Raise fortification level to 3

Fix bad way of reallocation when reading from stdin
2023-02-28 16:42:43 +01:00 · 2023-02-28 16:42:43 +01:00 · 684b717191
commit 684b717191
parent f46853a5d6
2 changed files with 103 additions and 5 deletions
--- a/autogen-fortify.patch
+++ b/autogen-fortify.patch
@ -0,0 +1,95 @@
+commit 772b282a4e858a27af610bcdcc8b66925cbf1a83
+Author: Tomas Korbar <tkorbar@redhat.com>
+Date:   Tue Feb 28 16:08:13 2023 +0100
+
+    avoid GCC code analysis bug
+
+diff --git a/agen5/defLoad.c b/agen5/defLoad.c
+index 0215857..b687263 100644
+--- a/agen5/defLoad.c
+++ b/agen5/defLoad.c
+@@ -448,17 +448,28 @@ read_defs(void)
+     FILE *        fp;
+     def_input_mode_t in_mode = ready_def_input(&def_fname, &data_sz);
+ 
+    /*
+     * "ready_def_input" has a lot of side effects. It's possible that
+     * there are no definitions, so "in_mode" is set to DONE and there's
+     * nothing to do.
+     */
+     if (in_mode == INPUT_DONE)
+         return;
+ 
+     /*
+      *  Allocate the space we need for our definitions.
+     * "data_sz" was set by read_def_input to the size of the
+     * definitions file (or 4096 if we're reading from a fifo file).
+     * In that alternate case, we'll start the input size at 4096 bytes.
+     * The allocation includes space for context and a NUL byte or two
+      */
+-    rem_sz = data_sz+4+sizeof(*base_ctx);
+-    base_ctx = (scan_ctx_t *)AGALOC(rem_sz, "file buf");
+-    memset(VOIDP(base_ctx), 0, rem_sz);
+    {
+        size_t sz = data_sz + sizeof(long) + sizeof(*base_ctx);
+        base_ctx = (scan_ctx_t *)AGALOC(sz, "file buf");
+        memset(VOIDP(base_ctx), 0, sz);
+    }
+     base_ctx->scx_line = 1;
+-    rem_sz = data_sz;
+    rem_sz = data_sz; // size available for storing def text
+ 
+     /*
+      *  Our base context will have its currency pointer set to this
+@@ -482,6 +493,9 @@ read_defs(void)
+         if (fp == NULL)
+             AG_CANT(READ_DEF_OPEN, def_fname);
+ 
+        /*
+         * If we're emitting dependency information, then do so.
+         */
+         if (dep_fp != NULL)
+             add_source_file(def_fname);
+     }
+@@ -516,8 +530,7 @@ read_defs(void)
+          *  See if there is any space left
+          */
+         if (rem_sz == 0) {
+-            scan_ctx_t * p;
+-            off_t dataOff;
+            off_t scan_off;
+ 
+             /*
+              *  IF it is a regular file, then we are done
+@@ -527,24 +540,16 @@ read_defs(void)
+ 
+             /*
+              *  We have more data and we are out of space.
+-             *  Try to reallocate our input buffer.
+             *  AGREALOC will succeed or not return.
+              */
+             data_sz += (rem_sz = 0x1000);
+-            dataOff = data - base_ctx->scx_data;
+-            p = AGREALOC(VOIDP(base_ctx), data_sz + 4 + sizeof(*base_ctx),
+-                         "expand f buf");
+            scan_off = data - base_ctx->scx_data;
+            base_ctx = AGREALOC(VOIDP(base_ctx), data_sz + 4 + sizeof(*base_ctx),
+                                "expand f buf");
+ 
+-            /*
+-             *  The buffer may have moved.  Set the data pointer at an
+-             *  offset within the new buffer and make sure our base pointer
+-             *  has been corrected as well.
+-             */
+-            if (p != base_ctx) {
+-                p->scx_scan = \
+-                    p->scx_data = (char *)(p + 1);
+-                data = p->scx_data + dataOff;
+-                base_ctx = p;
+-            }
+            base_ctx->scx_scan = \
+                base_ctx->scx_data = (char *)(base_ctx + 1);
+            data = base_ctx->scx_data + scan_off;
+         }
+     }
+ 
--- a/autogen.spec
+++ b/autogen.spec
@ -1,11 +1,7 @@
-%define _fortify_level 2
-# untill this https://bugzilla.redhat.com/show_bug.cgi?id=2173623 is
-# resolved, we will keep fortification on level 2
-
 Summary:	Automated text file generator
 Name:		autogen
 Version:	5.18.16
-Release:	14%{?dist}
+Release:	15%{?dist}
 # Some files are licensed under GPLv2+.
 # We redistribute them under GPLv3+.
 License:	GPLv3+
@ -17,6 +13,8 @@ Patch0:		autogen-multilib.patch
 # Fix gcc error on overlapping strings
 Patch1:		autogen-overlap.patch
 Patch2:		autogen-configure-c99.patch
+# https://sourceforge.net/p/autogen/bugs/212/
+Patch3:		autogen-fortify.patch

 Requires:	%{name}-libopts%{?_isa} = %{version}-%{release}

@ -74,6 +72,7 @@ This package contains development files for libopts.
 %patch0 -p1 -b .multilib
 %patch1 -p1 -b .overlap
 %patch2 -p1
+%patch3 -p1 -b .fortify

 # Disable failing test
 sed -i 's|errors.test||' autoopts/test/Makefile.in
@ -150,6 +149,10 @@ rm -f $RPM_BUILD_ROOT%{_infodir}/dir
 %{_includedir}/autoopts/usage-txt.h

 %changelog
+* Tue Feb 28 2023 Tomas Korbar <tkorbar@redhat.com> - 5.18.16-15
+- Raise fortification level to 3
+- Fix bad way of reallocation when reading from stdin
+
 * Mon Feb 27 2023 Tomas Korbar <tkorbar@redhat.com> - 5.18.16-14
 - Lower fortification level to 2
 - Resolves: rhbz#2171445