diff --git a/at-3.2.23-coverity-fix.patch b/at-3.2.23-coverity-fix.patch new file mode 100644 index 0000000..119f2d5 --- /dev/null +++ b/at-3.2.23-coverity-fix.patch @@ -0,0 +1,115 @@ +From 4be4813262b3b57a95a5f3ce909d30741aa3ac72 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jan=20Stan=C4=9Bk?= +Date: Fri, 9 Apr 2021 16:47:33 +0200 +Subject: [PATCH] Address issues raised by static analysis +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Jan Staněk +--- + at.c | 22 ++++++++++++++++++---- + daemon.c | 21 ++++++++++++++------- + 2 files changed, 32 insertions(+), 11 deletions(-) + +diff --git a/at.c b/at.c +index df55dc9..0c74e2e 100644 +--- a/at.c ++++ b/at.c +@@ -545,17 +545,27 @@ writefile(time_t runtimer, char queue) + return; + } + +- if (fstat(fd, &statbuf) == -1) ++ if (fstat(fd, &statbuf) == -1) { ++ close(fd); + return; ++ } + if ((statbuf.st_uid != 0) || !S_ISREG(statbuf.st_mode) || +- (statbuf.st_mode & (S_IWGRP | S_IWOTH))) ++ (statbuf.st_mode & (S_IWGRP | S_IWOTH))) { ++ close(fd); + return; ++ } + + fp = fdopen(fd, "r"); +- if (fp == NULL) ++ if (fp == NULL) { ++ close(fd); + return; +- if (fscanf(fp, "%d", &pid) != 1) ++ } ++ if (fscanf(fp, "%d", &pid) != 1) { ++ fclose(fp); + return; ++ } else { ++ fclose(fp); ++ } + + kill_errno = 0; + +@@ -640,6 +650,8 @@ list_jobs(void) + else + printf("%ld\t%s %c\n", jobno, timestr, queue); + } ++ closedir(spool); ++ + PRIV_END + } + +@@ -722,6 +734,8 @@ process_jobs(int argc, char **argv, int what) + putchar(ch); + } + done = 1; ++ fclose(fp); ++ fp = NULL; + } + else { + perr("Cannot open %.500s", dirent->d_name); +diff --git a/daemon.c b/daemon.c +index 4003b56..bc8191e 100644 +--- a/daemon.c ++++ b/daemon.c +@@ -122,18 +122,23 @@ daemon_setup() + /* Set up standard daemon environment */ + pid_t pid; + mode_t old_umask; +- int fd; ++ int fd, devnull; + FILE *fp; + + if (!daemon_debug) { +- close(0); +- close(1); +- close(2); +- if ((open("/dev/null", O_RDWR) != 0) || +- (open("/dev/null", O_RDWR) != 1) || +- (open("/dev/null", O_RDWR) != 2)) { ++ devnull = open("/dev/null", O_RDWR); ++ if (devnull == -1) { + perr("Error redirecting I/O"); + } ++ ++ if ((dup2(devnull, 0) == -1) || ++ (dup2(devnull, 1) == -1) || ++ (dup2(devnull, 2) == -1)) { ++ close(devnull); ++ perr("Error redirecting I/O"); ++ } else { ++ close(devnull); ++ } + } + + if (daemon_foreground) +@@ -208,6 +213,8 @@ daemon_setup() + fcntl(fd, F_SETFD, FD_CLOEXEC); + PRIV_END + ++ /* See the above comment. */ ++ /* coverity[leaked_storage: FALSE] */ + return; + } + +-- +2.31.1 + diff --git a/at.spec b/at.spec index 8239867..a20f3c0 100644 --- a/at.spec +++ b/at.spec @@ -3,7 +3,7 @@ Summary: Job spooling tools Name: at Version: 3.1.23 -Release: 7%{?dist} +Release: 8%{?dist} # http://packages.debian.org/changelogs/pool/main/a/at/current/copyright # + install-sh is MIT license with changes under Public Domain License: GPLv3+ and GPLv2+ and ISC and MIT and Public Domain @@ -32,6 +32,7 @@ Patch: at-3.1.18-utc-dst.patch Patch: at-3.1.20-lock-locks.patch Patch: at-3.1.23-document-n.patch Patch: at-3.1.20-log-jobs.patch +Patch: at-3.2.23-coverity-fix.patch BuildRequires: gcc BuildRequires: flex flex-static bison autoconf @@ -166,6 +167,9 @@ chown root:root %{_localstatedir}/spool/at/.SEQ %attr(0644,root,root) /%{_unitdir}/atd.service %changelog +* Fri Apr 16 2021 Jan Staněk - 3.1.23-8 +- Patch issues found by coverity (rhbz#1938678) + * Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek - 3.1.23-7 - Rebuilt for updated systemd-rpm-macros See https://pagure.io/fesco/issue/2583.