Bug 1935807

Summary: [ESXi][RHEL-8.5][open-vm-tools] Coverity detected an important defect in open-vm-tools-11.2.5 rebase
Product: Red Hat Enterprise Linux 8 Reporter: Cathy Avery <cavery>
Component: open-vm-toolsAssignee: Cathy Avery <cavery>
Status: CLOSED ERRATA QA Contact: ldu <ldu>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 8.5CC: cavery, jen, jjarvis, jsaks, jsavanyo, ldu, leiwang, mrezanin, ravindrakumar, ribarry, yacao
Target Milestone: rcKeywords: Triaged
Target Release: ---Flags: pm-rhel: mirror+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: open-vm-tools-11.2.5-2.el8 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-11-09 18:18:02 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Cathy Avery 2021-03-05 15:41:05 UTC 
Coverity has detected this memory leak:

 Error: RESOURCE_LEAK (CWE-772):
     open-vm-tools-11.2.5-17337674/vgauth/serviceImpl/saml-xmlsec1.c:898:
     alloc_fn: Storage is returned from allocation function "g_strdup".
     open-vm-tools-11.2.5-17337674/vgauth/serviceImpl/saml-xmlsec1.c:898:
     var_assign: Assigning: "subjectVal" = storage returned from "g_strdup(tmp)".
     open-vm-tools-11.2.5-17337674/vgauth/serviceImpl/saml-xmlsec1.c:966:
     leaked_storage: Variable "subjectVal" going out of scope leaks the
     storage it points to.
     #  964|      retCode = validSubjectFound;
     #  965|   done:
     #  966|->    return retCode;
     #  967|   }
     #  968|
Comment 1 Cathy Avery 2021-03-05 15:50:39 UTC 
Jonathan jsaks@vmware is currently looking at the issue.
Comment 2 Cathy Avery 2021-03-08 13:44:37 UTC 
Change ITM to 9. vmware will have fix ready by sometime in April.
Comment 3 jsaks 2021-03-29 15:25:21 UTC 
A fix is now available at commit 4f7441d8cd20923e509ff819084693bbd8c928df from https://github.com/vmware/open-vm-tools/tree/devel.
Comment 14 ldu 2021-05-31 06:03:16 UTC 
Run regression test on RHEL 8.5 with build open-vm-tools-11.2.5-2.el8, all test cases passed, no new issue found.
So change status to verified.
Comment 16 errata-xmlrpc 2021-11-09 18:18:02 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (open-vm-tools bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:4225