diff --git a/0002-gui-wizard-gtk-Fix-a-segfault-and-memory-leak.patch b/0002-gui-wizard-gtk-Fix-a-segfault-and-memory-leak.patch new file mode 100644 index 0000000..2b38feb --- /dev/null +++ b/0002-gui-wizard-gtk-Fix-a-segfault-and-memory-leak.patch @@ -0,0 +1,66 @@ +From cb2ab9a8b2e1dbc89e100aedc432c29a16246e84 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Mat=C4=9Bj=20Grabovsk=C3=BD?= +Date: Sun, 27 Sep 2020 20:45:32 +0200 +Subject: [PATCH] gui-wizard-gtk: Fix a segfault and memory leak + +Only `arg[1]` has to be freed in `tv_details_row_activated()`, as +`arg[0]` is allocated statically. + +In `search_item_to_list_store_item()`, `tmp` gets overwritten with a new +value for every call to `gtk_text_buffer_get_text()`, so we need to free +the allocated memory continuously. + +Partially reverts 7aba6e53. + +Resolves rhbz#1882950 +--- + src/gui-wizard-gtk/wizard.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/src/gui-wizard-gtk/wizard.c b/src/gui-wizard-gtk/wizard.c +index a532c633..775b709f 100644 +--- a/src/gui-wizard-gtk/wizard.c ++++ b/src/gui-wizard-gtk/wizard.c +@@ -707,7 +707,7 @@ static void tv_details_row_activated( + return; + + gint exitcode; +- g_autofree gchar *arg[3]; ++ gchar *arg[3]; + arg[0] = (char *) "xdg-open"; + arg[1] = g_build_filename(g_dump_dir_name ? g_dump_dir_name : "", item_name, NULL); + arg[2] = NULL; +@@ -751,6 +751,8 @@ static void tv_details_row_activated( + gtk_widget_destroy(scrolled); + gtk_widget_destroy(dialog); + } ++ ++ g_free(arg[1]); + } + + /* static gboolean tv_details_select_cursor_row( +@@ -2126,17 +2128,20 @@ static void search_item_to_list_store_item(GtkListStore *store, GtkTreeIter *new + gtk_text_iter_backward_char(end); + } + +- g_autofree gchar *tmp = gtk_text_buffer_get_text(word->buffer, beg, &(word->start), ++ gchar *tmp = gtk_text_buffer_get_text(word->buffer, beg, &(word->start), + /*don't include hidden chars*/FALSE); + g_autofree gchar *prefix = g_markup_escape_text(tmp, /*NULL terminated string*/-1); ++ g_free(tmp); + + tmp = gtk_text_buffer_get_text(word->buffer, &(word->start), &(word->end), + /*don't include hidden chars*/FALSE); + g_autofree gchar *text = g_markup_escape_text(tmp, /*NULL terminated string*/-1); ++ g_free(tmp); + + tmp = gtk_text_buffer_get_text(word->buffer, &(word->end), end, + /*don't include hidden chars*/FALSE); + g_autofree gchar *suffix = g_markup_escape_text(tmp, /*NULL terminated string*/-1); ++ g_clear_pointer(&tmp, g_free); + + char *content = g_strdup_printf("%s%s%s", prefix, text, suffix); + +-- +2.26.2 + diff --git a/libreport.spec b/libreport.spec index 09d48c2..c160ab3 100644 --- a/libreport.spec +++ b/libreport.spec @@ -15,12 +15,13 @@ Summary: Generic library for reporting various problems Name: libreport Version: 2.14.0 -Release: 7%{?dist} +Release: 8%{?dist} License: GPLv2+ URL: https://abrt.readthedocs.org/ Source: https://github.com/abrt/%{name}/archive/%{version}/%{name}-%{version}.tar.gz Patch0: 0001-gui-wizard-gtk-Fix-a-double-free-condition.patch +Patch1: 0002-gui-wizard-gtk-Fix-a-segfault-and-memory-leak.patch BuildRequires: %{dbus_devel} BuildRequires: gtk3-devel @@ -661,6 +662,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : %endif %changelog +* Sun Sep 27 2020 Matěj Grabovský - 2.14.0-8 +- Add fix for https://bugzilla.redhat.com/show_bug.cgi?id=1882950 + * Fri Sep 25 2020 Matěj Grabovský - 2.14.0-7 - Add fix for https://bugzilla.redhat.com/show_bug.cgi?id=1882319