Compare commits

...

No commits in common. "c8" and "c9-beta" have entirely different histories.
c8 ... c9-beta

4 changed files with 175 additions and 35 deletions

View File

@ -0,0 +1,40 @@
From ec6817736968fb4683b9df0bd932c1a86dec0ba8 Mon Sep 17 00:00:00 2001
From: Alexey Tikhonov <atikhono@redhat.com>
Date: Wed, 4 Aug 2021 19:22:19 +0200
Subject: [PATCH 4/6] INI: fix check for error code
In case of fail `asprintf()` returns -1, not 1.
Fixes following covscan issues:
```
Error: RESOURCE_LEAK (CWE-772): [#def1]
ding-libs-0.6.1/ini/ini_configmod.c:869: alloc_arg: "asprintf" allocates memory that is stored into "strval". [Note: The source code implementation of the function has been overridden by a builtin model.]
ding-libs-0.6.1/ini/ini_configmod.c:873: leaked_storage: Variable "strval" going out of scope leaks the storage it points to.
# 871| TRACE_ERROR_NUMBER("Asprintf failed.", ret);
# 872| /* The main reason is propbaly memory allocation */
# 873|-> return ENOMEM;
# 874| }
# 875|
```
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
---
ini/ini_configmod.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ini/ini_configmod.c b/ini/ini_configmod.c
index da4175c..88a7133 100644
--- a/ini/ini_configmod.c
+++ b/ini/ini_configmod.c
@@ -867,7 +867,7 @@ int ini_config_add_double_value(struct ini_cfgobj *ini_config,
TRACE_FLOW_ENTRY();
ret = asprintf(&strval, "%f", value);
- if (ret == 1) {
+ if (ret == -1) {
TRACE_ERROR_NUMBER("Asprintf failed.", ret);
/* The main reason is propbaly memory allocation */
return ENOMEM;
--
2.26.3

View File

@ -0,0 +1,58 @@
From 82ee1cff9d7401f4381cfa574f8b102625b06a31 Mon Sep 17 00:00:00 2001
From: Alexey Tikhonov <atikhono@redhat.com>
Date: Thu, 5 Aug 2021 18:02:57 +0200
Subject: [PATCH 5/6] PATH_UTILS: suppress false positive warnings
Warnings are false positives: every such `strncpy` is followed
by an explicit check that result is NULL-terminated.
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
---
path_utils/path_utils.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/path_utils/path_utils.c b/path_utils/path_utils.c
index 61605ab..5203cc9 100644
--- a/path_utils/path_utils.c
+++ b/path_utils/path_utils.c
@@ -116,6 +116,7 @@ int get_basename(char *base_name, size_t base_name_size, const char *path)
if (!path) return EINVAL;
if (!base_name || base_name_size < 1) return ENOBUFS;
+ /* coverity[buffer_size_warning : SUPPRESS] */ /* false positive warning */
strncpy(tmp_path, path, sizeof(tmp_path));
if (tmp_path[sizeof(tmp_path)-1] != '\0') return ENOBUFS;
strncpy(base_name, basename(tmp_path), base_name_size);
@@ -137,6 +138,7 @@ int get_dirname(char *dir_path, size_t dir_path_size, const char *path)
if (!path) return EINVAL;
if (!dir_path || dir_path_size < 1) return ENOBUFS;
+ /* coverity[buffer_size_warning : SUPPRESS] */ /* false positive warning */
strncpy(tmp_path, path, sizeof(tmp_path));
if (tmp_path[sizeof(tmp_path)-1] != '\0') return ENOBUFS;
strncpy(dir_path, dirname(tmp_path), dir_path_size);
@@ -161,11 +163,13 @@ int get_directory_and_base_name(char *dir_path, size_t dir_path_size,
if (!dir_path || dir_path_size < 1) return ENOBUFS;
if (!base_name || base_name_size < 1) return ENOBUFS;
+ /* coverity[buffer_size_warning : SUPPRESS] */ /* false positive warning */
strncpy(tmp_path, path, sizeof(tmp_path));
if (tmp_path[sizeof(tmp_path)-1] != '\0') return ENOBUFS;
strncpy(base_name, basename(tmp_path), base_name_size);
if (base_name[base_name_size-1] != '\0') return ENOBUFS;
+ /* coverity[buffer_size_warning : SUPPRESS] */ /* false positive warning */
strncpy(tmp_path, path, sizeof(tmp_path));
if (tmp_path[sizeof(tmp_path)-1] != '\0') return ENOBUFS;
strncpy(dir_path, dirname(tmp_path), dir_path_size);
@@ -528,6 +532,7 @@ int find_existing_directory_ancestor(char *ancestor, size_t ancestor_size, const
if (!ancestor || ancestor_size < 1) return ENOBUFS;
*ancestor = 0;
+ /* coverity[buffer_size_warning : SUPPRESS] */ /* false positive warning */
strncpy(dir_path, path, sizeof(dir_path));
if (dir_path[sizeof(dir_path)-1] != '\0') return ENOBUFS;
--
2.26.3

View File

@ -0,0 +1,28 @@
From 584dc25f2c31f4d8e5cf7154e0362e4d2504779c Mon Sep 17 00:00:00 2001
From: Alexey Tikhonov <atikhono@redhat.com>
Date: Thu, 5 Aug 2021 18:48:23 +0200
Subject: [PATCH 6/6] INI: suppress false positive coverity warning
`get_str_cfg_array()` returns `char **array` that is composed of pointers
to slices of `copy` so `copy` can't be freed here.
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
---
ini/ini_get_array.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/ini/ini_get_array.c b/ini/ini_get_array.c
index 30ed423..95d0b05 100644
--- a/ini/ini_get_array.c
+++ b/ini/ini_get_array.c
@@ -164,6 +164,7 @@ static char **get_str_cfg_array(struct collection_item *item,
/* If count is 0 the copy needs to be freed */
if (count == 0) free(copy);
TRACE_FLOW_STRING("get_str_cfg_array", "Exit");
+ /* coverity[leaked_storage : SUPPRESS] */ /* false positive warning */
return array;
}
--
2.26.3

View File

@ -1,12 +1,10 @@
Name: ding-libs
Version: 0.6.1
Release: 40%{?dist}
Release: 53%{?dist}
Summary: "Ding is not GLib" assorted utility libraries
Group: Development/Libraries
License: LGPLv3+
URL: https://pagure.io/SSSD/ding-libs
Source0: https://releases.pagure.org/SSSD/ding-libs/%{name}-%{version}.tar.gz
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
# If a new upstream release changes some, but not all of these
# version numbers, remember to keep the Release tag in order to
@ -23,6 +21,9 @@ Patch0: INI-Silence-ini_augment-match-failures.patch
Patch1: INI-Remove-definiton-of-TRACE_LEVEL.patch
Patch2: INI-Fix-detection-of-error-messages.patch
Patch3: TEST-validators_ut_check-Fix-fail-with-new-glibc.patch
Patch4: 0004-INI-fix-check-for-error-code.patch
Patch5: 0005-PATH_UTILS-suppress-false-positive-warnings.patch
Patch6: 0006-INI-suppress-false-positive-coverity-warning.patch
### Dependencies ###
# ding-libs is a meta-package that will pull in all of its own
@ -38,12 +39,14 @@ Requires: libini_config = %{ini_config_version}-%{release}
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: gcc
BuildRequires: git
BuildRequires: libtool
BuildRequires: m4
BuildRequires: doxygen
BuildRequires: pkgconfig
BuildRequires: check-devel
BuildRequires: make
%description
A meta-package that pulls in libcollection, libdhash, libini_config,
@ -51,7 +54,6 @@ librefarray libbasicobjects, and libpath_utils.
%package devel
Summary: Development packages for ding-libs
Group: Development/Libraries
License: LGPLv3+
# ding-libs is a meta-package that will pull in all of its own
@ -73,7 +75,6 @@ libdhash, libini_config, librefarray and libpath_utils.
%package -n libpath_utils
Summary: Filesystem Path Utilities
Group: Development/Libraries
License: LGPLv3+
Version: %{path_utils_version}
@ -82,7 +83,6 @@ Utility functions to manipulate filesystem pathnames
%package -n libpath_utils-devel
Summary: Development files for libpath_utils
Group: Development/Libraries
Requires: libpath_utils = %{path_utils_version}-%{release}
License: LGPLv3+
Version: %{path_utils_version}
@ -93,13 +93,11 @@ Utility functions to manipulate filesystem pathnames
%ldconfig_scriptlets -n libpath_utils
%files -n libpath_utils
%defattr(-,root,root,-)
%doc COPYING COPYING.LESSER
%{_libdir}/libpath_utils.so.1
%{_libdir}/libpath_utils.so.1.0.1
%files -n libpath_utils-devel
%defattr(-,root,root,-)
%{_includedir}/path_utils.h
%{_libdir}/libpath_utils.so
%{_libdir}/pkgconfig/path_utils.pc
@ -112,7 +110,6 @@ Utility functions to manipulate filesystem pathnames
##############################################################################
%package -n libdhash
Group: Development/Libraries
Summary: Dynamic hash table
License: LGPLv3+
Version: %{dhash_version}
@ -123,7 +120,6 @@ time properties
%package -n libdhash-devel
Summary: Development files for libdhash
Group: Development/Libraries
Requires: libdhash = %{dhash_version}-%{release}
License: LGPLv3+
Version: %{dhash_version}
@ -135,13 +131,11 @@ time properties
%ldconfig_scriptlets -n libdhash
%files -n libdhash
%defattr(-,root,root,-)
%doc COPYING COPYING.LESSER
%{_libdir}/libdhash.so.1
%{_libdir}/libdhash.so.1.1.0
%files -n libdhash-devel
%defattr(-,root,root,-)
%{_includedir}/dhash.h
%{_libdir}/libdhash.so
%{_libdir}/pkgconfig/dhash.pc
@ -154,7 +148,6 @@ time properties
##############################################################################
%package -n libcollection
Summary: Collection data-type for C
Group: Development/Libraries
License: LGPLv3+
Version: %{collection_version}
@ -164,7 +157,6 @@ and serialization
%package -n libcollection-devel
Summary: Development files for libcollection
Group: Development/Libraries
License: LGPLv3+
Requires: libcollection = %{collection_version}-%{release}
Version: %{collection_version}
@ -177,13 +169,11 @@ and serialization
%files -n libcollection
%defattr(-,root,root,-)
%doc COPYING
%doc COPYING.LESSER
%{_libdir}/libcollection.so.*
%files -n libcollection-devel
%defattr(-,root,root,-)
%{_includedir}/collection.h
%{_includedir}/collection_tools.h
%{_includedir}/collection_queue.h
@ -199,7 +189,6 @@ and serialization
%package -n libref_array
Summary: A refcounted array for C
Group: Development/Libraries
License: LGPLv3+
Version: %{ref_array_version}
@ -208,7 +197,6 @@ A dynamically-growing, reference-counted array
%package -n libref_array-devel
Summary: Development files for libref_array
Group: Development/Libraries
Requires: libref_array = %{ref_array_version}-%{release}
License: LGPLv3+
Version: %{ref_array_version}
@ -219,14 +207,12 @@ A dynamically-growing, reference-counted array
%ldconfig_scriptlets -n libref_array
%files -n libref_array
%defattr(-,root,root,-)
%doc COPYING
%doc COPYING.LESSER
%{_libdir}/libref_array.so.1
%{_libdir}/libref_array.so.1.2.1
%files -n libref_array-devel
%defattr(-,root,root,-)
%{_includedir}/ref_array.h
%{_libdir}/libref_array.so
%{_libdir}/pkgconfig/ref_array.pc
@ -239,7 +225,6 @@ A dynamically-growing, reference-counted array
%package -n libbasicobjects
Summary: Basic object types for C
Group: Development/Libraries
License: GPLv3+
Version: %{basicobjects_version}
@ -248,7 +233,6 @@ Basic object types
%package -n libbasicobjects-devel
Summary: Development files for libbasicobjects
Group: Development/Libraries
License: GPLv3+
Version: %{basicobjects_version}
Requires: libbasicobjects = %{basicobjects_version}-%{release}
@ -259,14 +243,12 @@ Basic object types
%ldconfig_scriptlets -n libbasicobjects
%files -n libbasicobjects
%defattr(-,root,root,-)
%doc COPYING
%doc COPYING.LESSER
%{_libdir}/libbasicobjects.so.0
%{_libdir}/libbasicobjects.so.0.1.0
%files -n libbasicobjects-devel
%defattr(-,root,root,-)
%{_includedir}/simplebuffer.h
%{_libdir}/libbasicobjects.so
%{_libdir}/pkgconfig/basicobjects.pc
@ -277,7 +259,6 @@ Basic object types
%package -n libini_config
Summary: INI file parser for C
Group: Development/Libraries
License: LGPLv3+
Requires: libcollection = %{collection_version}-%{release}
Requires: libref_array = %{ref_array_version}-%{release}
@ -291,7 +272,6 @@ structure
%package -n libini_config-devel
Summary: Development files for libini_config
Group: Development/Libraries
License: LGPLv3+
Requires: libini_config = %{ini_config_version}-%{release}
Requires: libcollection-devel = %{collection_version}-%{release}
@ -306,14 +286,12 @@ structure
%ldconfig_scriptlets -n libini_config
%files -n libini_config
%defattr(-,root,root,-)
%doc COPYING
%doc COPYING.LESSER
%{_libdir}/libini_config.so.5
%{_libdir}/libini_config.so.5.2.1
%files -n libini_config-devel
%defattr(-,root,root,-)
%{_includedir}/ini_config.h
%{_includedir}/ini_configobj.h
%{_includedir}/ini_valueobj.h
@ -358,15 +336,51 @@ rm -f \
# Remove document install script. RPM is handling this
rm -f */doc/html/installdox
%clean
rm -rf $RPM_BUILD_ROOT
%changelog
* Wed May 25 2022 Alexey Tikhonov <atikhono@redhat.com> - 0.6.1-40
- Resolves: rhbz#2048668 - Request to add libdhash-devel package into CRB
* Wed May 11 2022 Alexey Tikhonov <atikhono@redhat.com> - 0.6.1-52
- Resolves: rhbz#2048667 - Request to add libdhash-devel package into CRB
* Thu Aug 09 2018 Michal Židek <mzidek@redhat.com> - 0.6.1-39
- Resolves: rhbz#1611714 - [RHEL8-S-BUILD] ding-libs Fails Scratch Build on rhel-8.0
* Tue Aug 10 2021 Alexey Tikhonov <atikhono@redhat.com> - 0.6.1-51
- Resolves: rhbz#1938708 - review of important potential issues detected by static analyzers in ding-libs-0.6.1-47.el9
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.6.1-50
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Tue Jun 01 2021 Alexey Tikhonov <atikhono@redhat.com> - 0.6.1-49
- Resolves: rhbz#1962772 - Add gating tests for ding-libs in RHEL 9
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 0.6.1-48
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-47
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-46
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-45
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-44
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-43
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-42
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Tue Aug 14 2018 Michal Židek <mzidek@redhat.com> - 0.6.1-41
- Resolves: rhbz#1603785 - ding-libs: FTBFS in Fedora rawhide
* Fri Jul 20 2018 Jakub Hrozek <jhrozek@redhat.com> - 0.6.1-40
- BuildRequires: gcc
- Resolves: rhbz#1603785 - ding-libs: FTBFS in Fedora rawhide
* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-39
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-38
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild