Fix issues discovered by static analysis

Apply a patch that fixes a reported issue:
 - v33~1 "libkmod: avoid undefined behaviour in libkmod-builtin.c:get_string"

* 0001-libkmod-avoid-undefined-behaviour-in-libkmod-builtin.patch: New
file.
* kmod.spec (Release): Bump to 8.
(Patch2): New patch.
(%changelog): New record.

Resolves: RHEL-44931
Signed-off-by: Eugene Syromiatnikov <esyr@redhat.com>

0001-libkmod-avoid-undefined-behaviour-in-libkmod-builtin.patch

@@ -0,0 +1,44 @@
+From 5c22362b6b97af9c6b7587f0c3450001e9893115 Mon Sep 17 00:00:00 2001
+From: Eugene Syromiatnikov <esyr@redhat.com>
+Date: Tue, 13 Aug 2024 16:17:27 +0200
+Subject: [PATCH] libkmod: avoid undefined behaviour in
+ libkmod-builtin.c:get_string
+
+Static analysis has reported a potential UB:
+
+    kmod-31/libkmod/libkmod-builtin.c:125: use_invalid: Using "nullp", which points to an out-of-scope variable "buf".
+    #  123|   	size_t linesz = 0;
+    #  124|
+    #  125|-> 	while (!nullp) {
+    #  126|   		char buf[BUFSIZ];
+    #  127|   		ssize_t sz;
+
+It seems to be indeed an UB, as nullp is getting assined an address
+inside object buf, which has a lifetime of the while loop body,
+and is not available outside of it (specifically, in the while
+condition, where nullp is checked for NULL).  Fix it by putting
+buf definition in the outer block.
+---
+ libkmod/libkmod-builtin.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libkmod/libkmod-builtin.c b/libkmod/libkmod-builtin.c
+index fd0f549..40a7d61 100644
+--- a/libkmod/libkmod-builtin.c
++++ b/libkmod/libkmod-builtin.c
+@@ -105,11 +105,11 @@ static off_t get_string(struct kmod_builtin_iter *iter, off_t offset,
+ 			char **line, size_t *size)
+ {
+ 	int sv_errno;
++	char buf[BUFSIZ];
+ 	char *nullp = NULL;
+ 	size_t linesz = 0;
+ 
+ 	while (!nullp) {
+-		char buf[BUFSIZ];
+ 		ssize_t sz;
+ 		size_t partsz;
+ 
+-- 
+2.13.6
+

kmod.spec

@@ -16,7 +16,7 @@
 
 Name:		kmod
 Version:	31
-Release:	7%{?dist}
+Release:	8%{?dist}
 Summary:	Linux kernel module management utilities
 
 # https://docs.fedoraproject.org/en-US/legal/license-field/#_no_effective_license_analysis
@@ -67,7 +67,10 @@ URL:		https://git.kernel.org/pub/scm/utils/kernel/kmod/kmod.git
 Source0:	https://www.kernel.org/pub/linux/utils/kernel/kmod/%{name}-%{version}.tar.xz
 Source1:	weak-modules
 Source2:	depmod.conf.dist
-Patch1: 	kmod-tip.patch
+Patch1:		kmod-tip.patch
+# v33~1 "libkmod: avoid undefined behaviour in libkmod-builtin.c:get_string"
+Patch2:		0001-libkmod-avoid-undefined-behaviour-in-libkmod-builtin.patch
+
 Exclusiveos:	Linux
 
 BuildRequires:  gcc
@@ -193,6 +196,10 @@ install -m 0644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/depmod.d/dist.conf
 %{_libdir}/libkmod.so
 
 %changelog
+* Thu Aug 15 2024 Eugene Syromiatnikov <esyr@redhat.com> - 31-8
+- Fix issues discovered by static analysis
+- Resolves: RHEL-44931
+
 * Mon Aug 12 2024 Eugene Syromiatnikov <esyr@redhat.com> - 31-7
 - weak-modules: use either zcat or xzcat based on symvers file extension
 - Resolves: RHEL-39388