diff --git a/gdbm-1.17-entry-validation.patch b/gdbm-1.17-entry-validation.patch new file mode 100644 index 0000000..c1b5dd8 --- /dev/null +++ b/gdbm-1.17-entry-validation.patch @@ -0,0 +1,27 @@ +From 64ef7e827406f91d31bffdcad9f4b8aaad1f874c Mon Sep 17 00:00:00 2001 +From: Sergey Poznyakoff +Date: Sun, 19 Aug 2018 06:50:22 +0000 +Subject: Fix directory entry validation. + +Bug reported by Miroslav Lichvar and Marek Skalický + +* src/bucket.c (gdbm_dir_entry_valid_p): Fix lower limit for +the allowed bucket address. Initial allocation of second block +for the directory can be eventually returned to the available +list when the directory is expanded during bucket splitting. +--- +diff --git a/src/bucket.c b/src/bucket.c +index 0597965..3d267e2 100644 +--- a/src/bucket.c ++++ b/src/bucket.c +@@ -54,7 +54,7 @@ gdbm_dir_entry_valid_p (GDBM_FILE dbf, int dir_index) + { + return dir_index >= 0 + && dir_index < GDBM_DIR_COUNT (dbf) +- && dbf->dir[dir_index] >= 2*dbf->header->block_size; ++ && dbf->dir[dir_index] >= dbf->header->block_size; + } + + /* Find a bucket for DBF that is pointed to by the bucket directory from +-- +cgit v0.9.0.3 diff --git a/gdbm.spec b/gdbm.spec index a84e5fa..aa8d487 100644 --- a/gdbm.spec +++ b/gdbm.spec @@ -3,7 +3,7 @@ Summary: A GNU set of database routines which use extensible hashing Name: gdbm Version: 1.17 -Release: 1%{?dist} +Release: 2%{?dist} Epoch: 1 License: GPLv3+ URL: http://www.gnu.org/software/gdbm/ @@ -17,6 +17,9 @@ Source: http://ftp.gnu.org/gnu/gdbm/gdbm-%{version}.tar.gz # NOTE-WARNING file doesn't contain distro dependent largefile note now #Patch1: gdbm-1.10-fedora.patch +# https://puszcza.gnu.org.ua/bugs/?402 +Patch2: gdbm-1.17-entry-validation.patch + BuildRequires: gcc BuildRequires: libtool BuildRequires: gettext @@ -56,6 +59,7 @@ gdbm database library. You'll also need to install the gdbm package. %prep %setup -q +%patch2 -p1 %build %configure \ @@ -122,6 +126,9 @@ fi %{_mandir}/man3/* %changelog +* Tue Aug 21 2018 mskalick@redhat.com - 1:1.17-2 +- Fix directory entry validation - fails qsf test suite + * Tue Aug 07 2018 mskalick@redhat.com - 1:1.17-1 - Rebase to upstream release 1.17