integ/security/openscap/debian/deb_folder/patches/remove-superfluous-strdup.patch

From: jan Cerny <jcerny@redhat.com>
Date: Thu, 27 Jan 2022 15:09:02 +0100
Subject: [PATCH] Remove superfluous strdup

We can do this because xccdf_session_set_rule calls strdup on the rule
parameter internally.

Addressing:

Error: RESOURCE_LEAK (CWE-772): [#def2] [important]
openscap-1.3.6/build/swig/python3/CMakeFiles/_openscap_py.dir/openscapPYTHON_wrap.c:4148: alloc_fn: Storage is returned from allocation function "strdup".
openscap-1.3.6/build/swig/python3/CMakeFiles/_openscap_py.dir/openscapPYTHON_wrap.c:4148: var_assign: Assigning: "n_rule" = storage returned from "strdup(rule)".
openscap-1.3.6/build/swig/python3/CMakeFiles/_openscap_py.dir/openscapPYTHON_wrap.c:4149: noescape: Resource "n_rule" is not freed or pointed-to in "xccdf_session_set_rule".
openscap-1.3.6/build/swig/python3/CMakeFiles/_openscap_py.dir/openscapPYTHON_wrap.c:4150: leaked_storage: Variable "n_rule" going out of scope leaks the storage it points to.
 4148|       char *n_rule = strdup(rule);
 4149|       xccdf_session_set_rule(sess, n_rule);
 4150|-> }
 4151|
 4152|   void xccdf_session_free_py(struct xccdf_session *sess){

Origin: upstream, https://github.com/OpenSCAP/openscap/commit/d3e7d5be1fcd55ef396de6070f877df0f2c2c58e
---
 swig/openscap.i | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/swig/openscap.i b/swig/openscap.i
index 2fe1cce99e..158a226757 100644
--- a/swig/openscap.i
+++ b/swig/openscap.i
@@ -559,8 +559,7 @@ struct xccdf_session {
 };
 
 void xccdf_session_set_rule_py(struct xccdf_session  *sess, char *rule) {
-    char *n_rule = strdup(rule);
-    xccdf_session_set_rule(sess, n_rule);
+    xccdf_session_set_rule(sess, rule);
 }
 
 void xccdf_session_free_py(struct xccdf_session *sess){