!23 fix CVE-2021-42523
From: @kerongw Reviewed-by: @t_feng Signed-off-by: @t_feng
This commit is contained in:
openeuler-ci-bot
Gitee
commit
e6da26d6e9
@ -1,29 +1,21 @@
|
|||||||
From 6a54706b39e41b47edb3186e5ac6151007a88626 Mon Sep 17 00:00:00 2001
|
From adf41f36cf7214d7d6fa8d528b74eba47c377405 Mon Sep 17 00:00:00 2001
|
||||||
From: Zero0one1 <summerlinasity@gmail.com>
|
From: Zero0one1 <arya_lee@qq.com>
|
||||||
Date: Thu, 1 Apr 2021 21:16:56 +0800
|
Date: Fri, 2 Apr 2021 16:45:56 +0800
|
||||||
Subject: [PATCH] Fix the potential memory leakage in issue
|
Subject: [PATCH] Fix a small memory leak in sqlite3_exec()
|
||||||
https://github.com/hughsie/colord/issues/110 by setting the 5th paramerter of
|
|
||||||
sqlite3_exec() to NULL
|
Fixes https://github.com/hughsie/colord/issues/110
|
||||||
|
|
||||||
Conflict:NA
|
Conflict:NA
|
||||||
Reference:https://github.com/hughsie/colord/pull/130/commits/6a54706b39e41b47edb3186e5ac6151007a88626
|
Reference:https://github.com/hughsie/colord/commit/adf41f36cf7214d7d6fa8d528b74eba47c377405
|
||||||
|
|
||||||
---
|
---
|
||||||
src/cd-device-db.c | 4 ++--
|
src/cd-device-db.c | 2 +-
|
||||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
diff --git a/src/cd-device-db.c b/src/cd-device-db.c
|
diff --git a/src/cd-device-db.c b/src/cd-device-db.c
|
||||||
index a212c83d..8da1a4a9 100644
|
index a212c83d..3ae44ef2 100644
|
||||||
--- a/src/cd-device-db.c
|
--- a/src/cd-device-db.c
|
||||||
+++ b/src/cd-device-db.c
|
+++ b/src/cd-device-db.c
|
||||||
@@ -79,7 +79,7 @@ cd_device_db_load (CdDeviceDb *ddb,
|
|
||||||
|
|
||||||
/* check devices */
|
|
||||||
rc = sqlite3_exec (priv->db, "SELECT * FROM devices LIMIT 1",
|
|
||||||
- NULL, NULL, &error_msg);
|
|
||||||
+ NULL, NULL, NULL);
|
|
||||||
if (rc != SQLITE_OK) {
|
|
||||||
g_debug ("CdDeviceDb: creating table to repair: %s", error_msg);
|
|
||||||
sqlite3_free (error_msg);
|
|
||||||
@@ -91,7 +91,7 @@ cd_device_db_load (CdDeviceDb *ddb,
|
@@ -91,7 +91,7 @@ cd_device_db_load (CdDeviceDb *ddb,
|
||||||
|
|
||||||
/* check properties version 2 */
|
/* check properties version 2 */
|
||||||
@ -33,4 +25,3 @@ index a212c83d..8da1a4a9 100644
|
|||||||
if (rc != SQLITE_OK) {
|
if (rc != SQLITE_OK) {
|
||||||
statement = "CREATE TABLE properties_v2 ("
|
statement = "CREATE TABLE properties_v2 ("
|
||||||
"device_id TEXT,"
|
"device_id TEXT,"
|
||||||
|
|
||||||
|
|||||||
@ -1,25 +1,25 @@
|
|||||||
From 2ca40d1732bb233a8a6da59a3413abb92aebf8e1 Mon Sep 17 00:00:00 2001
|
From 1452a975ecae14299fb27d41522dfd32305481ce Mon Sep 17 00:00:00 2001
|
||||||
From: Zero0one1 <summerlinasity@gmail.com>
|
From: Richard Hughes <richard@hughsie.com>
|
||||||
Date: Fri, 2 Apr 2021 13:48:17 +0800
|
Date: Wed, 13 Apr 2022 14:21:32 +0100
|
||||||
Subject: [PATCH] Leave the used error_msg unchanged
|
Subject: [PATCH] trivial: Fix a small memory leak on db open failure
|
||||||
|
|
||||||
Conflict:NA
|
Conflict:Using g_autofree will make the testcase fail, so here we use sqlite3_free to free the memory
|
||||||
Reference:https://github.com/hughsie/colord/pull/130/commits/2ca40d1732bb233a8a6da59a3413abb92aebf8e1
|
Reference:https://github.com/hughsie/colord/commit/1452a975ecae14299fb27d41522dfd32305481ce
|
||||||
---
|
---
|
||||||
src/cd-device-db.c | 2 +-
|
src/cd-profile-db.c | 1 +
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
1 file changed, 1 insertion(+)
|
||||||
|
|
||||||
diff --git a/src/cd-device-db.c b/src/cd-device-db.c
|
|
||||||
index 8da1a4a9..3ae44ef2 100644
|
|
||||||
--- a/src/cd-device-db.c
|
|
||||||
+++ b/src/cd-device-db.c
|
|
||||||
@@ -79,7 +79,7 @@ cd_device_db_load (CdDeviceDb *ddb,
|
|
||||||
|
|
||||||
/* check devices */
|
|
||||||
rc = sqlite3_exec (priv->db, "SELECT * FROM devices LIMIT 1",
|
|
||||||
- NULL, NULL, NULL);
|
|
||||||
+ NULL, NULL, &error_msg);
|
|
||||||
if (rc != SQLITE_OK) {
|
|
||||||
g_debug ("CdDeviceDb: creating table to repair: %s", error_msg);
|
|
||||||
sqlite3_free (error_msg);
|
|
||||||
|
|
||||||
|
diff --git a/src/cd-profile-db.c b/src/cd-profile-db.c
|
||||||
|
index 5661d09..d6361ac 100644
|
||||||
|
--- a/src/cd-profile-db.c
|
||||||
|
+++ b/src/cd-profile-db.c
|
||||||
|
@@ -87,6 +87,7 @@ cd_profile_db_load (CdProfileDb *pdb,
|
||||||
|
"uid INTEGER,"
|
||||||
|
"value TEXT,"
|
||||||
|
"PRIMARY KEY (profile_id, property, uid));";
|
||||||
|
+ sqlite3_free (error_msg);
|
||||||
|
sqlite3_exec (priv->db, statement, NULL, NULL, NULL);
|
||||||
|
}
|
||||||
|
return TRUE;
|
||||||
|
--
|
||||||
|
2.33.0
|
||||||
|
|||||||
@ -1,6 +1,6 @@
|
|||||||
Name: colord
|
Name: colord
|
||||||
Version: 1.4.5
|
Version: 1.4.5
|
||||||
Release: 3
|
Release: 4
|
||||||
Summary: A system activated daemon
|
Summary: A system activated daemon
|
||||||
License: GPLv2+ and LGPLv2+
|
License: GPLv2+ and LGPLv2+
|
||||||
URL: https://www.freedesktop.org/software/colord/
|
URL: https://www.freedesktop.org/software/colord/
|
||||||
@ -171,6 +171,9 @@ exit 0
|
|||||||
%{_datadir}/man/man1/*.1.gz
|
%{_datadir}/man/man1/*.1.gz
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Aug 31 2022 wangkerong <wangkerong@h-partners.com> - 1.4.5-4
|
||||||
|
- fix CVE-2021-42523
|
||||||
|
|
||||||
* Mon Aug 29 2022 wangkerong <wangkerong@h-partners.com> - 1.4.5-3
|
* Mon Aug 29 2022 wangkerong <wangkerong@h-partners.com> - 1.4.5-3
|
||||||
- fix CVE-2021-42523
|
- fix CVE-2021-42523
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user