Bug 1789707

Summary: Fix resource leaks, Fix using of undefined value
Product: Red Hat Enterprise Linux 8 Reporter: Jaroslav Rohel <jrohel>
Component: createrepo_cAssignee: amatej
Status: CLOSED ERRATA QA Contact: Eva Mrakova <emrakova>
Severity: unspecified Docs Contact:
Priority: medium    
Version: 8.2Keywords: Triaged
Target Milestone: rc   
Target Release: 8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: createrepo_c-0.15.10-1.el8 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-11-04 03:09:16 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jaroslav Rohel 2020-01-10 08:36:38 UTC 
Description of problems:

1. The value of "ret" variable is not defined at these places in cr_read() in file compression_wrapper.c:
1152: if (cr_file->stat && ret != CR_CW_ERR)
1164:     return ret;

Solution:
Initialize "ret" variable to CR_CW_ERR value at the beginning of the function or set "ret" variable to CR_CW_ERR value before break at line 1138:

--------
2. There are resource leaks in function dump_merged_metadata() in file mergerepo.c.
Allocation of resources:
878: cr_ContentStat *pri_zck_stat = cr_contentstat_new(CR_CHECKSUM_SHA256, NULL);
879: cr_ContentStat *fil_zck_stat = cr_contentstat_new(CR_CHECKSUM_SHA256, NULL);
880: cr_ContentStat *oth_zck_stat = cr_contentstat_new(CR_CHECKSUM_SHA256, NULL);
These resources leaks on more places in the function.

--------
3. There is resource leak in cr_metadata_locate_and_load_xml() in file load_metadata.c.
Allocation:
673: ml = cr_locate_metadata(repopath, TRUE, &tmp_err);
It leaks at line 683.

Version-Release number of selected component (if applicable):
createrepo_c-0.15.1-1.el8
Comment 2 amatej 2020-01-10 14:12:27 UTC 
Created a PR here: https://github.com/rpm-software-management/createrepo_c/pull/199
Comment 9 errata-xmlrpc 2020-11-04 03:09:16 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (createrepo_c bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2020:4700