Compare commits
No commits in common. "c8" and "c9-beta" have entirely different histories.
40
SOURCES/0004-INI-fix-check-for-error-code.patch
Normal file
40
SOURCES/0004-INI-fix-check-for-error-code.patch
Normal file
@ -0,0 +1,40 @@
|
||||
From ec6817736968fb4683b9df0bd932c1a86dec0ba8 Mon Sep 17 00:00:00 2001
|
||||
From: Alexey Tikhonov <atikhono@redhat.com>
|
||||
Date: Wed, 4 Aug 2021 19:22:19 +0200
|
||||
Subject: [PATCH 4/6] INI: fix check for error code
|
||||
|
||||
In case of fail `asprintf()` returns -1, not 1.
|
||||
|
||||
Fixes following covscan issues:
|
||||
```
|
||||
Error: RESOURCE_LEAK (CWE-772): [#def1]
|
||||
ding-libs-0.6.1/ini/ini_configmod.c:869: alloc_arg: "asprintf" allocates memory that is stored into "strval". [Note: The source code implementation of the function has been overridden by a builtin model.]
|
||||
ding-libs-0.6.1/ini/ini_configmod.c:873: leaked_storage: Variable "strval" going out of scope leaks the storage it points to.
|
||||
# 871| TRACE_ERROR_NUMBER("Asprintf failed.", ret);
|
||||
# 872| /* The main reason is propbaly memory allocation */
|
||||
# 873|-> return ENOMEM;
|
||||
# 874| }
|
||||
# 875|
|
||||
```
|
||||
|
||||
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||||
---
|
||||
ini/ini_configmod.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/ini/ini_configmod.c b/ini/ini_configmod.c
|
||||
index da4175c..88a7133 100644
|
||||
--- a/ini/ini_configmod.c
|
||||
+++ b/ini/ini_configmod.c
|
||||
@@ -867,7 +867,7 @@ int ini_config_add_double_value(struct ini_cfgobj *ini_config,
|
||||
TRACE_FLOW_ENTRY();
|
||||
|
||||
ret = asprintf(&strval, "%f", value);
|
||||
- if (ret == 1) {
|
||||
+ if (ret == -1) {
|
||||
TRACE_ERROR_NUMBER("Asprintf failed.", ret);
|
||||
/* The main reason is propbaly memory allocation */
|
||||
return ENOMEM;
|
||||
--
|
||||
2.26.3
|
||||
|
@ -0,0 +1,58 @@
|
||||
From 82ee1cff9d7401f4381cfa574f8b102625b06a31 Mon Sep 17 00:00:00 2001
|
||||
From: Alexey Tikhonov <atikhono@redhat.com>
|
||||
Date: Thu, 5 Aug 2021 18:02:57 +0200
|
||||
Subject: [PATCH 5/6] PATH_UTILS: suppress false positive warnings
|
||||
|
||||
Warnings are false positives: every such `strncpy` is followed
|
||||
by an explicit check that result is NULL-terminated.
|
||||
|
||||
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||||
---
|
||||
path_utils/path_utils.c | 5 +++++
|
||||
1 file changed, 5 insertions(+)
|
||||
|
||||
diff --git a/path_utils/path_utils.c b/path_utils/path_utils.c
|
||||
index 61605ab..5203cc9 100644
|
||||
--- a/path_utils/path_utils.c
|
||||
+++ b/path_utils/path_utils.c
|
||||
@@ -116,6 +116,7 @@ int get_basename(char *base_name, size_t base_name_size, const char *path)
|
||||
if (!path) return EINVAL;
|
||||
if (!base_name || base_name_size < 1) return ENOBUFS;
|
||||
|
||||
+ /* coverity[buffer_size_warning : SUPPRESS] */ /* false positive warning */
|
||||
strncpy(tmp_path, path, sizeof(tmp_path));
|
||||
if (tmp_path[sizeof(tmp_path)-1] != '\0') return ENOBUFS;
|
||||
strncpy(base_name, basename(tmp_path), base_name_size);
|
||||
@@ -137,6 +138,7 @@ int get_dirname(char *dir_path, size_t dir_path_size, const char *path)
|
||||
if (!path) return EINVAL;
|
||||
if (!dir_path || dir_path_size < 1) return ENOBUFS;
|
||||
|
||||
+ /* coverity[buffer_size_warning : SUPPRESS] */ /* false positive warning */
|
||||
strncpy(tmp_path, path, sizeof(tmp_path));
|
||||
if (tmp_path[sizeof(tmp_path)-1] != '\0') return ENOBUFS;
|
||||
strncpy(dir_path, dirname(tmp_path), dir_path_size);
|
||||
@@ -161,11 +163,13 @@ int get_directory_and_base_name(char *dir_path, size_t dir_path_size,
|
||||
if (!dir_path || dir_path_size < 1) return ENOBUFS;
|
||||
if (!base_name || base_name_size < 1) return ENOBUFS;
|
||||
|
||||
+ /* coverity[buffer_size_warning : SUPPRESS] */ /* false positive warning */
|
||||
strncpy(tmp_path, path, sizeof(tmp_path));
|
||||
if (tmp_path[sizeof(tmp_path)-1] != '\0') return ENOBUFS;
|
||||
strncpy(base_name, basename(tmp_path), base_name_size);
|
||||
if (base_name[base_name_size-1] != '\0') return ENOBUFS;
|
||||
|
||||
+ /* coverity[buffer_size_warning : SUPPRESS] */ /* false positive warning */
|
||||
strncpy(tmp_path, path, sizeof(tmp_path));
|
||||
if (tmp_path[sizeof(tmp_path)-1] != '\0') return ENOBUFS;
|
||||
strncpy(dir_path, dirname(tmp_path), dir_path_size);
|
||||
@@ -528,6 +532,7 @@ int find_existing_directory_ancestor(char *ancestor, size_t ancestor_size, const
|
||||
|
||||
if (!ancestor || ancestor_size < 1) return ENOBUFS;
|
||||
*ancestor = 0;
|
||||
+ /* coverity[buffer_size_warning : SUPPRESS] */ /* false positive warning */
|
||||
strncpy(dir_path, path, sizeof(dir_path));
|
||||
if (dir_path[sizeof(dir_path)-1] != '\0') return ENOBUFS;
|
||||
|
||||
--
|
||||
2.26.3
|
||||
|
@ -0,0 +1,28 @@
|
||||
From 584dc25f2c31f4d8e5cf7154e0362e4d2504779c Mon Sep 17 00:00:00 2001
|
||||
From: Alexey Tikhonov <atikhono@redhat.com>
|
||||
Date: Thu, 5 Aug 2021 18:48:23 +0200
|
||||
Subject: [PATCH 6/6] INI: suppress false positive coverity warning
|
||||
|
||||
`get_str_cfg_array()` returns `char **array` that is composed of pointers
|
||||
to slices of `copy` so `copy` can't be freed here.
|
||||
|
||||
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||||
---
|
||||
ini/ini_get_array.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/ini/ini_get_array.c b/ini/ini_get_array.c
|
||||
index 30ed423..95d0b05 100644
|
||||
--- a/ini/ini_get_array.c
|
||||
+++ b/ini/ini_get_array.c
|
||||
@@ -164,6 +164,7 @@ static char **get_str_cfg_array(struct collection_item *item,
|
||||
/* If count is 0 the copy needs to be freed */
|
||||
if (count == 0) free(copy);
|
||||
TRACE_FLOW_STRING("get_str_cfg_array", "Exit");
|
||||
+ /* coverity[leaked_storage : SUPPRESS] */ /* false positive warning */
|
||||
return array;
|
||||
}
|
||||
|
||||
--
|
||||
2.26.3
|
||||
|
@ -1,12 +1,10 @@
|
||||
Name: ding-libs
|
||||
Version: 0.6.1
|
||||
Release: 40%{?dist}
|
||||
Release: 53%{?dist}
|
||||
Summary: "Ding is not GLib" assorted utility libraries
|
||||
Group: Development/Libraries
|
||||
License: LGPLv3+
|
||||
URL: https://pagure.io/SSSD/ding-libs
|
||||
Source0: https://releases.pagure.org/SSSD/ding-libs/%{name}-%{version}.tar.gz
|
||||
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
|
||||
|
||||
# If a new upstream release changes some, but not all of these
|
||||
# version numbers, remember to keep the Release tag in order to
|
||||
@ -23,6 +21,9 @@ Patch0: INI-Silence-ini_augment-match-failures.patch
|
||||
Patch1: INI-Remove-definiton-of-TRACE_LEVEL.patch
|
||||
Patch2: INI-Fix-detection-of-error-messages.patch
|
||||
Patch3: TEST-validators_ut_check-Fix-fail-with-new-glibc.patch
|
||||
Patch4: 0004-INI-fix-check-for-error-code.patch
|
||||
Patch5: 0005-PATH_UTILS-suppress-false-positive-warnings.patch
|
||||
Patch6: 0006-INI-suppress-false-positive-coverity-warning.patch
|
||||
|
||||
### Dependencies ###
|
||||
# ding-libs is a meta-package that will pull in all of its own
|
||||
@ -38,12 +39,14 @@ Requires: libini_config = %{ini_config_version}-%{release}
|
||||
|
||||
BuildRequires: autoconf
|
||||
BuildRequires: automake
|
||||
BuildRequires: gcc
|
||||
BuildRequires: git
|
||||
BuildRequires: libtool
|
||||
BuildRequires: m4
|
||||
BuildRequires: doxygen
|
||||
BuildRequires: pkgconfig
|
||||
BuildRequires: check-devel
|
||||
BuildRequires: make
|
||||
|
||||
%description
|
||||
A meta-package that pulls in libcollection, libdhash, libini_config,
|
||||
@ -51,7 +54,6 @@ librefarray libbasicobjects, and libpath_utils.
|
||||
|
||||
%package devel
|
||||
Summary: Development packages for ding-libs
|
||||
Group: Development/Libraries
|
||||
License: LGPLv3+
|
||||
|
||||
# ding-libs is a meta-package that will pull in all of its own
|
||||
@ -73,7 +75,6 @@ libdhash, libini_config, librefarray and libpath_utils.
|
||||
|
||||
%package -n libpath_utils
|
||||
Summary: Filesystem Path Utilities
|
||||
Group: Development/Libraries
|
||||
License: LGPLv3+
|
||||
Version: %{path_utils_version}
|
||||
|
||||
@ -82,7 +83,6 @@ Utility functions to manipulate filesystem pathnames
|
||||
|
||||
%package -n libpath_utils-devel
|
||||
Summary: Development files for libpath_utils
|
||||
Group: Development/Libraries
|
||||
Requires: libpath_utils = %{path_utils_version}-%{release}
|
||||
License: LGPLv3+
|
||||
Version: %{path_utils_version}
|
||||
@ -93,13 +93,11 @@ Utility functions to manipulate filesystem pathnames
|
||||
%ldconfig_scriptlets -n libpath_utils
|
||||
|
||||
%files -n libpath_utils
|
||||
%defattr(-,root,root,-)
|
||||
%doc COPYING COPYING.LESSER
|
||||
%{_libdir}/libpath_utils.so.1
|
||||
%{_libdir}/libpath_utils.so.1.0.1
|
||||
|
||||
%files -n libpath_utils-devel
|
||||
%defattr(-,root,root,-)
|
||||
%{_includedir}/path_utils.h
|
||||
%{_libdir}/libpath_utils.so
|
||||
%{_libdir}/pkgconfig/path_utils.pc
|
||||
@ -112,7 +110,6 @@ Utility functions to manipulate filesystem pathnames
|
||||
##############################################################################
|
||||
|
||||
%package -n libdhash
|
||||
Group: Development/Libraries
|
||||
Summary: Dynamic hash table
|
||||
License: LGPLv3+
|
||||
Version: %{dhash_version}
|
||||
@ -123,7 +120,6 @@ time properties
|
||||
|
||||
%package -n libdhash-devel
|
||||
Summary: Development files for libdhash
|
||||
Group: Development/Libraries
|
||||
Requires: libdhash = %{dhash_version}-%{release}
|
||||
License: LGPLv3+
|
||||
Version: %{dhash_version}
|
||||
@ -135,13 +131,11 @@ time properties
|
||||
%ldconfig_scriptlets -n libdhash
|
||||
|
||||
%files -n libdhash
|
||||
%defattr(-,root,root,-)
|
||||
%doc COPYING COPYING.LESSER
|
||||
%{_libdir}/libdhash.so.1
|
||||
%{_libdir}/libdhash.so.1.1.0
|
||||
|
||||
%files -n libdhash-devel
|
||||
%defattr(-,root,root,-)
|
||||
%{_includedir}/dhash.h
|
||||
%{_libdir}/libdhash.so
|
||||
%{_libdir}/pkgconfig/dhash.pc
|
||||
@ -154,7 +148,6 @@ time properties
|
||||
##############################################################################
|
||||
%package -n libcollection
|
||||
Summary: Collection data-type for C
|
||||
Group: Development/Libraries
|
||||
License: LGPLv3+
|
||||
Version: %{collection_version}
|
||||
|
||||
@ -164,7 +157,6 @@ and serialization
|
||||
|
||||
%package -n libcollection-devel
|
||||
Summary: Development files for libcollection
|
||||
Group: Development/Libraries
|
||||
License: LGPLv3+
|
||||
Requires: libcollection = %{collection_version}-%{release}
|
||||
Version: %{collection_version}
|
||||
@ -177,13 +169,11 @@ and serialization
|
||||
|
||||
|
||||
%files -n libcollection
|
||||
%defattr(-,root,root,-)
|
||||
%doc COPYING
|
||||
%doc COPYING.LESSER
|
||||
%{_libdir}/libcollection.so.*
|
||||
|
||||
%files -n libcollection-devel
|
||||
%defattr(-,root,root,-)
|
||||
%{_includedir}/collection.h
|
||||
%{_includedir}/collection_tools.h
|
||||
%{_includedir}/collection_queue.h
|
||||
@ -199,7 +189,6 @@ and serialization
|
||||
|
||||
%package -n libref_array
|
||||
Summary: A refcounted array for C
|
||||
Group: Development/Libraries
|
||||
License: LGPLv3+
|
||||
Version: %{ref_array_version}
|
||||
|
||||
@ -208,7 +197,6 @@ A dynamically-growing, reference-counted array
|
||||
|
||||
%package -n libref_array-devel
|
||||
Summary: Development files for libref_array
|
||||
Group: Development/Libraries
|
||||
Requires: libref_array = %{ref_array_version}-%{release}
|
||||
License: LGPLv3+
|
||||
Version: %{ref_array_version}
|
||||
@ -219,14 +207,12 @@ A dynamically-growing, reference-counted array
|
||||
%ldconfig_scriptlets -n libref_array
|
||||
|
||||
%files -n libref_array
|
||||
%defattr(-,root,root,-)
|
||||
%doc COPYING
|
||||
%doc COPYING.LESSER
|
||||
%{_libdir}/libref_array.so.1
|
||||
%{_libdir}/libref_array.so.1.2.1
|
||||
|
||||
%files -n libref_array-devel
|
||||
%defattr(-,root,root,-)
|
||||
%{_includedir}/ref_array.h
|
||||
%{_libdir}/libref_array.so
|
||||
%{_libdir}/pkgconfig/ref_array.pc
|
||||
@ -239,7 +225,6 @@ A dynamically-growing, reference-counted array
|
||||
|
||||
%package -n libbasicobjects
|
||||
Summary: Basic object types for C
|
||||
Group: Development/Libraries
|
||||
License: GPLv3+
|
||||
Version: %{basicobjects_version}
|
||||
|
||||
@ -248,7 +233,6 @@ Basic object types
|
||||
|
||||
%package -n libbasicobjects-devel
|
||||
Summary: Development files for libbasicobjects
|
||||
Group: Development/Libraries
|
||||
License: GPLv3+
|
||||
Version: %{basicobjects_version}
|
||||
Requires: libbasicobjects = %{basicobjects_version}-%{release}
|
||||
@ -259,14 +243,12 @@ Basic object types
|
||||
%ldconfig_scriptlets -n libbasicobjects
|
||||
|
||||
%files -n libbasicobjects
|
||||
%defattr(-,root,root,-)
|
||||
%doc COPYING
|
||||
%doc COPYING.LESSER
|
||||
%{_libdir}/libbasicobjects.so.0
|
||||
%{_libdir}/libbasicobjects.so.0.1.0
|
||||
|
||||
%files -n libbasicobjects-devel
|
||||
%defattr(-,root,root,-)
|
||||
%{_includedir}/simplebuffer.h
|
||||
%{_libdir}/libbasicobjects.so
|
||||
%{_libdir}/pkgconfig/basicobjects.pc
|
||||
@ -277,7 +259,6 @@ Basic object types
|
||||
|
||||
%package -n libini_config
|
||||
Summary: INI file parser for C
|
||||
Group: Development/Libraries
|
||||
License: LGPLv3+
|
||||
Requires: libcollection = %{collection_version}-%{release}
|
||||
Requires: libref_array = %{ref_array_version}-%{release}
|
||||
@ -291,7 +272,6 @@ structure
|
||||
|
||||
%package -n libini_config-devel
|
||||
Summary: Development files for libini_config
|
||||
Group: Development/Libraries
|
||||
License: LGPLv3+
|
||||
Requires: libini_config = %{ini_config_version}-%{release}
|
||||
Requires: libcollection-devel = %{collection_version}-%{release}
|
||||
@ -306,14 +286,12 @@ structure
|
||||
%ldconfig_scriptlets -n libini_config
|
||||
|
||||
%files -n libini_config
|
||||
%defattr(-,root,root,-)
|
||||
%doc COPYING
|
||||
%doc COPYING.LESSER
|
||||
%{_libdir}/libini_config.so.5
|
||||
%{_libdir}/libini_config.so.5.2.1
|
||||
|
||||
%files -n libini_config-devel
|
||||
%defattr(-,root,root,-)
|
||||
%{_includedir}/ini_config.h
|
||||
%{_includedir}/ini_configobj.h
|
||||
%{_includedir}/ini_valueobj.h
|
||||
@ -358,15 +336,51 @@ rm -f \
|
||||
# Remove document install script. RPM is handling this
|
||||
rm -f */doc/html/installdox
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%changelog
|
||||
* Wed May 25 2022 Alexey Tikhonov <atikhono@redhat.com> - 0.6.1-40
|
||||
- Resolves: rhbz#2048668 - Request to add libdhash-devel package into CRB
|
||||
* Wed May 11 2022 Alexey Tikhonov <atikhono@redhat.com> - 0.6.1-52
|
||||
- Resolves: rhbz#2048667 - Request to add libdhash-devel package into CRB
|
||||
|
||||
* Thu Aug 09 2018 Michal Židek <mzidek@redhat.com> - 0.6.1-39
|
||||
- Resolves: rhbz#1611714 - [RHEL8-S-BUILD] ding-libs Fails Scratch Build on rhel-8.0
|
||||
* Tue Aug 10 2021 Alexey Tikhonov <atikhono@redhat.com> - 0.6.1-51
|
||||
- Resolves: rhbz#1938708 - review of important potential issues detected by static analyzers in ding-libs-0.6.1-47.el9
|
||||
|
||||
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.6.1-50
|
||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||
Related: rhbz#1991688
|
||||
|
||||
* Tue Jun 01 2021 Alexey Tikhonov <atikhono@redhat.com> - 0.6.1-49
|
||||
- Resolves: rhbz#1962772 - Add gating tests for ding-libs in RHEL 9
|
||||
|
||||
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 0.6.1-48
|
||||
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||
|
||||
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-47
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||
|
||||
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-46
|
||||
- Second attempt - Rebuilt for
|
||||
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-45
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-44
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||
|
||||
* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-43
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||
|
||||
* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-42
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||
|
||||
* Tue Aug 14 2018 Michal Židek <mzidek@redhat.com> - 0.6.1-41
|
||||
- Resolves: rhbz#1603785 - ding-libs: FTBFS in Fedora rawhide
|
||||
|
||||
* Fri Jul 20 2018 Jakub Hrozek <jhrozek@redhat.com> - 0.6.1-40
|
||||
- BuildRequires: gcc
|
||||
- Resolves: rhbz#1603785 - ding-libs: FTBFS in Fedora rawhide
|
||||
|
||||
* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-39
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||
|
||||
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-38
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||
|
Loading…
Reference in New Issue
Block a user