURCES/trace-cmd-record-Prevent-a-memory-leak-in-show_error.patch
@ -1,38 +0,0 @@
 From 8e7de34bca5fdfcd8276116db4dd02308de0e194 Mon Sep 17 00:00:00 2001
 From: Jerome Marchand <jmarchan@redhat.com>
 Date: Tue, 29 Oct 2024 09:01:11 +0100
 Subject: [PATCH 2/8] trace-cmd record: Prevent a memory leak in show_error()
 In show_error() the pointer p is used for several functions. At first,
 it contain a substring of path.
 Then it is replaced by either an allocated string containing the path
 to the error log file or the result of read_path(), neither of which
 are freed when exiting.
 Free p in both case in the exit path.
 Fixes a RESOURCE_LEAK error (CWE-772)
 Link: https://lore.kernel.org/20241029080117.625177-3-jmarchan@redhat.com
 Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
 Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
 ---
 tracecmd/trace-record.c | 1 +
 1 file changed, 1 insertion(+)
 diff --git a/tracecmd/trace-record.c b/tracecmd/trace-record.c
 index 0063d528..bdfa57b0 100644
 --- a/tracecmd/trace-record.c
 +++ b/tracecmd/trace-record.c
@@ -2374,6 +2374,7 @@ static void show_error(const char *file, const char *type)
  out:
 	printf("Failed %s of %s\n", type, file);
 +	free(p);
 	free(path);
 	return;
 }
 -- 
 2.47.0
--- a/SOURCES/trace-cmd-record-Prevent-memory-leak-in-setup_networ.patch
+++ b/SOURCES/trace-cmd-record-Prevent-memory-leak-in-setup_networ.patch
@ -1,41 +0,0 @@
 From e48db64dcb0dfddb6b8f6cd8624e1e2ff2c1302c Mon Sep 17 00:00:00 2001
 From: Jerome Marchand <jmarchan@redhat.com>
 Date: Tue, 29 Oct 2024 09:01:14 +0100
 Subject: [PATCH 5/8] trace-cmd record: Prevent memory leak in setup_network()
 Because of the again label, msg_handle can be already allocated if we
 exit after we got a negative socket file descriptor. Free it there.
 Also unassign msg_handle->fd as to not double close sfd.
 Fixes a RESOURCE_LEAK error (CWE-772)
 Link: https://lore.kernel.org/20241029080117.625177-6-jmarchan@redhat.com
 Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
 Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
 ---
 tracecmd/trace-record.c | 2 ++
 1 file changed, 2 insertions(+)
 diff --git a/tracecmd/trace-record.c b/tracecmd/trace-record.c
 index bdfa57b0..d78c13c2 100644
 --- a/tracecmd/trace-record.c
 +++ b/tracecmd/trace-record.c
@@ -3904,6 +3904,7 @@ static struct tracecmd_msg_handle *setup_network(struct buffer_instance *instanc
 	if (sfd < 0) {
 		free(thost);
 +		tracecmd_msg_handle_close(msg_handle);
 		return NULL;
 	}
@@ -3934,6 +3935,7 @@ static struct tracecmd_msg_handle *setup_network(struct buffer_instance *instanc
 		if (msg_handle->version == V1_PROTOCOL) {
 			/* reconnect to the server for using the v1 protocol */
 			close(sfd);
 +			msg_handle->fd = -1;
 			free(host);
 			host = NULL;
 			goto again;
 -- 
 2.47.0
--- a/SPECS/libtracecmd.spec
+++ b/SPECS/libtracecmd.spec
@ -1,19 +1,11 @@
 Name: libtracecmd
-Version: 1.5.2
+Version: 1.5.1
-Release: 1%{?dist}
+Release: 4%{?dist}
 License: LGPL-2.1-only AND LGPL-2.1-or-later AND GPL-2.0-only AND GPL-2.0-or-later
 Summary: A library for reading tracing instances stored in a trace file
 URL: https://git.kernel.org/pub/scm/utils/trace-cmd/trace-cmd.git/
 Source0: https://git.kernel.org/pub/scm/utils/trace-cmd/trace-cmd.git/snapshot/trace-cmd-libtracecmd-%{version}.tar.gz
 Patch0: trace-cmd-lib-Prevent-a-memory-leak-in-handle_option.patch
 Patch1: trace-cmd-record-Prevent-a-memory-leak-in-show_error.patch
 Patch2: trace-cmd-lib-Check-the-return-value-of-do_lseek-in-.patch
 Patch3: trace-cmd-dump-Prevent-buffer-overrun-in-dump_clock.patch
 Patch4: trace-cmd-record-Prevent-memory-leak-in-setup_networ.patch
 Patch5: trace-cmd-lib-Prevent-memory-leak-in-tracecmd_create.patch
 Patch6: trace-cmd-mem-Prevent-a-memory-leak-in-trace_mem.patch
 Patch7: trace-cmd-record-Check-the-length-of-the-protocol-ve.patch
 ExcludeArch: %{ix86} %{arm}
@ -44,7 +36,7 @@ Requires: libtracecmd%{_isa} = %{version}-%{release}
 Development files of the libtracecmd library
 %prep
-%autosetup -p1 -n trace-cmd-libtracecmd-%{version}
+%autosetup -n trace-cmd-libtracecmd-%{version}
 %build
 # MANPAGE_DOCBOOK_XSL define is hack to avoid using locate
@ -65,7 +57,7 @@ chrpath --delete %{buildroot}/%{_libdir}/libtracecmd.so*
 %license COPYING COPYING.LIB
 %doc README
 %{_libdir}/libtracecmd.so.1
-%{_libdir}/libtracecmd.so.%{version}
+%{_libdir}/libtracecmd.so.1.5.1
 %{_docdir}/libtracecmd-doc
 %{_mandir}/man3/libtracecmd*
 %{_mandir}/man3/tracecmd*
@ -76,13 +68,6 @@ chrpath --delete %{buildroot}/%{_libdir}/libtracecmd.so*
 %{_includedir}/trace-cmd
 %changelog
 * Thu Nov 28 2024 Jerome Marchand <jmarchan@redhat.com> - 1.5.2-1
 - Rebase to 1.5.2 and backport further SAST patches (RHEL-40112)
 * Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1.5.1-5
 - Bump release for October 2024 mass rebuild:
  Resolves: RHEL-64018
 * Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1.5.1-4
 - Bump release for June 2024 mass rebuild
`@ -1 +1 @@`
	`SOURCES/trace-cmd-libtracecmd-1.5.2.tar.gz`	`SOURCES/trace-cmd-libtracecmd-1.5.1.tar.gz`
`@ -1 +1 @@`
	`0cca186f458362023ff33875dcd1e353280c89f5 SOURCES/trace-cmd-libtracecmd-1.5.2.tar.gz`	`7b7c521fbc62f094a77f849cf0b831fbb200c0cd SOURCES/trace-cmd-libtracecmd-1.5.1.tar.gz`