Description of problem: Coverity report shows a memory leak in watchdog-5.16/src/run-as-child.c:102 with `realloc()` call. Issue is that realloc may return `NULL` when there is an error causing `opt` to be a null pointer and losing the pointer to the memory that was allocated by `strdup()` or reallocated by `realloc()`. Recommend using a temporary ptr to assign the return value from realloc in order to test for NULL prior to updating the `opt` pointer. **This is a hardening bug, not a CVE.** Version-Release number of selected component (if applicable): 5.16-1 Steps to Reproduce: 1. watchdog needs to be run with the verbose flag 2. watchdog needs to receive test/repair arguments of sufficient length to cause a ENOMEM or another error that may be triggered by realloc
Created attachment 1832832 [details] Proposed solution
FEDORA-2021-45b7585d65 has been submitted as an update to Fedora 33. https://bodhi.fedoraproject.org/updates/FEDORA-2021-45b7585d65
FEDORA-2021-4cf4b682e8 has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2021-4cf4b682e8
FEDORA-2021-45b7585d65 has been pushed to the Fedora 33 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-45b7585d65` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-45b7585d65 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2021-31748c40a6 has been pushed to the Fedora 34 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-31748c40a6` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-31748c40a6 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2021-4cf4b682e8 has been pushed to the Fedora 35 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-4cf4b682e8` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-4cf4b682e8 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2021-45b7585d65 has been pushed to the Fedora 33 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2021-31748c40a6 has been pushed to the Fedora 34 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2021-4cf4b682e8 has been pushed to the Fedora 35 stable repository. If problem still persists, please make note of it in this bug report.