commit e4550ae133d171cb3eb25bce4281daeb6ea36915
Author: Jan Palus <at...@pld-linux.org>
Date: Sat Dec 16 13:02:07 2023 +0100
upstream fix for crashes in version 2.1.9; rel 2
from: https://github.com/containers/conmon/pull/476
conmon.spec | 4 +++-
crash.patch | 31 +++++++++++++++++++++++++++++++
2 files changed, 34 insertions(+), 1 deletion(-)
---
diff --git a/conmon.spec b/conmon.spec
index 9bf56fe..8073248 100644
--- a/conmon.spec
+++ b/conmon.spec
@@ -8,12 +8,13 @@
Summary: OCI container runtime monitor
Name: conmon
Version: 2.1.9
-Release: 1
+Release: 2
License: Apache v2.0
Group: Applications/System
#Source0Download: https://github.com/containers/conmon/releases
Source0:
https://github.com/containers/conmon/archive/v%{version}/%{name}-%{version}.tar.gz
# Source0-md5: f5dca5c1f79aeb4689bd9986d1c69b55
+Patch0: crash.patch
URL: https://github.com/containers/conmon
BuildRequires: glib2-devel
%{?with_docs:BuildRequires: go-md2man}
@@ -30,6 +31,7 @@ or crun) for a single container.
%prep
%setup -q
+%patch0 -p1
%{__rm} -r tools/vendor
diff --git a/crash.patch b/crash.patch
new file mode 100644
index 0000000..2f0fdbd
--- /dev/null
+++ b/crash.patch
@@ -0,0 +1,31 @@
+From 8557c117bcab03e3c16e40ffb7bd450d697f72c7 Mon Sep 17 00:00:00 2001
+From: Dominique Martinet <dominique.marti...@atmark-techno.com>
+Date: Fri, 15 Dec 2023 12:44:03 +0900
+Subject: [PATCH] Fix incorrect free in conn_sock
+
+Earlier commit freed socket_parent_dir()'s result which is correct in
+the case it returns a path from g_build_filename, but when it returns
+opt_bundle_path the string should not be freed.
+
+Make the function always return an allocated string that can be freed
+
+Fixes: #475
+Fixes: fad6bac8e65f ("fix some issues flagged by SAST scan")
+Signed-off-by: Dominique Martinet <dominique.marti...@atmark-techno.com>
+---
+ src/conn_sock.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/conn_sock.c b/src/conn_sock.c
+index 62a02266..3b854e33 100644
+--- a/src/conn_sock.c
++++ b/src/conn_sock.c
+@@ -314,7 +314,7 @@ char *socket_parent_dir(gboolean use_full_attach_path,
size_t desired_len)
+ {
+ /* if we're to use the full path, ignore the socket path and only use
the bundle_path */
+ if (use_full_attach_path)
+- return opt_bundle_path;
++ return strdup(opt_bundle_path);
+
+ char *base_path = g_build_filename(opt_socket_path, opt_cuuid, NULL);
+
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/conmon.git/commitdiff/e4550ae133d171cb3eb25bce4281daeb6ea36915
_______________________________________________
pld-cvs-commit mailing list
pld-cvs-commit@lists.pld-linux.org
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
