fix: ifenslave defects reported by SAST

Resolves: RHEL-38975

.gitignore

@@ -1,26 +1,6 @@
-iputils-s20100418.tar.bz2
-ifenslave.tar.gz
-/iputils-s20101006.tar.bz2
+/iputils-*/
 /ifenslave.tar.gz
-/iputils-s20121011.tar.bz2
-/iputils-s20121106.tar.bz2
-/iputils-s20121112.tar.bz2
-/iputils-s20121121.tar.bz2
-/iputils-s20121125.tar.bz2
-/iputils-s20121205.tar.bz2
-/iputils-s20121207.tar.bz2
-/iputils-s20121221.tar.bz2
-/iputils-s20140519.tar.gz
-/iputils-s20150815.tar.gz
-/iputils-s20160308.tar.gz
-/iputils-s20161105.tar.gz
-/iputils-s20180629.tar.gz
-/iputils-s20190324.tar.gz
-/iputils-s20190515.tar.gz
-/iputils-s20200821.tar.gz
-/iputils-20210202.tar.gz
-/iputils-20210722.tar.gz
-/iputils-20211215.tar.gz
-/iputils-20221126.tar.gz
-/iputils-20231222.tar.gz
-/iputils-20240117.tar.gz
+/iputils-*.tar.gz
+/iputils-*src.rpm
+/iputils-*.rpm
+

102-iputils-ifenslave-CWE-170-2.patch

@@ -0,0 +1,154 @@
+From bea19fd9a86dd2c601681ff2ef4a9c1afab1e34d Mon Sep 17 00:00:00 2001
+From: Jan Macku <jamacku@redhat.com>
+Date: Tue, 8 Jun 2021 15:41:58 +0200
+Subject: [PATCH] ifenslave: fix CWE-170: Improper Null Termination
+
+Resolves: #1938746
+---
+ ifenslave.c | 43 +++++++++++++++++++++++++++----------------
+ 1 file changed, 27 insertions(+), 16 deletions(-)
+
+diff --git a/ifenslave.c b/ifenslave.c
+index 1efe4f1..59bce4c 100644
+--- a/ifenslave.c
++++ b/ifenslave.c
+@@ -619,7 +619,7 @@ static int get_drv_info(char *master_ifname)
+ 	char *endptr;
+ 
+ 	memset(&ifr, 0, sizeof(ifr));
+-	strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ);
++	strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ - 1);
+ 	ifr.ifr_data = (caddr_t)&info;
+ 
+ 	info.cmd = ETHTOOL_GDRVINFO;
+@@ -664,8 +664,9 @@ static int change_active(char *master_ifname, char *slave_ifname)
+ 		return 1;
+ 	}
+ 
+-	strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ);
+-	strncpy(ifr.ifr_slave, slave_ifname, IFNAMSIZ);
++	memset(&ifr, 0, sizeof(ifr));
++	strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ - 1);
++	strncpy(ifr.ifr_slave, slave_ifname, IFNAMSIZ - 1);
+ 	if ((ioctl(skfd, SIOCBONDCHANGEACTIVE, &ifr) < 0) &&
+ 	    (ioctl(skfd, BOND_CHANGE_ACTIVE_OLD, &ifr) < 0)) {
+ 		saved_errno = errno;
+@@ -806,8 +807,9 @@ static int enslave(char *master_ifname, char *slave_ifname)
+ 	}
+ 
+ 	/* Do the real thing */
+-	strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ);
+-	strncpy(ifr.ifr_slave, slave_ifname, IFNAMSIZ);
++	memset(&ifr, 0, sizeof(ifr));
++	strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ - 1);
++	strncpy(ifr.ifr_slave, slave_ifname, IFNAMSIZ - 1);
+ 	if ((ioctl(skfd, SIOCBONDENSLAVE, &ifr) < 0) &&
+ 	    (ioctl(skfd, BOND_ENSLAVE_OLD, &ifr) < 0)) {
+ 		saved_errno = errno;
+@@ -847,8 +849,9 @@ static int release(char *master_ifname, char *slave_ifname)
+ 		return 1;
+ 	}
+ 
+-	strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ);
+-	strncpy(ifr.ifr_slave, slave_ifname, IFNAMSIZ);
++	memset(&ifr, 0, sizeof(ifr));
++	strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ - 1);
++	strncpy(ifr.ifr_slave, slave_ifname, IFNAMSIZ - 1);
+ 	if ((ioctl(skfd, SIOCBONDRELEASE, &ifr) < 0) &&
+ 	    (ioctl(skfd, BOND_RELEASE_OLD, &ifr) < 0)) {
+ 		saved_errno = errno;
+@@ -880,7 +883,8 @@ static int get_if_settings(char *ifname, struct dev_ifr ifra[])
+ 	int res = 0;
+ 
+ 	for (i = 0; ifra[i].req_ifr; i++) {
+-		strncpy(ifra[i].req_ifr->ifr_name, ifname, IFNAMSIZ);
++		strncpy(ifra[i].req_ifr->ifr_name, ifname, IFNAMSIZ - 1);
++		ifra[i].req_ifr->ifr_name[IFNAMSIZ - 1] = '\0';
+ 		res = ioctl(skfd, ifra[i].req_type, ifra[i].req_ifr);
+ 		if (res < 0) {
+ 			saved_errno = errno;
+@@ -899,7 +903,8 @@ static int get_slave_flags(char *slave_ifname)
+ {
+ 	int res = 0;
+ 
+-	strncpy(slave_flags.ifr_name, slave_ifname, IFNAMSIZ);
++	strncpy(slave_flags.ifr_name, slave_ifname, IFNAMSIZ - 1);
++	slave_flags.ifr_name[IFNAMSIZ - 1] = '\0';
+ 	res = ioctl(skfd, SIOCGIFFLAGS, &slave_flags);
+ 	if (res < 0) {
+ 		saved_errno = errno;
+@@ -919,7 +924,8 @@ static int set_master_hwaddr(char *master_ifname, struct sockaddr *hwaddr)
+ 	struct ifreq ifr;
+ 	int res = 0;
+ 
+-	strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ);
++	memset(&ifr, 0, sizeof(ifr));
++	strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ - 1);
+ 	memcpy(&(ifr.ifr_hwaddr), hwaddr, sizeof(struct sockaddr));
+ 	res = ioctl(skfd, SIOCSIFHWADDR, &ifr);
+ 	if (res < 0) {
+@@ -943,7 +949,8 @@ static int set_slave_hwaddr(char *slave_ifname, struct sockaddr *hwaddr)
+ 	struct ifreq ifr;
+ 	int res = 0;
+ 
+-	strncpy(ifr.ifr_name, slave_ifname, IFNAMSIZ);
++	memset(&ifr, 0, sizeof(ifr));
++	strncpy(ifr.ifr_name, slave_ifname, IFNAMSIZ - 1);
+ 	memcpy(&(ifr.ifr_hwaddr), hwaddr, sizeof(struct sockaddr));
+ 	res = ioctl(skfd, SIOCSIFHWADDR, &ifr);
+ 	if (res < 0) {
+@@ -980,8 +987,9 @@ static int set_slave_mtu(char *slave_ifname, int mtu)
+ 	struct ifreq ifr;
+ 	int res = 0;
+ 
++	memset(&ifr, 0, sizeof(ifr));
+ 	ifr.ifr_mtu = mtu;
+-	strncpy(ifr.ifr_name, slave_ifname, IFNAMSIZ);
++	strncpy(ifr.ifr_name, slave_ifname, IFNAMSIZ - 1);
+ 
+ 	res = ioctl(skfd, SIOCSIFMTU, &ifr);
+ 	if (res < 0) {
+@@ -1000,8 +1008,9 @@ static int set_if_flags(char *ifname, short flags)
+ 	struct ifreq ifr;
+ 	int res = 0;
+ 
++	memset(&ifr, 0, sizeof(ifr));
+ 	ifr.ifr_flags = flags;
+-	strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
++	strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
+ 
+ 	res = ioctl(skfd, SIOCSIFFLAGS, &ifr);
+ 	if (res < 0) {
+@@ -1030,7 +1039,8 @@ static int clear_if_addr(char *ifname)
+ 	struct ifreq ifr;
+ 	int res = 0;
+ 
+-	strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
++	memset(&ifr, 0, sizeof(ifr));
++	strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
+ 	ifr.ifr_addr.sa_family = AF_INET;
+ 	memset(ifr.ifr_addr.sa_data, 0, sizeof(ifr.ifr_addr.sa_data));
+ 
+@@ -1065,8 +1075,9 @@ static int set_if_addr(char *master_ifname, char *slave_ifname)
+ 		{NULL, NULL, 0, 0},
+ 	};
+ 
++	memset(&ifr, 0, sizeof(ifr));
+ 	for (i = 0; ifra[i].req_name; i++) {
+-		strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ);
++		strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ - 1);
+ 		res = ioctl(skfd, ifra[i].g_ioctl, &ifr);
+ 		if (res < 0) {
+ 			int saved_errno = errno;
+@@ -1080,7 +1091,7 @@ static int set_if_addr(char *master_ifname, char *slave_ifname)
+ 			       sizeof(ifr.ifr_addr.sa_data));
+ 		}
+ 
+-		strncpy(ifr.ifr_name, slave_ifname, IFNAMSIZ);
++		strncpy(ifr.ifr_name, slave_ifname, IFNAMSIZ - 1);
+ 		res = ioctl(skfd, ifra[i].s_ioctl, &ifr);
+ 		if (res < 0) {
+ 			int saved_errno = errno;
+-- 
+2.31.1
+

iputils.spec

@@ -3,7 +3,7 @@
 Summary: Network monitoring tools including ping
 Name: iputils
 Version: 20240117
-Release: 4%{?dist}
+Release: 5%{?dist}
 # some parts are under the original BSD (ping.c)
 # some are under GPLv2+ (tracepath.c)
 License: BSD-4-Clause-UC AND GPL-2.0-or-later
@@ -15,8 +15,9 @@ Source1: ifenslave.tar.gz
 Source4: bsd.txt
 Source5: https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
 
-Patch100: iputils-ifenslave.patch
-Patch101: iputils-ifenslave-CWE-170.patch
+Patch100: 100-iputils-ifenslave.patch
+Patch101: 101-iputils-ifenslave-CWE-170.patch
+Patch102: 102-iputils-ifenslave-CWE-170-2.patch
 
 BuildRequires: gcc
 BuildRequires: meson
@@ -85,6 +86,9 @@ install -cp ifenslave.8 ${RPM_BUILD_ROOT}%{_mandir}/man8/
 %attr(644,root,root) %{_mandir}/man8/ifenslave.8*
 
 %changelog
+* Tue May 28 2024 Jan Macku <jamacku@redhat.com> - 20240117-5
+- Fix ifenslave defects detected by Coverity
+
 * Sun Feb 11 2024 Kevin Fenzi <kevin@scrye.com> - 20240117-4
 - Fix sources. Fixes rhbz#2263028