rpms
/
fstrm
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import fstrm-0.6.1-2.el8

This commit is contained in:
CentOS Sources 2021-11-09 05:02:47 -05:00 committed by Stepan Oksanichenko
parent c184e0f180
commit 62a20f5e0e
7 changed files with 279 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.fstrm.metadata
View File

@ -1 +1 @@
227c65c4a70f538fd10b9fd2a1b8e0522b5256ab SOURCES/fstrm-0.6.0.tar.gz
06c55912eea39a994cfb116192d82c89212db172 SOURCES/fstrm-0.6.1.tar.gz

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/fstrm-0.6.0.tar.gz
SOURCES/fstrm-0.6.1.tar.gz

90
SOURCES/fstrm-0.6.1-Fix-CLANG_WARNING.patch Normal file
View File

@ -0,0 +1,90 @@
From abefc739f769a8c9bd89db78b9a3e9dd9e366064 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Mon, 11 Jan 2021 12:25:27 +0100
Subject: [PATCH] Fix CLANG_WARNING
libmy/argv.c:1352:7: warning[core.uninitialized.Assign]: The expression is an uninitialized value. The computed value will also be garbage
(*(int *)var)++;
^~~~~~~~~~~~~
libmy/argv.c:1207:29: note: Assuming field 'at_value' is not equal to 0
for (type_p = argv_types; type_p->at_value != 0; type_p++) {
^~~~~~~~~~~~~~~~~~~~~
libmy/argv.c:1207:3: note: Loop condition is true. Entering loop body
for (type_p = argv_types; type_p->at_value != 0; type_p++) {
^
libmy/argv.c:1208:9: note: Assuming 'val_type' is equal to field 'at_value'
if (type_p->at_value == val_type) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
libmy/argv.c:1208:5: note: Taking true branch
if (type_p->at_value == val_type) {
^
libmy/argv.c:1210:7: note: Execution continues on line 1214
break;
^
libmy/argv.c:1214:15: note: Field 'at_value' is not equal to 0
if (type_p->at_value == 0) {
^
libmy/argv.c:1214:3: note: Taking false branch
if (type_p->at_value == 0) {
^
libmy/argv.c:1222:7: note: Assuming the condition is true
if (type & ARGV_FLAG_ARRAY) {
^~~~~~~~~~~~~~~~~~~~~~
libmy/argv.c:1222:3: note: Taking true branch
if (type & ARGV_FLAG_ARRAY) {
^
libmy/argv.c:1225:9: note: Assuming field 'aa_entry_n' is equal to 0
if (arr_p->aa_entry_n == 0) {
^~~~~~~~~~~~~~~~~~~~~~
libmy/argv.c:1225:5: note: Taking true branch
if (arr_p->aa_entry_n == 0) {
^
libmy/argv.c:1226:35: note: Storing uninitialized value
arr_p->aa_entries = (char *)malloc(ARRAY_INCR *size);
^~~~~~~~~~~~~~~~~~~~~~~~
libmy/argv.c:1234:9: note: Assuming field 'aa_entries' is not equal to NULL
if (arr_p->aa_entries == NULL) {
^~~~~~~~~~~~~~~~~~~~~~~~~
libmy/argv.c:1234:5: note: Taking false branch
if (arr_p->aa_entries == NULL) {
^
libmy/argv.c:1251:3: note: Control jumps to 'case 17:' at line 1349
switch (val_type) {
^
libmy/argv.c:1351:9: note: Assuming 'arg' is equal to NULL
if (arg == NULL) {
^~~~~~~~~~~
libmy/argv.c:1351:5: note: Taking true branch
if (arg == NULL) {
^
libmy/argv.c:1352:7: note: The expression is an uninitialized value. The computed value will also be garbage
(*(int *)var)++;
^~~~~~~~~~~~~
---
libmy/argv.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/libmy/argv.c b/libmy/argv.c
index 0b28026..547065c 100644
--- a/libmy/argv.c
+++ b/libmy/argv.c
@@ -1223,12 +1223,15 @@ static int string_to_value(const char *arg, ARGV_PNT var,
arr_p = (argv_array_t *)var;
if (arr_p->aa_entry_n == 0) {
- arr_p->aa_entries = (char *)malloc(ARRAY_INCR *size);
+ arr_p->aa_entries = (char *)calloc(ARRAY_INCR, size);
}
else if (arr_p->aa_entry_n % ARRAY_INCR == 0) {
arr_p->aa_entries =
(char *)realloc(arr_p->aa_entries, (arr_p->aa_entry_n + ARRAY_INCR) *
size);
+ if (arr_p->aa_entries != NULL)
+ memset((char *)(arr_p->aa_entries) + arr_p->aa_entry_n * size, 0,
+ ARRAY_INCR*size);
}
if (arr_p->aa_entries == NULL) {
--
2.26.3

43
SOURCES/fstrm-0.6.1-Fix-deadcode-and-check-return-code.patch Normal file
View File

@ -0,0 +1,43 @@
From 600db5413294701bdfda8ce19fa804bcbc866d2e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Fri, 8 Jan 2021 13:23:17 +0100
Subject: [PATCH 2/3] Fix deadcode and check return code
1. fstrm-0.6.0/libmy/argv.c:1782: addr_non_null: The address of an object "argv_types" is never null.
2. fstrm-0.6.0/libmy/argv.c:1782: assignment: Assigning: "type_p" = "argv_types".
3. fstrm-0.6.0/libmy/argv.c:1809: notnull: At condition "type_p == NULL", the value of "type_p" cannot be "NULL".
4. fstrm-0.6.0/libmy/argv.c:1809: dead_error_condition: The condition "type_p == NULL" cannot be true.
5. fstrm-0.6.0/libmy/argv.c:1810: dead_error_begin: Execution cannot reach this statement: "(void)fprintf(argv_error_st...".
40. fstrm-0.6.0/libmy/argv.c:2724: check_return: Calling "string_to_value" without checking return value (as is done elsewhere 6 out of 7 times).
---
libmy/argv.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/libmy/argv.c b/libmy/argv.c
index c3aadfe..16dca73 100644
--- a/libmy/argv.c
+++ b/libmy/argv.c
@@ -1806,7 +1806,7 @@ static void display_variables(const argv_t *args)
int entry_c, size = 0;
/* find the type and the size for array */
- if (type_p == NULL) {
+ if (type_p->at_value == 0) {
(void)fprintf(argv_error_stream, "%s: illegal variable type %d\n",
__FILE__, val_type);
continue;
@@ -2721,7 +2721,9 @@ static void do_list(argv_t *grid, const int arg_c, char **argv,
case ARGV_LONG:
case ARGV_FLOAT:
case ARGV_DOUBLE:
- string_to_value(*arg_p, match_p->ar_variable, match_p->ar_type);
+ if (string_to_value(*arg_p, match_p->ar_variable, match_p->ar_type) != NOERROR) {
+ *okay_bp = ARGV_FALSE;
+ }
char_c = len;
/* we actually used it so we advance the queue tail position */
(*queue_tail_p)++;
--
2.26.3

83
SOURCES/fstrm-0.6.1-Invalid-dereference.patch Normal file
View File

@ -0,0 +1,83 @@
From d6149aaad2a72a8f000283015f6e381bb2821ee2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Thu, 7 Jan 2021 16:08:40 +0100
Subject: [PATCH 1/3] Invalid dereference
libmy/argv.c:3212: var_deref_model: Passing null pointer "queue_list" to "do_list", which dereferences it
libmy/argv.c:3204: var_deref_model: Passing null pointer "queue_list" to "do_list", which dereferences it.
Workaround to possibility no arguments is received
Usually at least one arg is always passed in argv - program name. Do not
dereference null queue_list in unlikely case no parameter in argv.
---
libmy/argv.c | 45 +++++++++++++++++++++++----------------------
1 file changed, 23 insertions(+), 22 deletions(-)
diff --git a/libmy/argv.c b/libmy/argv.c
index 6c64906..c3aadfe 100644
--- a/libmy/argv.c
+++ b/libmy/argv.c
@@ -3197,28 +3197,29 @@ int argv_process_no_env(argv_t *args, const int arg_n, char **argv)
}
queue_head = 0;
queue_tail = 0;
- }
-
- /* do the env args before? */
- if (argv_process_env_b && (! argv_env_after_b) && env_vect_p != NULL) {
- do_list(args, env_n, env_vect_p, queue_list, &queue_head, &queue_tail,
- &okay_b);
- free(env_vect_p);
- free(environ_p);
- env_vect_p = NULL;
- }
-
- /* do the external args */
- do_list(args, arg_n - 1, argv + 1, queue_list, &queue_head, &queue_tail,
- &okay_b);
+
+ /* do the env args before? */
+ if (argv_process_env_b && (! argv_env_after_b) && env_vect_p != NULL) {
+ do_list(args, env_n, env_vect_p, queue_list, &queue_head, &queue_tail,
+ &okay_b);
+ free(env_vect_p);
+ free(environ_p);
+ env_vect_p = NULL;
+ }
+
+ /* do the external args */
+ if (arg_n > 0)
+ do_list(args, arg_n - 1, argv + 1, queue_list, &queue_head, &queue_tail,
+ &okay_b);
- /* DO the env args after? */
- if (argv_process_env_b && argv_env_after_b && env_vect_p != NULL) {
- do_list(args, env_n, env_vect_p, queue_list, &queue_head, &queue_tail,
- &okay_b);
- free(env_vect_p);
- free(environ_p);
- env_vect_p = NULL;
+ /* DO the env args after? */
+ if (argv_process_env_b && argv_env_after_b && env_vect_p != NULL) {
+ do_list(args, env_n, env_vect_p, queue_list, &queue_head, &queue_tail,
+ &okay_b);
+ free(env_vect_p);
+ free(environ_p);
+ env_vect_p = NULL;
+ }
}
/* make sure the XOR and MAND args and argument-options are okay */
@@ -3233,7 +3234,7 @@ int argv_process_no_env(argv_t *args, const int arg_n, char **argv)
}
/* if we allocated the space then free it */
- if (arg_n > 0) {
+ if (queue_list) {
free(queue_list);
}
--
2.26.3

40
SOURCES/fstrm-0.6.1-Possible-resource-leak-fix.patch Normal file
View File

@ -0,0 +1,40 @@
From 1499d3e2715bad67588b5c0b6c02865eeb65aa16 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Fri, 8 Jan 2021 17:43:03 +0100
Subject: [PATCH 3/3] Possible resource leak fix
34. fstrm-0.6.0/libmy/argv.c:2238: alloc_fn: Storage is returned from allocation function "realloc".
35. fstrm-0.6.0/libmy/argv.c:2238: var_assign: Assigning: "argv" = storage returned from "realloc(argv, 8UL * max)".
37. fstrm-0.6.0/libmy/argv.c:2254: var_assign: Assigning: "argv_p" = "argv".
47. fstrm-0.6.0/libmy/argv.c:2229: leaked_storage: Variable "argv_p" going out of scope leaks the storage it points to.
48. fstrm-0.6.0/libmy/argv.c:2229: leaked_storage: Variable "argv" going out of scope leaks the storage it points to.
---
libmy/argv.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/libmy/argv.c b/libmy/argv.c
index 16dca73..0b28026 100644
--- a/libmy/argv.c
+++ b/libmy/argv.c
@@ -2226,7 +2226,7 @@ static void file_args(const char *path, argv_t *grid,
*argv_p = string_copy(line);
if (*argv_p == NULL) {
*okay_bp = ARGV_FALSE;
- return;
+ goto cleanup;
}
argv_p++;
@@ -2257,7 +2257,8 @@ static void file_args(const char *path, argv_t *grid,
/* now do the list */
do_list(grid, arg_c, argv, queue_list, queue_head_p, queue_tail_p, okay_bp);
-
+
+cleanup:
/* now free up the list */
for (argv_p = argv; argv_p < argv + arg_c; argv_p++) {
free(*argv_p);
--
2.26.3

26
SPECS/fstrm.spec
View File

@ -3,13 +3,23 @@
Name: fstrm
Summary: Frame Streams implementation in C
Version: 0.6.0
Release: 3%{?dist}.1
Version: 0.6.1
Release: 2%{?dist}
License: MIT
URL: https://github.com/farsightsec/fstrm
Source0: https://dl.farsightsecurity.com/dist/%{name}/%{name}-%{version}.tar.gz
# Patches to libmy library
# https://github.com/farsightsec/libmy/pull/4
Patch1: fstrm-0.6.1-Fix-deadcode-and-check-return-code.patch
Patch2: fstrm-0.6.1-Invalid-dereference.patch
Patch3: fstrm-0.6.1-Possible-resource-leak-fix.patch
Patch4: fstrm-0.6.1-Fix-CLANG_WARNING.patch
BuildRequires: autoconf automake libtool
BuildRequires: libevent-devel
# Upstream repository without a single release
# https://github.com/farsightsec/libmy
# Always included as sources copy in farsightsec projects
Provides: bundled(libmy)
%description
Frame Streams is a light weight, binary clean protocol that allows for the
@ -52,7 +62,7 @@ The fstrm-doc package contains Doxygen generated API documentation for
fstrm library.
%prep
%setup -q
%autosetup -p1
# regenerated build scripts to:
# - remove RPATHs
# - allow dynamic linking and execution of 'make check'
@ -60,12 +70,12 @@ autoreconf -fi
%build
%configure --disable-static
make %{?_smp_mflags}
%make_build
make html
%install
# install the library
make install DESTDIR=%{buildroot}
%make_install
rm %{buildroot}%{_libdir}/libfstrm.la
# install documentation
@ -104,6 +114,12 @@ make check
%doc %{_pkgdocdir}/html
%changelog
* Fri Apr 09 2021 Petr Menšík <pemensik@redhat.com> - 0.6.1-2
- Apply coverity fixes also to bundled libmy
* Thu Apr 08 2021 Petr Menšík <pemensik@redhat.com> - 0.6.1-1
- Update to 0.6.1 (#1922510)
* Wed Jan 06 2021 Petr Menšík <pemensik@redhat.com> - 0.6.0-3.1
- Rebuild for gating