backport patches from upstream to fix memleak

backport-Fix-Header-leak-when-running-rpm2cpio.patch

@@ -0,0 +1,29 @@
+From cf27c6f4963dcf27302d0f4fa39d7787dd03f942 Mon Sep 17 00:00:00 2001
+From: xujing <xujing125@huawei.com>
+Date: Fri, 25 Nov 2022 17:18:33 +0800
+Subject: [PATCH] Fix Header leak when running rpm2cpio
+
+Header "h" is alloced in rpmReadPackageFile but not freed when
+running rpm2cpio. Fix it. Remove redundant whitespace between
+the Fclose()'s too while at it for logical cleanup grouping.
+---
+ rpm2cpio.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/rpm2cpio.c b/rpm2cpio.c
+index fcc3b3079..940d6ce38 100644
+--- a/rpm2cpio.c
++++ b/rpm2cpio.c
+@@ -96,8 +96,8 @@ int main(int argc, char *argv[])
+      */
+     rc = (ufdCopy(gzdi, fdo) >= payload_size) ? EXIT_SUCCESS : EXIT_FAILURE;
+ 
++    headerFree(h);
+     Fclose(fdo);
+-
+     Fclose(gzdi);	/* XXX gzdi == fdi */
+ 
+     return rc;
+-- 
+2.33.0
+

backport-Fix-eiu-sourceURL-info-leak-in-rpmInstall.patch

@@ -0,0 +1,31 @@
+From 084c64d5ea0e1a309d3b57dc95926eb1536d0a7a Mon Sep 17 00:00:00 2001
+From: xujing <xujing125@huawei.com>
+Date: Thu, 24 Nov 2022 11:43:28 +0800
+Subject: [PATCH 1/3] Fix eiu->sourceURL info leak in rpmInstall()
+
+When installing source rpms, eiu->sourceURL info is leaked.
+---
+ lib/rpminstall.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/lib/rpminstall.c b/lib/rpminstall.c
+index 097599681..eb68deb4d 100644
+--- a/lib/rpminstall.c
++++ b/lib/rpminstall.c
+@@ -672,8 +672,13 @@ exit:
+ 	    eiu->pkgURL[i] = _free(eiu->pkgURL[i]);
+ 	}
+     }
++    if (eiu->sourceURL != NULL) {
++        for (i = 0; i < eiu->numSRPMS; i++)
++	    eiu->sourceURL[i] = _free(eiu->sourceURL[i]);
++    }
+     eiu->pkgState = _free(eiu->pkgState);
+     eiu->pkgURL = _free(eiu->pkgURL);
++    eiu->sourceURL = _free(eiu->sourceURL);
+     eiu->argv = _free(eiu->argv);
+     rc = eiu->numFailed;
+     free(eiu);
+-- 
+2.33.0
+

backport-Fix-h-blob-leak-when-installing-source-rpms.patch

@@ -0,0 +1,28 @@
+From 86c1d9738de58eb8f8844c5345baeb578ace9485 Mon Sep 17 00:00:00 2001
+From: xujing <xujing125@huawei.com>
+Date: Thu, 24 Nov 2022 17:33:53 +0800
+Subject: [PATCH 3/3] Fix h->blob leak when installing source rpms
+
+When installing source rpms, "ei" is malloced and is saved in
+blob->ei by rpmReadPackageFile->rpmpkgRead->hdrblobRead, and then
+blob->ei is saved in h->blob by rpmReadPackageFile->hdrblobImport,
+which is leaked during installation.
+---
+ lib/header.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/lib/header.c b/lib/header.c
+index 31d2fca30..004102dd2 100644
+--- a/lib/header.c
++++ b/lib/header.c
+@@ -241,6 +241,7 @@ Header headerFree(Header h)
+ 	}
+ 	h->index = _free(h->index);
+     }
++    h->blob = _free(h->blob);
+ 
+     h = _free(h);
+     return NULL;
+-- 
+2.33.0
+

backport-Fix-header-leak-in-rpmInstall.patch

@@ -0,0 +1,42 @@
+From 15a0c73f4698bc58fa2a633d46527c7813150f3a Mon Sep 17 00:00:00 2001
+From: xujing <xujing125@huawei.com>
+Date: Thu, 24 Nov 2022 10:43:11 +0800
+Subject: [PATCH] Fix header leak in rpmInstall()
+
+When rpm installs a package, the header from tryReadHeader()
+in rpmInstall() is leaked in some cases.
+---
+ lib/rpminstall.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/lib/rpminstall.c b/lib/rpminstall.c
+index 9167dbdde..097599681 100644
+--- a/lib/rpminstall.c
++++ b/lib/rpminstall.c
+@@ -561,13 +561,14 @@ restart:
+ 	    rc = tryReadManifest(eiu);
+ 	    if (rc == RPMRC_OK) {
+ 	        eiu->prevx++;
++		headerFree(h);
+ 	        goto restart;
+ 	    }
+ 	}
+ 
+ 	if (headerIsSource(h)) {
++	    headerFree(h);
+ 	    if (ia->installInterfaceFlags & INSTALL_FRESHEN) {
+-		headerFree(h);
+ 	        continue;
+ 	    }
+ 	    rpmlog(RPMLOG_DEBUG, "\tadded source package [%d]\n",
+@@ -592,6 +593,7 @@ restart:
+ 		rpmlog(RPMLOG_ERR, _("package %s is not relocatable\n"),
+ 		       headerGetString(h, RPMTAG_NAME));
+ 		eiu->numFailed++;
++		headerFree(h);
+ 		goto exit;
+ 	    }
+ 	}
+-- 
+2.33.0
+

backport-Use-unsigned-integers-more-consistently-in-the-handl.patch

@@ -0,0 +1,63 @@
+From 8e6108a5964c7289f3db70f3d188293276416528 Mon Sep 17 00:00:00 2001
+From: Daniel Alley <dalley@redhat.com>
+Date: Thu, 8 Dec 2022 09:40:00 -0500
+Subject: [PATCH] Use unsigned integers more consistently in the handling of
+ tag data
+
+Not a functional change, it just makes the code more clear and
+self-consistent.
+---
+ lib/header.c | 16 ++++++++--------
+ 1 file changed, 8 insertions(+), 8 deletions(-)
+
+diff --git a/lib/header.c b/lib/header.c
+index 004102dd2..72fb3d4fe 100644
+--- a/lib/header.c
++++ b/lib/header.c
+@@ -568,7 +568,7 @@ static int regionSwab(indexEntry entry, int il, int dl,
+ 	    }
+ 	}   break;
+ 	case RPM_INT32_TYPE:
+-	{   int32_t * it = ie.data;
++	{   uint32_t * it = ie.data;
+ 	    for (; ie.info.count > 0; ie.info.count--, it += 1) {
+ 		if (dataEnd && ((unsigned char *)it) >= dataEnd)
+ 		    return -1;
+@@ -576,7 +576,7 @@ static int regionSwab(indexEntry entry, int il, int dl,
+ 	    }
+ 	}   break;
+ 	case RPM_INT16_TYPE:
+-	{   int16_t * it = ie.data;
++	{   uint16_t * it = ie.data;
+ 	    for (; ie.info.count > 0; ie.info.count--, it += 1) {
+ 		if (dataEnd && ((unsigned char *)it) >= dataEnd)
+ 		    return -1;
+@@ -772,9 +772,9 @@ static void * doExport(const struct indexEntry_s *hindex, int indexUsed,
+ 	    count = entry->info.count;
+ 	    src = entry->data;
+ 	    while (count--) {
+-		*((int32_t *)te) = htonl(*((int32_t *)src));
+-		te += sizeof(int32_t);
+-		src += sizeof(int32_t);
++		*((uint32_t *)te) = htonl(*((uint32_t *)src));
++		te += sizeof(uint32_t);
++		src += sizeof(uint32_t);
+ 	    }
+ 	    break;
+ 
+@@ -782,9 +782,9 @@ static void * doExport(const struct indexEntry_s *hindex, int indexUsed,
+ 	    count = entry->info.count;
+ 	    src = entry->data;
+ 	    while (count--) {
+-		*((int16_t *)te) = htons(*((int16_t *)src));
+-		te += sizeof(int16_t);
+-		src += sizeof(int16_t);
++		*((uint16_t *)te) = htons(*((uint16_t *)src));
++		te += sizeof(uint16_t);
++		src += sizeof(uint16_t);
+ 	    }
+ 	    break;
+ 
+-- 
+2.33.0
+

rpm.spec

@@ -1,6 +1,6 @@
 Name:          rpm
 Version:       4.17.0
-Release:       18
+Release:       19
 Summary:       RPM Package Manager
 License:       GPLv2+
 URL:           http://www.rpm.org/
@@ -85,6 +85,11 @@ Patch6048: backport-Fix-rpm-lua-rpm_vercmp-error-message-if-second-argum.patch
 Patch6049: backport-Make-pgpPubkeyFingerprint-do-something-meaningful-ag.patch
 Patch6050: backport-Fix-possible-descriptor-leak-in-fsmOpenat.patch
 Patch6051: backport-Move-file-metadata-setting-back-to-unpack-stage.patch
+Patch6052: backport-Fix-header-leak-in-rpmInstall.patch
+Patch6053: backport-Fix-eiu-sourceURL-info-leak-in-rpmInstall.patch
+Patch6054: backport-Fix-h-blob-leak-when-installing-source-rpms.patch
+Patch6055: backport-Fix-Header-leak-when-running-rpm2cpio.patch
+Patch6056: backport-Use-unsigned-integers-more-consistently-in-the-handl.patch
 
 Patch9000: rpm-fix-rpm-is-blocked-when-open-fifo-file.patch
 
@@ -367,6 +372,9 @@ make check || (cat tests/rpmtests.log; exit 0)
 %exclude %{_mandir}/man8/rpmspec.8.gz
 
 %changelog
+* Mon Dec 19 2022 xujing<xujing125@huawei.com> - 4.17.0-19
+- backport patches from upstream to fix memleak
+
 * Mon Nov 28 2022 renhongxun<renhongxun@h-partners.com> - 4.17.0-18
 - Move file metadata setting back to unpack stage