rpms/i2c-tools
7
0
Fork 0
Code Issues Pull Requests Releases Activity

4.1

Browse Source
This commit is contained in:
Peter Robinson 2019-02-04 12:41:49 +00:00
parent 698ce55cc4
commit b846478407
6 changed files with 8 additions and 309 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
0001-i2c-tools-i2cbusses-Avoid-buffer-overflows-in-sysfs-.patch
View File

@ -1,66 +0,0 @@
From def2845efacab3a3973fb0218ac5077a162f8f1e Mon Sep 17 00:00:00 2001
From: Jean Delvare <jdelvare@suse.de>
Date: Thu, 2 Nov 2017 16:17:50 +0100
Subject: [PATCH 1/3] i2c-tools: i2cbusses: Avoid buffer overflows in sysfs
paths
sprintf isn't safe, use snprintf instead.
---
CHANGES | 3 +++
tools/i2cbusses.c | 10 +++++-----
2 files changed, 8 insertions(+), 5 deletions(-)
diff --git a/CHANGES b/CHANGES
index 15ff761..539adb0 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,9 @@
i2c-tools CHANGES
-----------------
+master
+ tools: Fix potential buffer overflows in i2cbusses
+
4.0 (2017-10-30)
tools: Fix build with recent compilers (gcc 4.6+)
Add examples to the manual pages
diff --git a/tools/i2cbusses.c b/tools/i2cbusses.c
index dad22ea..cb78cc7 100644
--- a/tools/i2cbusses.c
+++ b/tools/i2cbusses.c
@@ -220,18 +220,18 @@ struct i2c_adap *gather_i2c_busses(void)
/* this should work for kernels 2.6.5 or higher and */
/* is preferred because is unambiguous */
- sprintf(n, "%s/%s/name", sysfs, de->d_name);
+ snprintf(n, NAME_MAX, "%s/%s/name", sysfs, de->d_name);
f = fopen(n, "r");
/* this seems to work for ISA */
if(f == NULL) {
- sprintf(n, "%s/%s/device/name", sysfs, de->d_name);
+ snprintf(n, NAME_MAX, "%s/%s/device/name", sysfs, de->d_name);
f = fopen(n, "r");
}
/* non-ISA is much harder */
/* and this won't find the correct bus name if a driver
has more than one bus */
if(f == NULL) {
- sprintf(n, "%s/%s/device", sysfs, de->d_name);
+ snprintf(n, NAME_MAX, "%s/%s/device", sysfs, de->d_name);
if(!(ddir = opendir(n)))
continue;
while ((dde = readdir(ddir)) != NULL) {
@@ -240,8 +240,8 @@ struct i2c_adap *gather_i2c_busses(void)
if (!strcmp(dde->d_name, ".."))
continue;
if ((!strncmp(dde->d_name, "i2c-", 4))) {
- sprintf(n, "%s/%s/device/%s/name",
- sysfs, de->d_name, dde->d_name);
+ snprintf(n, NAME_MAX, "%s/%s/device/%s/name",
+ sysfs, de->d_name, dde->d_name);
if((f = fopen(n, "r")))
goto found;
}
--
2.14.3

104
0001-libi2c-Mention-the-correct-license-in-source-files.patch
View File

@ -1,104 +0,0 @@
From fbd988b4fa3d008c5fd210a66834d1305de41f6c Mon Sep 17 00:00:00 2001
From: Jean Delvare <jdelvare@suse.de>
Date: Fri, 3 Aug 2018 13:54:26 +0200
Subject: [PATCH] libi2c: Mention the correct license in source files
The libi2c library is released under the LGPL, not GPL, as explained
in the README file and documented in lib/Module.mk. Thanks to
Aurelien Jarno for pointing out the inconsistency.
A little bit of history:
The code started its life two decades ago as part of the lm-sensors
project, which was released as a whole under the GPL originally,
including the library part (libsensors).
In 2007, I decided to split the i2c tools, which are not specific
to sensor devices, to a separate package.
In 2009, as I was working on lm-sensors v3, I contacted all the
original authors to get their approval to release the upcoming and all
future versions of libsensors as LGPL instead, to allow wider
adoption. The proposal was accepted by all original authors.
In 2012, I decided to turn the inlined i2c_smbus_* helper functions
into a proper library, with the intent to release it under the LGPL,
as is the common practice for libraries. As the authors of this code
is a subset of the authors of libsensors, I assumed their agreement
for libsensors could be extended to libi2c as well. This is the
reason why LGPL is mentioned in README and lib/Module.mk.
Unfortunately, when working on the library code itself, I forgot to
update the comments in the source files. Let's fix them now.
Signed-off-by: Jean Delvare <jdelvare@suse.de>
---
include/i2c/smbus.h | 21 ++++++---------------
lib/smbus.c | 16 +++-------------
2 files changed, 9 insertions(+), 28 deletions(-)
diff --git a/include/i2c/smbus.h b/include/i2c/smbus.h
index 18a5305..3003ed7 100644
--- a/include/i2c/smbus.h
+++ b/include/i2c/smbus.h
@@ -1,23 +1,14 @@
/*
smbus.h - SMBus level access helper functions
- Copyright (C) 1995-97 Simon G. Vogl
- Copyright (C) 1998-99 Frodo Looijaard <frodol@dds.nl>
+ Copyright (C) 1995-1997 Simon G. Vogl
+ Copyright (C) 1998-1999 Frodo Looijaard <frodol@dds.nl>
+ Copyright (C) 2012-2017 Jean Delvare <jdelvare@suse.de>
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ This library is free software; you can redistribute it and/or modify
+ it under the terms of the GNU Lesser General Public License as published
+ by the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
- MA 02110-1301 USA.
*/
#ifndef LIB_I2C_SMBUS_H
diff --git a/lib/smbus.c b/lib/smbus.c
index 3a2c45a..df5a5ad 100644
--- a/lib/smbus.c
+++ b/lib/smbus.c
@@ -5,20 +5,10 @@
Copyright (C) 1998-1999 Frodo Looijaard <frodol@dds.nl>
Copyright (C) 2012-2013 Jean Delvare <jdelvare@suse.de>
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ This library is free software; you can redistribute it and/or modify
+ it under the terms of the GNU Lesser General Public License as published
+ by the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
- MA 02110-1301 USA.
*/
#include <errno.h>
--
2.14.4

87
0002-tools-i2cbusses-Check-the-return-value-of-snprintf.patch
View File

@ -1,87 +0,0 @@
From d062793e7aebde3ffee796dfd4180716632ae444 Mon Sep 17 00:00:00 2001
From: Jean Delvare <jdelvare@suse.de>
Date: Wed, 8 Nov 2017 22:17:43 +0100
Subject: [PATCH 2/3] tools: i2cbusses: Check the return value of snprintf
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
It's very unlikely that these paths will ever be truncated, but
better safe than sorry.
Suggested by Uwe Kleine-König.
---
tools/i2cbusses.c | 34 ++++++++++++++++++++++++++++------
1 file changed, 28 insertions(+), 6 deletions(-)
diff --git a/tools/i2cbusses.c b/tools/i2cbusses.c
index cb78cc7..41f5b6b 100644
--- a/tools/i2cbusses.c
+++ b/tools/i2cbusses.c
@@ -137,7 +137,7 @@ struct i2c_adap *gather_i2c_busses(void)
FILE *f;
char fstype[NAME_MAX], sysfs[NAME_MAX], n[NAME_MAX];
int foundsysfs = 0;
- int count=0;
+ int len, count = 0;
struct i2c_adap *adapters;
adapters = calloc(BUNCH, sizeof(struct i2c_adap));
@@ -220,18 +220,32 @@ struct i2c_adap *gather_i2c_busses(void)
/* this should work for kernels 2.6.5 or higher and */
/* is preferred because is unambiguous */
- snprintf(n, NAME_MAX, "%s/%s/name", sysfs, de->d_name);
+ len = snprintf(n, NAME_MAX, "%s/%s/name", sysfs, de->d_name);
+ if (len >= NAME_MAX) {
+ fprintf(stderr, "%s: path truncated\n", n);
+ continue;
+ }
f = fopen(n, "r");
/* this seems to work for ISA */
if(f == NULL) {
- snprintf(n, NAME_MAX, "%s/%s/device/name", sysfs, de->d_name);
+ len = snprintf(n, NAME_MAX, "%s/%s/device/name", sysfs,
+ de->d_name);
+ if (len >= NAME_MAX) {
+ fprintf(stderr, "%s: path truncated\n", n);
+ continue;
+ }
f = fopen(n, "r");
}
/* non-ISA is much harder */
/* and this won't find the correct bus name if a driver
has more than one bus */
if(f == NULL) {
- snprintf(n, NAME_MAX, "%s/%s/device", sysfs, de->d_name);
+ len = snprintf(n, NAME_MAX, "%s/%s/device", sysfs,
+ de->d_name);
+ if (len >= NAME_MAX) {
+ fprintf(stderr, "%s: path truncated\n", n);
+ continue;
+ }
if(!(ddir = opendir(n)))
continue;
while ((dde = readdir(ddir)) != NULL) {
@@ -240,8 +254,16 @@ struct i2c_adap *gather_i2c_busses(void)
if (!strcmp(dde->d_name, ".."))
continue;
if ((!strncmp(dde->d_name, "i2c-", 4))) {
- snprintf(n, NAME_MAX, "%s/%s/device/%s/name",
- sysfs, de->d_name, dde->d_name);
+ len = snprintf(n, NAME_MAX,
+ "%s/%s/device/%s/name",
+ sysfs, de->d_name,
+ dde->d_name);
+ if (len >= NAME_MAX) {
+ fprintf(stderr,
+ "%s: path truncated\n",
+ n);
+ continue;
+ }
if((f = fopen(n, "r")))
goto found;
}
--
2.14.3

34
0003-py-smbus-Fix-FSF-address-in-smbusmodule.c.patch
View File

@ -1,34 +0,0 @@
From 066cc543547c7675a67f24b1281954619d300652 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Fri, 24 Nov 2017 10:40:01 +0100
Subject: [PATCH 3/3] py-smbus: Fix FSF address in smbusmodule.c
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The Free Software Foundation address was outdated. Discovered by
Fedora's rpmlint. The current address can be found at:
https://www.gnu.org/licenses/old-licenses/gpl-2.0.html#SEC4
Signed-off-by: Ondřej Lysoněk <olysonek@redhat.com>
---
py-smbus/smbusmodule.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/py-smbus/smbusmodule.c b/py-smbus/smbusmodule.c
index 48a408b..b189106 100644
--- a/py-smbus/smbusmodule.c
+++ b/py-smbus/smbusmodule.c
@@ -13,7 +13,8 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02110-1301, USA.
*/
#include <Python.h>
--
2.14.3

24
i2c-tools.spec
View File

@ -11,21 +11,13 @@
%endif %endif
Name: i2c-tools Name: i2c-tools
Version: 4.0 Version: 4.1
Release: 13%{?dist} Release: 1%{?dist}
Summary: A heterogeneous set of I2C tools for Linux Summary: A heterogeneous set of I2C tools for Linux
License: GPLv2+ License: GPLv2+
URL: https://i2c.wiki.kernel.org/index.php/I2C_Tools URL: https://i2c.wiki.kernel.org/index.php/I2C_Tools
Source0: https://www.kernel.org/pub/software/utils/i2c-tools/%{name}-%{version}.tar.xz Source0: https://www.kernel.org/pub/software/utils/i2c-tools/%{name}-%{version}.tar.xz
# Upstream patch
Patch0: 0001-i2c-tools-i2cbusses-Avoid-buffer-overflows-in-sysfs-.patch
# Upstream patch
Patch1: 0002-tools-i2cbusses-Check-the-return-value-of-snprintf.patch
# Upstream patch
Patch2: 0003-py-smbus-Fix-FSF-address-in-smbusmodule.c.patch
# Upstream patch fixing license headers of libi2c
Patch3: 0001-libi2c-Mention-the-correct-license-in-source-files.patch
# for /etc/udev/makedev.d resp /usr/lib/modprobe.d ownership # for /etc/udev/makedev.d resp /usr/lib/modprobe.d ownership
Requires: systemd-udev kmod Requires: systemd-udev kmod
@ -115,11 +107,7 @@ Obsoletes: i2c-tools-devel < 4.0-1
%{summary}. %{summary}.
%prep %prep
%setup -q %autosetup -p1
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
%build %build
make CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS" BUILD_STATIC_LIB=0 EXTRA=eeprog make CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS" BUILD_STATIC_LIB=0 EXTRA=eeprog
@ -137,7 +125,7 @@ popd
%install %install
make install DESTDIR=$RPM_BUILD_ROOT prefix=%{_prefix} BUILD_STATIC_LIB=0 \ make install DESTDIR=$RPM_BUILD_ROOT PREFIX=%{_prefix} BUILD_STATIC_LIB=0 \
EXTRA=eeprog libdir=%{_libdir} EXTRA=eeprog libdir=%{_libdir}
install -m 755 eepromer/{eepromer,eeprom} \ install -m 755 eepromer/{eepromer,eeprom} \
$RPM_BUILD_ROOT%{_sbindir} $RPM_BUILD_ROOT%{_sbindir}
@ -225,8 +213,10 @@ exit 0
%{_includedir}/i2c/smbus.h %{_includedir}/i2c/smbus.h
%{_libdir}/libi2c.so %{_libdir}/libi2c.so
%changelog %changelog
* Mon Feb 4 2019 Peter Robinson <pbrobinson@fedoraproject.org> 4.1-1
- Version 4.1
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 4.0-13 * Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 4.0-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

2
sources
View File

@ -1 +1 @@
SHA512 (i2c-tools-4.0.tar.xz) = ddf86c357c101388193581bc40285089e6ab5e8d870f8aa5d594acc7ecb8596fbd30501e147b88bdea0200b1be88bc0a374356c188d1bcb067bf8e254e3dc51e SHA512 (i2c-tools-4.1.tar.xz) = 83262bcfd94c2adf74517cc50095dd78221fa4d16a62397245d4a538de7463272abf4f6727024be8ab1ca8ecbfe647af85ba2a553e5b5e68a53e50dfcad20248