make acl compatible with -D_FORTIFY_SOURCE=3
Resolves: rhbz#2249839
This commit is contained in:
parent
07b51b662e
commit
9c90b66b09
@ -0,0 +1,81 @@
|
||||
From 6f9b9246ee91eaf09c3774ff95950624ef818476 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Zaoral?= <lzaoral@redhat.com>
|
||||
Date: Tue, 31 Oct 2023 10:02:52 +0100
|
||||
Subject: libobj: declare s_str directly in string_obj_tag
|
||||
|
||||
... to make libacl compatible with -D_FORTIFY_SOURCE=3. Otherwise, any call
|
||||
to __acl_to_any_text would terminate the given process because the
|
||||
fortification has a limited support for zero-length arrays nested in structs,
|
||||
as noted in the linked GCC Bugzilla. GCC devs suggested that this should be
|
||||
fixed in libacl rather than in GCC itself.
|
||||
|
||||
Related: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104964#c15
|
||||
Resolves: https://savannah.nongnu.org/bugs/index.php?62519
|
||||
---
|
||||
libacl/__acl_to_any_text.c | 10 +++++-----
|
||||
libacl/libobj.h | 7 +------
|
||||
2 files changed, 6 insertions(+), 11 deletions(-)
|
||||
|
||||
diff --git a/libacl/__acl_to_any_text.c b/libacl/__acl_to_any_text.c
|
||||
index f2b8088..bfad12d 100644
|
||||
--- a/libacl/__acl_to_any_text.c
|
||||
+++ b/libacl/__acl_to_any_text.c
|
||||
@@ -64,7 +64,7 @@ __acl_to_any_text(acl_t acl, ssize_t *len_p, const char *prefix,
|
||||
FOREACH_ACL_ENTRY(entry_obj_p, acl_obj_p) {
|
||||
repeat:
|
||||
entry_len = acl_entry_to_any_str(int2ext(entry_obj_p),
|
||||
- string_obj_p->sstr + len,
|
||||
+ string_obj_p->s_str + len,
|
||||
size-len,
|
||||
int2ext(mask_obj_p),
|
||||
prefix,
|
||||
@@ -81,20 +81,20 @@ __acl_to_any_text(acl_t acl, ssize_t *len_p, const char *prefix,
|
||||
goto repeat;
|
||||
} else
|
||||
len += entry_len;
|
||||
- string_obj_p->sstr[len] = separator;
|
||||
+ string_obj_p->s_str[len] = separator;
|
||||
len++;
|
||||
}
|
||||
if (len)
|
||||
len--;
|
||||
if (len && suffix) {
|
||||
- strcpy(string_obj_p->sstr + len, suffix);
|
||||
+ strcpy(string_obj_p->s_str + len, suffix);
|
||||
len += suffix_len;
|
||||
} else
|
||||
- string_obj_p->sstr[len] = '\0';
|
||||
+ string_obj_p->s_str[len] = '\0';
|
||||
|
||||
if (len_p)
|
||||
*len_p = len;
|
||||
- return (char *)int2ext(string_obj_p);
|
||||
+ return string_obj_p ? string_obj_p->s_str : NULL;
|
||||
|
||||
fail:
|
||||
free_obj_p(string_obj_p);
|
||||
diff --git a/libacl/libobj.h b/libacl/libobj.h
|
||||
index c41d5f9..84929cf 100644
|
||||
--- a/libacl/libobj.h
|
||||
+++ b/libacl/libobj.h
|
||||
@@ -76,16 +76,11 @@ struct string_obj_tag;
|
||||
typedef struct string_obj_tag string_obj;
|
||||
|
||||
/* string object */
|
||||
-struct __string_ext {
|
||||
- char s_str[0];
|
||||
-};
|
||||
struct string_obj_tag {
|
||||
obj_prefix o_prefix;
|
||||
- struct __string_ext i;
|
||||
+ char s_str[0];
|
||||
};
|
||||
|
||||
-#define sstr i.s_str
|
||||
-
|
||||
/* object creation, destruction, conversion and validation */
|
||||
void *__new_var_obj_p(int magic, size_t size) hidden;
|
||||
void __new_obj_p_here(int magic, void *here) hidden;
|
||||
--
|
||||
cgit v1.1
|
||||
|
12
acl.spec
12
acl.spec
@ -1,10 +1,7 @@
|
||||
# https://savannah.nongnu.org/bugs/index.php?62519
|
||||
%define _fortify_level 2
|
||||
|
||||
Summary: Access control list utilities
|
||||
Name: acl
|
||||
Version: 2.3.1
|
||||
Release: 10%{?dist}
|
||||
Release: 11%{?dist}
|
||||
BuildRequires: gawk
|
||||
BuildRequires: gcc
|
||||
BuildRequires: gettext
|
||||
@ -29,6 +26,10 @@ Patch2: 0002-add-georgian.patch
|
||||
# https://git.savannah.nongnu.org/cgit/acl.git/commit/?id=7ce89c695e76ec41fcebd83f8b728f63b0361a2d
|
||||
Patch3: 0003-acl-2.3.1-setfacl-preserve-failed-status.patch
|
||||
|
||||
# make acl compatible with -D_FORTIFY_SOURCE=3 (rhbz#2249839)
|
||||
# https://git.savannah.nongnu.org/cgit/acl.git/commit/?id=6f9b9246ee91eaf09c3774ff95950624ef818476
|
||||
Patch4: 0004-acl-2.3.1-libobj-declare-s_str-directly-in-string_obj_tag.patch
|
||||
|
||||
License: GPL-2.0-or-later AND LGPL-2.1-or-later
|
||||
URL: https://savannah.nongnu.org/projects/acl
|
||||
|
||||
@ -137,6 +138,9 @@ rm -rf $RPM_BUILD_ROOT%{_docdir}/%{name}*
|
||||
%{_libdir}/libacl.so.*
|
||||
|
||||
%changelog
|
||||
* Fri Dec 01 2023 Lukáš Zaoral <lzaoral@redhat.com> - 2.3.1-11
|
||||
- make acl compatible with -D_FORTIFY_SOURCE=3 (rhbz#2249839)
|
||||
|
||||
* Fri Oct 06 2023 Lukáš Zaoral <lzaoral@redhat.com> - 2.3.1-10
|
||||
- preserve failed setfacl return code (RHEL-3909)
|
||||
- make the license tag more precise
|
||||
|
Loading…
Reference in New Issue
Block a user