From 6cf81b6aa40aded0c0e6c26fe10f76d9854920c3 Mon Sep 17 00:00:00 2001 From: Vitezslav Crhonek Date: Tue, 21 May 2024 10:45:04 +0200 Subject: [PATCH] Initialize variable to avoid possible uninitialized use Resolves: RHEL-31795 --- kbd-2.4.0-initialize-variable.patch | 12 ++++++++++++ kbd.spec | 9 ++++++++- 2 files changed, 20 insertions(+), 1 deletion(-) create mode 100644 kbd-2.4.0-initialize-variable.patch diff --git a/kbd-2.4.0-initialize-variable.patch b/kbd-2.4.0-initialize-variable.patch new file mode 100644 index 0000000..6aa001d --- /dev/null +++ b/kbd-2.4.0-initialize-variable.patch @@ -0,0 +1,12 @@ +diff -up kbd-2.4.0/src/libkfont/setfont.c.orig kbd-2.4.0/src/libkfont/setfont.c +--- kbd-2.4.0/src/libkfont/setfont.c.orig 2020-06-01 17:53:08.000000000 +0200 ++++ kbd-2.4.0/src/libkfont/setfont.c 2024-04-16 11:04:00.455262477 +0200 +@@ -270,7 +270,7 @@ kfont_load_fonts(struct kfont_context *c + unsigned char *inbuf, *fontbuf, *bigfontbuf; + unsigned int inputlth, fontbuflth, fontsize, height, width, bytewidth; + unsigned int bigfontbuflth, bigfontsize, bigheight, bigwidth; +- unsigned char *ptr; ++ unsigned char *ptr = NULL; + struct unicode_list *uclistheads; + struct kbdfile *fp = NULL; + int i; diff --git a/kbd.spec b/kbd.spec index 4396437..0c3c245 100644 --- a/kbd.spec +++ b/kbd.spec @@ -5,7 +5,7 @@ Name: kbd Version: 2.4.0 -Release: 9%{?dist} +Release: 10%{?dist} Summary: Tools for configuring the console (keyboard, virtual terminals, etc.) License: GPLv2+ URL: http://www.kbd-project.org/ @@ -38,6 +38,8 @@ Patch7: kbd-2.0.4-covscan-fixes.patch Patch8: kbd-2.4.0-covscan-fixes.patch # Patch9: fixes setfont exit code, bz 1947953 Patch9: kbd-2.4.0-setfont-exit-code.patch +# Patch10: initializes variable (SAST) +Patch10: kbd-2.4.0-initialize-variable.patch BuildRequires: gcc, bison, flex, gettext, pam-devel, check-devel, automake BuildRequires: console-setup, xkeyboard-config @@ -85,6 +87,7 @@ cp -fp %{SOURCE6} . %patch7 -p1 -b .covscan-fixes %patch8 -p1 -b .covscan-fixes-pt2 %patch9 -p1 -b .setfont-exit-code +%patch10 -p1 -b .initialize-variable aclocal autoconf @@ -197,6 +200,10 @@ make check %{kbd_datadir}/keymaps/legacy %changelog +* Tue May 21 2024 Vitezslav Crhonek - 2.4.0-10 +- Initialize variable to avoid possible uninitialized use + Resolves: RHEL-31795 + * Mon Apr 17 2023 Vitezslav Crhonek - 2.4.0-9 - Require kbd-legacy in main kbd package again Resolves: #2139165