fix static analyzer issues CWE-686-398

Resolves: #1938760
2021-08-05 15:19:30 +02:00 · 2021-08-05 15:19:30 +02:00 · 8f9ea1097d
commit 8f9ea1097d
parent aeef6efe4b
2 changed files with 62 additions and 2 deletions
--- a/db-5.3.28-fix-CWE-686-398.patch
+++ b/db-5.3.28-fix-CWE-686-398.patch
@ -0,0 +1,54 @@
+This patch fixes: CWE-686,CWE-398
+
+diff -ur db-5.3.28/src/log/log_verify_int.c new/src/log/log_verify_int.c
+--- db-5.3.28/src/log/log_verify_int.c	2013-09-09 17:35:08.000000000 +0200
+++ new/src/log/log_verify_int.c	2021-08-05 13:33:06.378608924 +0200
+@@ -433,9 +433,9 @@
+ 		putflag = DB_CURRENT;
+ 		doput = 1;
+ 	}
+    if (doput)
+        ret = __dbc_put(csr, &key, &data, putflag);
+ 
+-	if (doput && (ret = __dbc_put(csr, &key, &data, putflag)) != 0)
+-		goto err;
+ err:
+ 	if (csr != NULL && (tret = __dbc_close(csr)) != 0 && ret == 0)
+ 		ret = tret;
+diff -ur db-5.3.28/src/log/log_verify_util.c new/src/log/log_verify_util.c
+--- db-5.3.28/src/log/log_verify_util.c	2013-09-09 17:35:08.000000000 +0200
+++ new/src/log/log_verify_util.c	2021-08-04 15:10:07.900854238 +0200
+@@ -2140,8 +2140,7 @@
+ 	for (ret = __dbc_pget(csr, &key, &data2, &data, DB_SET); ret == 0;
+ 	    ret = __dbc_pget(csr, &key, &data2, &data, DB_NEXT_DUP))
+ 		BDBOP(__db_put(pdb, lvh->ip, NULL, &data2, &key2, 0));
+-	if ((ret = __del_txn_pages(lvh, ctxn)) != 0 && ret != DB_NOTFOUND)
+-		goto err;
+    ret = __del_txn_pages(lvh, ctxn);
+ err:
+ 	if (csr != NULL && (tret = __dbc_close(csr)) != 0 && ret == 0)
+ 		ret = tret;
+diff -ur db-5.3.28/src/rep/rep_backup.c new/src/rep/rep_backup.c
+--- db-5.3.28/src/rep/rep_backup.c	2013-09-09 17:35:09.000000000 +0200
+++ new/src/rep/rep_backup.c	2021-08-04 14:47:51.967782566 +0200
+@@ -542,8 +542,6 @@
+ 
+ 	ret = __memp_fput(dbp->mpf, ip, pagep, dbc->priority);
+ 	pagep = NULL;
+-	if (ret != 0)
+-		goto err;
+ err:
+ 	/*
+ 	 * Check status of pagep in case any new error paths out leave
+diff -ur db-5.3.28/util/db_dump185.c new/util/db_dump185.c
+--- db-5.3.28/util/db_dump185.c	2013-09-09 17:35:12.000000000 +0200
+++ new/util/db_dump185.c	2021-08-04 14:45:37.592794678 +0200
+@@ -19,7 +19,7 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+-
+#include <unistd.h>
+ #ifdef HAVE_DB_185_H
+ #include <db_185.h>
+ #else
--- a/libdb.spec
+++ b/libdb.spec
@ -5,7 +5,7 @@
 Summary: The Berkeley DB database library for C
 Name: libdb
 Version: 5.3.28
-Release: 49%{?dist}
+Release: 50%{?dist}
 Source0: http://download.oracle.com/berkeley-db/db-%{version}.tar.gz
 Source1: http://download.oracle.com/berkeley-db/db.1.85.tar.gz
 # For mt19937db.c
@ -56,7 +56,8 @@ Patch38: libdb-limit-cpu.patch
 Patch39: libdb-5.3.21-trickle_cpu.patch
 # cve-2019-2708 fixed by mmuzila
 Patch40: db-5.3.28_cve-2019-2708.patch
-
+# Downstream covscan patch
+Patch41: db-5.3.28-fix-CWE-686-398.patch

 URL: http://www.oracle.com/database/berkeley-db/
 License: BSD and LGPLv2 and Sleepycat
@ -227,6 +228,7 @@ popd
 %patch38 -p1
 %patch39 -p1
 %patch40 -p1 -b .cve-2019-2708
+%patch41 -p1

 cd dist
 ./s_config
@ -388,6 +390,10 @@ mv man/* ${RPM_BUILD_ROOT}%{_mandir}/man1
 %{_includedir}/%{name}/dbsql.h

 %changelog
+* Thu Aug 05 2021 Filip Januš <fjanus@redhat.com> - 5.3.28-50
+- fix static analyzer issues CWE-686-398
+- Resolves: #1938760
+
 * Mon Jul 12 2021 Filip Januš <fjanus@redhat.com> - 5.3.28-49
 - Rebuild due to glibc
 - Resolves: #1980975