From 334225414d6921caa12670e1da5d7223ec46f8a8 Mon Sep 17 00:00:00 2001
From: xujing <xujing125@huawei.com>
Date: Mon, 19 Dec 2022 19:49:10 +0800
Subject: [PATCH] Fix file leak when src rpm in URL format is used for
 installation

---
 ...en-src-rpm-in-URL-format-is-used-for.patch | 33 +++++++++++++++++++
 rpm.spec                                      |  6 +++-
 2 files changed, 38 insertions(+), 1 deletion(-)
 create mode 100644 backport-Fix-file-leak-when-src-rpm-in-URL-format-is-used-for.patch

diff --git a/backport-Fix-file-leak-when-src-rpm-in-URL-format-is-used-for.patch b/backport-Fix-file-leak-when-src-rpm-in-URL-format-is-used-for.patch
new file mode 100644
index 0000000..de7f89f
--- /dev/null
+++ b/backport-Fix-file-leak-when-src-rpm-in-URL-format-is-used-for.patch
@@ -0,0 +1,33 @@
+From 0b34438ccc3fdcbdaa6226d2398df88cc7439603 Mon Sep 17 00:00:00 2001
+From: xujing <xujing125@huawei.com>
+Date: Thu, 24 Nov 2022 17:16:46 +0800
+Subject: [PATCH 2/3] Fix file leak when src rpm in URL format is used for
+ installation
+
+%{_tmppath}/rpm-tmp.* is created by rpmMkTempFile() when src rpm in
+URL format is used for installation, which is leaked.
+---
+ lib/rpminstall.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/lib/rpminstall.c b/lib/rpminstall.c
+index eb68deb4d..b392cf1c3 100644
+--- a/lib/rpminstall.c
++++ b/lib/rpminstall.c
+@@ -673,8 +673,12 @@ exit:
+ 	}
+     }
+     if (eiu->sourceURL != NULL) {
+-        for (i = 0; i < eiu->numSRPMS; i++)
++        for (i = 0; i < eiu->numSRPMS; i++) {
++	    if (eiu->sourceURL[i] == NULL) continue;
++	    if (eiu->pkgState[i] == 1)
++	        (void) unlink(eiu->sourceURL[i]);
+ 	    eiu->sourceURL[i] = _free(eiu->sourceURL[i]);
++	}
+     }
+     eiu->pkgState = _free(eiu->pkgState);
+     eiu->pkgURL = _free(eiu->pkgURL);
+-- 
+2.33.0
+
diff --git a/rpm.spec b/rpm.spec
index 8e1d865..ce43e4b 100644
--- a/rpm.spec
+++ b/rpm.spec
@@ -1,6 +1,6 @@
 Name:          rpm
 Version:       4.17.0
-Release:       19
+Release:       20
 Summary:       RPM Package Manager
 License:       GPLv2+
 URL:           http://www.rpm.org/
@@ -90,6 +90,7 @@ Patch6053: backport-Fix-eiu-sourceURL-info-leak-in-rpmInstall.patch
 Patch6054: backport-Fix-h-blob-leak-when-installing-source-rpms.patch
 Patch6055: backport-Fix-Header-leak-when-running-rpm2cpio.patch
 Patch6056: backport-Use-unsigned-integers-more-consistently-in-the-handl.patch
+Patch6057: backport-Fix-file-leak-when-src-rpm-in-URL-format-is-used-for.patch
 
 Patch9000: rpm-fix-rpm-is-blocked-when-open-fifo-file.patch
 
@@ -372,6 +373,9 @@ make check || (cat tests/rpmtests.log; exit 0)
 %exclude %{_mandir}/man8/rpmspec.8.gz
 
 %changelog
+* Mon Dec 19 2022 xujing<xujing125@huawei.com> - 4.17.0-20
+- Fix file leak when src rpm in URL format is used for installation
+
 * Mon Dec 19 2022 xujing<xujing125@huawei.com> - 4.17.0-19
 - backport patches from upstream to fix memleak