Bug 801634 (CVE-2012-1147)

Summary: CVE-2012-1147 expat: resource leak in readfilemap.c
Product: [Other] Security Response Reporter: Kurt Seifried <kseifried>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: acathrow, apevec, bazulay, cpelland, dblechte, iheim, jclere, jkt, jorton, mburns, uril
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: expat 2.1.0 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-07-11 08:04:02 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 801654    

Description Kurt Seifried 2012-03-09 04:13:05 UTC 
martin ettl reported a resource leak in expat[1]:

during a check with the static code analysis tool cppcheck, i found a resource leak, I reported it to the wxWidgets developers. The told me to contact you:
http://trac.wxwidgets.org/ticket/11432
http://trac.wxwidgets.org/ticket/11194

Best regards

Orbitcowboy

[1] http://sourceforge.net/tracker/?func=detail&atid=110127&aid=2895533&group_id=10127
http://mail.python.org/pipermail/expat-bugs/2009-November/002858.html
Comment 3 Kurt Seifried 2012-04-13 03:42:19 UTC 
xmlwf/readfilemap.c is used on Windows only, from configure:

if test "$ac_cv_func_mmap_fixed_mapped" = "yes"; then
    FILEMAP=unixfilemap
else
    FILEMAP=readfilemap
fi


NOTABUG on UNIX, but affects Windows so expat is not affected but mingw32-expat may be affected on Windows.
Comment 4 Tomas Hoger 2014-07-11 08:04:02 UTC 
Upstream bug:
http://sourceforge.net/p/expat/bugs/2895533/

Upstream commit:
http://expat.cvs.sourceforge.net/viewvc/expat/expat/xmlwf/readfilemap.c?view=log#rev1.15

Fixed upstream in 2.1.0:
http://sourceforge.net/projects/expat/files/expat/2.1.0/
  #2895533: CVE-2012-1147 - Resource leak in readfilemap.c.

As noted above, this did not affect Linux / Unix builds of expat.  mingw-expat packages in Fedora and EPEL-7 are already updated to fixed upstream version 2.1.0.

This only affected xmlfw tool and not the expat library itself, and hence had no real impact.