!21 [sync] PR-18: Revert fix memory leak regressions in popt

From: @openeuler-sync-bot 
Reviewed-by: @licunlong 
Signed-off-by: @licunlong

backport-Consider-POPT_CONTEXT_KEEP_FIRST-during-reset.patch

@@ -0,0 +1,38 @@
+From cd32d1c7da8265a06491d72190c649496ae2f489 Mon Sep 17 00:00:00 2001
+From: Tobias Stoeckmann <tobias@stoeckmann.org>
+Date: Sun, 16 Aug 2020 20:39:20 +0200
+Subject: [PATCH] Consider POPT_CONTEXT_KEEP_FIRST during reset.
+
+If context is created with POPT_CONTEXT_KEEP_FIRST flag, then the
+first argv entry is parsed as well (argv[0] is normally the program
+name).
+
+Calling poptResetContext should reset the context exactly back into
+the state in wich it was after poptGetContext.
+
+Unfortunately the "next" value is always set to 1, i.e. pointing
+towards argv[1]. Consider POPT_CONTEXT_KEEP_FIRST. If it is set,
+point to argv[0] just like poptGetContext does.
+---
+ src/popt.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/popt.c b/src/popt.c
+index c08b3c9..b7d9478 100644
+--- a/src/popt.c
++++ b/src/popt.c
+@@ -210,7 +210,10 @@ void poptResetContext(poptContext con)
+     con->os->currAlias = NULL;
+     con->os->nextCharArg = NULL;
+     con->os->nextArg = _free(con->os->nextArg);
+-    con->os->next = 1;			/* skip argv[0] */
++    if (!(con->flags & POPT_CONTEXT_KEEP_FIRST))
++	con->os->next = 1;		/* skip argv[0] */
++    else
++	con->os->next = 0;
+ 
+     con->numLeftovers = 0;
+     con->nextLeftover = 0;
+-- 
+2.27.0
+

backport-Fix-incorrect-handling-of-leftovers-with-poptStuffAr.patch

@@ -0,0 +1,87 @@
+From 7219e1ddc1e8606dda18c1105df0d45d8e8e0e09 Mon Sep 17 00:00:00 2001
+From: Richard Levitte <richard@levitte.org>
+Date: Mon, 29 Jun 2020 11:56:00 -0400
+Subject: [PATCH] Fix incorrect handling of leftovers with poptStuffArgs
+
+If poptStuffArgs() is used twice with the same context, it will invariably
+cause memory corruption and possibly memory leaks or a crash.
+
+Change the allocation of leftOvers so it adapts to the input on the fly
+instead of trying to pre-allocate it in one go.
+---
+ src/popt.c    | 24 ++++++++++++++++++++++--
+ src/poptint.h |  1 +
+ 2 files changed, 23 insertions(+), 2 deletions(-)
+
+diff --git a/src/popt.c b/src/popt.c
+index b7d9478..ab7b54f 100644
+--- a/src/popt.c
++++ b/src/popt.c
+@@ -168,6 +168,7 @@ poptContext poptGetContext(const char * name, int argc, const char ** argv,
+ 	con->os->next = 1;		/* skip argv[0] */
+ 
+     con->leftovers = calloc( (size_t)(argc + 1), sizeof(*con->leftovers) );
++    con->allocLeftovers = argc + 1;
+     con->options = options;
+     con->aliases = NULL;
+     con->numAliases = 0;
+@@ -1272,8 +1273,21 @@ int poptGetNextOpt(poptContext con)
+ 		    con->os->nextArg = xstrdup(origOptString);
+ 		    return 0;
+ 		}
+-		if (con->leftovers != NULL)	/* XXX can't happen */
+-		    con->leftovers[con->numLeftovers++] = origOptString;
++		if (con->leftovers != NULL) {	/* XXX can't happen */
++		    /* One might think we can never overflow the leftovers
++		       array.  Actually, that's true, as long as you don't
++		       use poptStuffArgs()... */
++		    if ((con->numLeftovers + 1) >= (con->allocLeftovers)) {
++			con->allocLeftovers += 10;
++			con->leftovers =
++			    realloc(con->leftovers,
++				    sizeof(*con->leftovers) * con->allocLeftovers);
++		    }
++		    con->leftovers[con->numLeftovers++]
++			= xstrdup(origOptString); /* so a free of a stuffed
++						     argv doesn't give us a
++						     dangling pointer */
++		}
+ 		continue;
+ 	    }
+ 
+@@ -1521,6 +1535,8 @@ poptItem poptFreeItems(poptItem items, int nitems)
+ 
+ poptContext poptFreeContext(poptContext con)
+ {
++    int i;
++
+     if (con == NULL) return con;
+     poptResetContext(con);
+ 
+@@ -1530,7 +1546,11 @@ poptContext poptFreeContext(poptContext con)
+     con->execs = poptFreeItems(con->execs, con->numExecs);
+     con->numExecs = 0;
+ 
++    for (i = 0; i < con->numLeftovers; i++) {
++        con->leftovers[i] = _free(&con->leftovers[i]);
++    }
+     con->leftovers = _free(con->leftovers);
++
+     con->finalArgv = _free(con->finalArgv);
+     con->appName = _free(con->appName);
+     con->otherHelp = _free(con->otherHelp);
+diff --git a/src/poptint.h b/src/poptint.h
+index b64e123..d4d6e90 100644
+--- a/src/poptint.h
++++ b/src/poptint.h
+@@ -94,6 +94,7 @@ struct poptContext_s {
+     struct optionStackEntry * os;
+     poptArgv leftovers;
+     int numLeftovers;
++    int allocLeftovers;
+     int nextLeftover;
+     const struct poptOption * options;
+     int restLeftover;
+-- 
+2.27.0
+

change-pkgconfigdir-from-lib-to-lib64.patch

@@ -1,39 +0,0 @@
-From 14fbe53b773ef0baed3f3e13fa02c246a98e29b2 Mon Sep 17 00:00:00 2001
-From: openEuler Buildteam <buildteam@openeuler.org>
-Date: Tue, 31 Dec 2019 22:27:16 +0800
-Subject: [PATCH] change pkgconfigdir from lib to lib64
-
----
- Makefile.am | 2 +-
- Makefile.in | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/Makefile.am b/Makefile.am
-index d7aec9e..50ad731 100644
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -47,7 +47,7 @@ usrlib_LTLIBRARIES = libpopt.la
- libpopt_la_SOURCES = popt.c poptparse.c poptconfig.c popthelp.c poptint.c
- libpopt_la_LDFLAGS = -no-undefined @LTLIBINTL@ @LTLIBICONV@
- 
--pkgconfigdir = $(prefix)/lib/pkgconfig
-+pkgconfigdir = $(prefix)/lib64/pkgconfig
- pkgconfig_DATA = popt.pc
- 
- if HAVE_LD_VERSION_SCRIPT
-diff --git a/Makefile.in b/Makefile.in
-index 2e6890d..2620636 100644
---- a/Makefile.in
-+++ b/Makefile.in
-@@ -370,7 +370,7 @@ usrlib_LTLIBRARIES = libpopt.la
- libpopt_la_SOURCES = popt.c poptparse.c poptconfig.c popthelp.c poptint.c
- libpopt_la_LDFLAGS = -no-undefined @LTLIBINTL@ @LTLIBICONV@ \
- 	$(am__append_1)
--pkgconfigdir = $(prefix)/lib/pkgconfig
-+pkgconfigdir = $(prefix)/lib64/pkgconfig
- pkgconfig_DATA = popt.pc
- man_MANS = popt.3
- BUILT_SOURCES = popt.pc # popt.lcd
--- 
-1.8.3.1
-

fix-coverity-CID-1057440-Unused-pointer-value-UNUSED.patch

@@ -5,13 +5,13 @@ Subject: [PATCH 141/157] fix coverity CID 1057440: Unused pointer value
  (UNUSED_VALUE)
 
 ---
- popt.c | 2 +-
+ src/popt.c | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
-diff --git a/popt.c b/popt.c
+diff --git a/src/popt.c b/src/popt.c
 index adb70b5..5dc6812 100644
---- a/popt.c
-+++ b/popt.c
+--- a/src/popt.c
++++ b/src/popt.c
 @@ -1692,7 +1692,7 @@ assert(s);	/* XXX can't happen */
  		if (opt->longName) {
  		    if (!F_ISSET(opt, ONEDASH))

fix-handle-newly-added-asset-.-call-like-elsewhere.patch

@@ -5,14 +5,14 @@ Subject: [PATCH 123/157] - fix: handle newly added asset(...) call like
  elsewhere.
 
 ---
- poptconfig.c | 8 +++++++-
+ src/poptconfig.c | 8 +++++++-
  1 file changed, 7 insertions(+), 1 deletion(-)
 
-diff --git a/poptconfig.c b/poptconfig.c
-index 0a9a50d..fad03c5 100644
---- a/poptconfig.c
-+++ b/poptconfig.c
-@@ -74,6 +74,12 @@ glob_pattern_p (const char * pattern, int quote)
+diff --git a/src/poptconfig.c b/src/poptconfig.c
+index 9d97ccd..f780974 100644
+--- a/src/poptconfig.c
++++ b/src/poptconfig.c
+@@ -52,6 +52,12 @@ glob_pattern_p (const char * pattern, int quote)
  }
  #endif	/* !defined(__GLIBC__) */
  
@@ -22,18 +22,18 @@ index 0a9a50d..fad03c5 100644
 +#define assert(_x)
 +#endif
 +
- /*@unchecked@*/
  static int poptGlobFlags = 0;
  
-@@ -332,7 +338,7 @@ static int poptConfigLine(poptContext con, char * line)
+ static int poptGlob_error(UNUSED(const char * epath),
+@@ -286,7 +292,7 @@ static int poptConfigLine(poptContext con, char * line)
  		longName++;
  	    else
  		longName = fn;
 -	    if (longName == NULL)	/* XXX can't happen. */
-+assert(longName != NULL);	/* XXX can't happen. */
++assert(longName != NULL);      /* XXX can't happen. */
  		goto exit;
  	    /* Single character basenames are treated as short options. */
  	    if (longName[1] != '\0')
 -- 
-2.19.1
+1.8.3.1
 

fix-obscure-iconv-mis-call-error-path-could-lead-to-.patch

@@ -5,13 +5,13 @@ Subject: [PATCH 051/157] - fix: obscure iconv mis-call error path could lead
  to strdup(NULL) (coverity).
 
 ---
- poptint.c | 2 +-
+ src/poptint.c | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
-diff --git a/poptint.c b/poptint.c
+diff --git a/src/poptint.c b/src/poptint.c
 index 5e09fa4..67f0051 100644
---- a/poptint.c
-+++ b/poptint.c
+--- a/src/poptint.c
++++ b/src/poptint.c
 @@ -145,7 +145,7 @@ assert(dstr);	/* XXX can't happen */
  	}
  	(void) iconv_close(cd);

fix-permit-reading-aliases-remove-left-over-goto-exi.patch

@@ -5,21 +5,21 @@ Subject: [PATCH 135/157] - fix: permit reading aliases, remove left over "goto
  exit" replacing by assert.
 
 ---
- poptconfig.c | 1 -
+ src/poptconfig.c | 1 -
  1 file changed, 1 deletion(-)
 
-diff --git a/poptconfig.c b/poptconfig.c
-index fad03c5..b8e1da6 100644
---- a/poptconfig.c
-+++ b/poptconfig.c
-@@ -339,7 +339,6 @@ static int poptConfigLine(poptContext con, char * line)
+diff --git a/src/poptconfig.c b/src/poptconfig.c
+index f780974..73d44e5 100644
+--- a/src/poptconfig.c
++++ b/src/poptconfig.c
+@@ -293,7 +293,6 @@ static int poptConfigLine(poptContext con, char * line)
  	    else
  		longName = fn;
- assert(longName != NULL);	/* XXX can't happen. */
+ assert(longName != NULL);      /* XXX can't happen. */
 -		goto exit;
  	    /* Single character basenames are treated as short options. */
  	    if (longName[1] != '\0')
  		item->option.longName = longName;
--- 
+--
 2.19.1
 

popt-1.16-execfail.patch

@@ -1,71 +0,0 @@
-Patch by Panu Matilainen <pmatilai@redhat.com> for popt <= 1.16 which kludges
-poptBadOption() to return something semi-meaningful on exec alias fail:
-
-- poptBadOption() is totally unaware of exec alias failures, and will return
-  either the first argument or last option, giving wonderfully misleading error
-  messages (#697435, #710267).
-- Remember execvp() first argument on failure and return that from
-  poptBadOption() if present to give the user a reasonable clue what exactly
-  went wrong.
-
-This patch was proposed to upstream: http://rpm5.org/community/popt-devel/0264.html
-
---- popt-1.16/popt.c				2010-01-19 01:39:10.000000000 +0100
-+++ popt-1.16/popt.c.execfail			2013-11-24 15:50:06.000000000 +0100
-@@ -192,6 +192,7 @@
-     con->flags = flags;
-     con->execs = NULL;
-     con->numExecs = 0;
-+    con->execFail = NULL;
-     con->finalArgvAlloced = argc * 2;
-     con->finalArgv = calloc( (size_t)con->finalArgvAlloced, sizeof(*con->finalArgv) );
-     con->execAbsolute = 1;
-@@ -236,6 +237,7 @@
-     con->nextLeftover = 0;
-     con->restLeftover = 0;
-     con->doExec = NULL;
-+    con->execFail = _free(con->execFail);
- 
-     if (con->finalArgv != NULL)
-     for (i = 0; i < con->finalArgvCount; i++) {
-@@ -564,6 +566,7 @@
- /*@-nullstate@*/
-     rc = execvp(argv[0], (char *const *)argv);
- /*@=nullstate@*/
-+    con->execFail = xstrdup(argv[0]);
- 
- exit:
-     if (argv) {
-@@ -1697,11 +1700,19 @@
- const char * poptBadOption(poptContext con, unsigned int flags)
- {
-     struct optionStackEntry * os = NULL;
-+    const char *badOpt = NULL;
- 
--    if (con != NULL)
--	os = (flags & POPT_BADOPTION_NOALIAS) ? con->optionStack : con->os;
-+    if (con != NULL) {
-+       /* Stupid hack to return something semi-meaningful from exec failure */
-+       if (con->execFail) {
-+           badOpt = con->execFail;
-+       } else {
-+           os = (flags & POPT_BADOPTION_NOALIAS) ? con->optionStack : con->os;
-+           badOpt = os->argv[os->next - 1];
-+       }
-+    }
- 
--    return (os != NULL && os->argv != NULL ? os->argv[os->next - 1] : NULL);
-+    return badOpt;
- }
- 
- const char * poptStrerror(const int error)
---- popt-1.16/poptint.h				2010-01-19 01:39:10.000000000 +0100
-+++ popt-1.16/poptint.h.execfail		2013-11-24 15:50:38.000000000 +0100
-@@ -132,6 +132,7 @@
- /*@owned@*/ /*@null@*/
-     poptItem execs;
-     int numExecs;
-+    char * execFail;
- /*@only@*/ /*@null@*/
-     poptArgv finalArgv;
-     int finalArgvCount;

popt-1.16-glob-error.patch

@@ -1,24 +0,0 @@
-Backport of upstream http://rpm5.org/cvs/chngview?cn=19258
-
---- popt-1.16/poptconfig.c			2009-05-20 15:18:07.000000000 +0200
-+++ popt-1.16/poptconfig.c.glob-error		2017-10-12 23:33:28.868435647 +0200
-@@ -108,7 +108,7 @@
-     if (glob_pattern_p(pat, 0)) {
- 	glob_t _g, *pglob = &_g;
- 
--	if (!glob(pat, poptGlobFlags, poptGlob_error, pglob)) {
-+	if (!(rc = glob(pat, poptGlobFlags, poptGlob_error, pglob))) {
- 	    if (acp) {
- 		*acp = (int) pglob->gl_pathc;
- 		pglob->gl_pathc = 0;
-@@ -122,6 +122,10 @@
- /*@-nullstate@*/
- 	    globfree(pglob);
- /*@=nullstate@*/
-+       } else if (rc == GLOB_NOMATCH) {
-+	    *avp = NULL;
-+	    *acp = 0;
-+	    rc = 0;
- 	} else
- 	    rc = POPT_ERROR_ERRNO;
-     } else

popt-1.16-nextarg-memleak.patch

@@ -1,79 +0,0 @@
-From 6fcb24d785a2c2d626bac6999aee6b3ab368be15 Mon Sep 17 00:00:00 2001
-From: Peter Jones <pjones@redhat.com>
-Date: Fri, 28 Jul 2017 16:11:40 -0400
-Subject: [PATCH] Don't leak the last argument expanded by expandNextArg()
-
-While using POPT_ARG_ARGV, I noticed this in valgrind's leak checker:
-
-==1738== HEAP SUMMARY:
-==1738==     in use at exit: 8 bytes in 1 blocks
-==1738==   total heap usage: 94 allocs, 93 frees, 42,319 bytes allocated
-==1738==
-==1738== 8 bytes in 1 blocks are definitely lost in loss record 1 of 1
-==1738==    at 0x4C2EB6B: malloc (vg_replace_malloc.c:299)
-==1738==    by 0x4E3DF47: expandNextArg (popt.c:699)
-==1738==    by 0x4E3F681: poptGetNextOpt (popt.c:1501)
-==1738==    by 0x401F72: main (bingrep.c:433)
-==1738==
-==1738== LEAK SUMMARY:
-==1738==    definitely lost: 8 bytes in 1 blocks
-==1738==    indirectly lost: 0 bytes in 0 blocks
-==1738==      possibly lost: 0 bytes in 0 blocks
-==1738==    still reachable: 0 bytes in 0 blocks
-==1738==         suppressed: 0 bytes in 0 blocks
-
-My command line argument is a 7-byte string, and on first glance, it
-appears this is because both expandNextArg() and poptSaveString()
-duplicate the string.  The copy from poptSaveString() is the consuming
-program's responsibility to free, but the intermediate pointer is popt's
-responsibility.
-
-Upon further examination, it appears popt normally does free this
-string, but it only does it on the next entry to poptGetNextOpt(), and
-on cleanOSE() in the case if we're not already at the bottom of
-con->OptionStack.
-
-This patch modifies poptResetContext() to ensure we'll always attempt to
-free con->os->nextArg regardless of our position in the OptionStack, and
-removes the duplicate free of con->os->argb in poptFreeContext(), as
-it's called unconditionally by the poptResetContext() call on the
-previous line.
-
-This ensures that if poptGetNextOpt() isn't re-intered, poptFreeContext()
-will free the memory that was allocated.  Now valgrind tells me:
-
-==31734== HEAP SUMMARY:
-==31734==     in use at exit: 0 bytes in 0 blocks
-==31734==   total heap usage: 94 allocs, 94 frees, 42,319 bytes allocated
-==31734==
-==31734== All heap blocks were freed -- no leaks are possible
-
-Signed-off-by: Peter Jones <pjones@redhat.com>
----
- popt.c | 3 +--
- 1 file changed, 1 insertion(+), 2 deletions(-)
-
-diff --git a/popt.c b/popt.c
-index 1a53f40..72fbf5c 100644
---- a/popt.c
-+++ b/popt.c
-@@ -230,7 +230,7 @@ void poptResetContext(poptContext con)
-     con->os->argb = PBM_FREE(con->os->argb);
-     con->os->currAlias = NULL;
-     con->os->nextCharArg = NULL;
--    con->os->nextArg = NULL;
-+    con->os->nextArg = _free(con->os->nextArg);
-     con->os->next = 1;			/* skip argv[0] */
- 
-     con->numLeftovers = 0;
-@@ -1617,7 +1617,6 @@ poptContext poptFreeContext(poptContext con)
- {
-     if (con == NULL) return con;
-     poptResetContext(con);
--    con->os->argb = _free(con->os->argb);
- 
-     con->aliases = poptFreeItems(con->aliases, con->numAliases);
-     con->numAliases = 0;
--- 
-2.13.3
-

popt.spec

@@ -1,18 +1,17 @@
 Name:		popt
-Version:	1.16
-Release:        17
+Version:	1.18
+Release:        3
 Summary:	C library for parsing command line parameters
 License:	MIT
-URL:		http://www.rpm5.org
-Source0:	http://www.rpm5.org/files/%{name}/%{name}-%{version}.tar.gz
-Patch0:		change-pkgconfigdir-from-lib-to-lib64.patch
-Patch1:		popt-1.16-execfail.patch
-Patch2:		popt-1.16-nextarg-memleak.patch
-Patch3:		popt-1.16-glob-error.patch
-Patch9000: 	fix-obscure-iconv-mis-call-error-path-could-lead-to-.patch
-Patch9001: 	fix-handle-newly-added-asset-.-call-like-elsewhere.patch
-Patch9002: 	fix-permit-reading-aliases-remove-left-over-goto-exi.patch
-Patch9003: 	fix-coverity-CID-1057440-Unused-pointer-value-UNUSED.patch
+URL:		https://github.com/rpm-software-management/popt/
+Source0:        http://ftp.rpm.org/%{name}/releases/%{name}-1.x/%{name}-%{version}.tar.gz
+
+Patch0: 	fix-obscure-iconv-mis-call-error-path-could-lead-to-.patch
+Patch1: 	fix-handle-newly-added-asset-.-call-like-elsewhere.patch
+Patch2: 	fix-permit-reading-aliases-remove-left-over-goto-exi.patch
+Patch3: 	fix-coverity-CID-1057440-Unused-pointer-value-UNUSED.patch
+Patch4: 	backport-Consider-POPT_CONTEXT_KEEP_FIRST-during-reset.patch
+Patch5: 	backport-Fix-incorrect-handling-of-leftovers-with-poptStuffAr.patch
 
 BuildRequires:	gcc git gettext
 
@@ -82,6 +81,18 @@ make check
 %{_mandir}/man3/%{name}.3.gz
 
 %changelog
+* Thu Aug 18 2022 zhangruifang <zhangruifang1@h-partners.com> - 1.18-3
+- Revert fix memory leak regressions in popt
+
+* Mon Aug 15 2022 panxiaohe <panxh.life@foxmail.com> - 1.18-2
+- Fix incorrect handling of leftovers with poptStuffArgs and memory leak
+
+* Sat Jul 25 2020 zhangxingliang <zhangxingliang3@huawei.com> - 1.18-1
+- Type:update
+- ID:NA
+- SUG:NA
+- DESC:update to 1.18
+
 * Tue Dec 31 2019 openEuler Buildteam <buildteam@openeuler.org> - 1.16-17
 - Strenthen spec
 

popt.yaml

@@ -1,4 +1,4 @@
 version_control: github
-src_repo: rpm-software-namegement/popt
-tag_prefix: ^popt-
-seperator: "_"
+src_repo: rpm-software-management/popt
+tag_pattern: popt-(.*)-release
+seperator: "."