From 76dfa08c99da7bd97bf0d4c71791c2224c4560b5 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 30 Mar 2021 14:06:07 -0400 Subject: [PATCH] import liblouis-2.6.2-21.el8 --- SOURCES/liblouis-2.6.2-coverity-fixes.patch | 72 +++++++++++++++++++-- SPECS/liblouis.spec | 8 ++- 2 files changed, 74 insertions(+), 6 deletions(-) diff --git a/SOURCES/liblouis-2.6.2-coverity-fixes.patch b/SOURCES/liblouis-2.6.2-coverity-fixes.patch index 4956f57..9847ac6 100644 --- a/SOURCES/liblouis-2.6.2-coverity-fixes.patch +++ b/SOURCES/liblouis-2.6.2-coverity-fixes.patch @@ -1,7 +1,51 @@ -diff -urN liblouis-2.6.2.old/liblouis/compileTranslationTable.c liblouis-2.6.2/liblouis/compileTranslationTable.c ---- liblouis-2.6.2.old/liblouis/compileTranslationTable.c 2014-09-02 13:19:23.000000000 +0100 -+++ liblouis-2.6.2/liblouis/compileTranslationTable.c 2019-12-05 11:57:39.794000000 +0000 -@@ -1836,6 +1823,7 @@ +diff -urN liblouis-2.6.2.new/liblouis/compileTranslationTable.c liblouis-2.6.2/liblouis/compileTranslationTable.c +--- liblouis-2.6.2.new/liblouis/compileTranslationTable.c 2020-02-25 09:58:32.322000000 +0000 ++++ liblouis-2.6.2/liblouis/compileTranslationTable.c 2020-03-02 09:20:23.017000000 +0000 +@@ -1517,9 +1517,10 @@ + } + in++; + } +- if (out >= MAXSTRING) ++ if (out >= MAXSTRING - 1) + { +- result->length = out; ++ compileError(nested, "Token too long"); ++ result->length = MAXSTRING - 1; + return 1; + } + result->chars[out++] = (widechar) ch; +@@ -1533,15 +1534,16 @@ + utf32 = ch & (0XFF - first0Bit[numBytes]); + for (k = 0; k < numBytes; k++) + { +- if (in >= MAXSTRING) ++ if (in >= MAXSTRING - 1) + break; + if (token->chars[in] < 128 || (token->chars[in] & 0x0040)) + { + compileWarning (nested, "invalid UTF-8. Assuming Latin-1."); + result->chars[out++] = token->chars[lastIn]; +- if (out >= MAXSTRING) ++ if (out >= MAXSTRING - 1) + { +- result->length = out; ++ compileError(nested, "Token too long"); ++ result->length = lastOutSize; + return 1; + } + in = lastIn + 1; +@@ -1552,8 +1554,9 @@ + if (CHARSIZE == 2 && utf32 > 0xffff) + utf32 = 0xffff; + result->chars[out++] = (widechar) utf32; +- if (out >= MAXSTRING) ++ if (out >= MAXSTRING - 1) + { ++ compileError(nested, "Token too long"); + result->length = lastOutSize; + return 1; + } +@@ -1823,6 +1826,7 @@ if (!(ch->attributes & CTC_Letter)) { compileError (nested, "a name may contain only letters"); @@ -9,7 +53,25 @@ diff -urN liblouis-2.6.2.old/liblouis/compileTranslationTable.c liblouis-2.6.2/l return 0; } nameRule->name[k] = name->chars[k]; -@@ -4193,7 +4230,7 @@ +@@ -2856,7 +2860,7 @@ + passLinepos = 0; + while (passLinepos <= endTest) + { +- if (passIC >= MAXSTRING) { ++ if (passIC >= MAXSTRING - 5) { + compileError(passNested, "Test part in multipass operand too long"); + return 0; + } +@@ -3055,7 +3059,7 @@ + while (passLinepos < passLine.length && + passLine.chars[passLinepos] > 32) + { +- if (passIC >= MAXSTRING) { ++ if (passIC >= MAXSTRING - 2) { + compileError(passNested, "Action part in multipass operand too long"); + return 0; + } +@@ -4229,7 +4233,7 @@ if (ruleDots.chars[0] == '#') ruleDots.length = ruleDots.chars[0] = 0; else if (ruleDots.chars[0] == '\\' && ruleDots.chars[1] == '#') diff --git a/SPECS/liblouis.spec b/SPECS/liblouis.spec index d38dc1b..1d01d49 100644 --- a/SPECS/liblouis.spec +++ b/SPECS/liblouis.spec @@ -12,7 +12,7 @@ Name: liblouis Version: 2.6.2 -Release: 19%{?dist} +Release: 21%{?dist} Summary: Braille translation and back-translation library Group: System Environment/Libraries @@ -233,6 +233,12 @@ fi %changelog +* Mon Mar 02 2020 David King - 2.6.2-21 +- A further Coverity fix (#1602585) + +* Thu Dec 19 2019 David King - 2.6.2-20 +- Fix buffer overruns found by Coverity (#1602585) + * Thu Dec 05 2019 David King - 2.6.2-19 - Fix two issues found by Coverity (#1602585)