import libnl3-3.5.0-1.el8

This commit is contained in:
CentOS Sources 2020-04-28 05:42:43 -04:00 committed by Andrew Lukoshko
parent 2f74008188
commit 09479233ca
4 changed files with 14 additions and 243 deletions

4
.gitignore vendored
View File

@ -1,2 +1,2 @@
SOURCES/libnl-3.4.0.tar.gz
SOURCES/libnl-doc-3.4.0.tar.gz
SOURCES/libnl-3.5.0.tar.gz
SOURCES/libnl-doc-3.5.0.tar.gz

View File

@ -1,2 +1,2 @@
4fc4c3b6812dc7e68ef8acb69287583685266a0b SOURCES/libnl-3.4.0.tar.gz
96c58cb6a5490f6c68838b74f68ec1d7d9a0eb54 SOURCES/libnl-doc-3.4.0.tar.gz
54c476a3103add175a6a055fcf45c0a29d2c0948 SOURCES/libnl-3.5.0.tar.gz
e0857124974053ee7be34fbda6812b57961f0ae8 SOURCES/libnl-doc-3.5.0.tar.gz

View File

@ -1,231 +0,0 @@
From 79712feff47b2c275cf1cb1291863476ac45070a Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Thu, 8 Aug 2019 10:16:54 +0200
Subject: [PATCH 1/4] route: fix strncpy() warning from coverity about
unterminated string
Coverity says:
Error: BUFFER_SIZE_WARNING (CWE-120): [#def1]
libnl-3.4.0/lib/route/cls/ematch/text.c:94: buffer_size_warning: Calling strncpy with a maximum size argument of 16 bytes on destination array "t->cfg.algo" of size 16 bytes might leave the destination string unterminated.
# 92| struct text_data *t = rtnl_ematch_data(e);
# 93|
# 94|-> strncpy(t->cfg.algo, algo, sizeof(t->cfg.algo));
# 95| }
# 96|
Error: BUFFER_SIZE_WARNING (CWE-120): [#def11]
libnl-3.4.0/lib/xfrm/sa.c:1192: buffer_size_warning: Calling strncpy with a maximum size argument of 64 bytes on destination array "auth->alg_name" of size 64 bytes might leave the destination string unterminated.
# 1190| }
# 1191|
# 1192|-> strncpy(auth->alg_name, tmpl->auth->alg_name, sizeof(auth->alg_name));
# 1193| auth->alg_key_len = tmpl->auth->alg_key_len;
# 1194| memcpy(auth->alg_key, tmpl->auth->alg_key, (tmpl->auth->alg_key_len + 7) / 8);
(cherry picked from commit f6f163d68e756d7ee69b93b0ccb4ab24f9764f77)
---
lib/route/cls/ematch/text.c | 1 +
lib/xfrm/sa.c | 1 +
2 files changed, 2 insertions(+)
diff --git a/lib/route/cls/ematch/text.c b/lib/route/cls/ematch/text.c
index b14c4abb92a7..12a1e747b48a 100644
--- a/lib/route/cls/ematch/text.c
+++ b/lib/route/cls/ematch/text.c
@@ -92,6 +92,7 @@ void rtnl_ematch_text_set_algo(struct rtnl_ematch *e, const char *algo)
struct text_data *t = rtnl_ematch_data(e);
strncpy(t->cfg.algo, algo, sizeof(t->cfg.algo));
+ t->cfg.algo[sizeof(t->cfg.algo) - 1] = '\0';
}
char *rtnl_ematch_text_get_algo(struct rtnl_ematch *e)
diff --git a/lib/xfrm/sa.c b/lib/xfrm/sa.c
index 995df9fd9769..15a3661a9699 100644
--- a/lib/xfrm/sa.c
+++ b/lib/xfrm/sa.c
@@ -1190,6 +1190,7 @@ static int build_xfrm_sa_message(struct xfrmnl_sa *tmpl, int cmd, int flags, str
}
strncpy(auth->alg_name, tmpl->auth->alg_name, sizeof(auth->alg_name));
+ auth->alg_name[sizeof(auth->alg_name) - 1] = '\0';
auth->alg_key_len = tmpl->auth->alg_key_len;
memcpy(auth->alg_key, tmpl->auth->alg_key, (tmpl->auth->alg_key_len + 7) / 8);
if (nla_put(msg, XFRMA_ALG_AUTH, len, auth) < 0) {
--
2.21.0
From d7b51a8a3d2f0ac0e2c306a77bdf479f64154d43 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Thu, 8 Aug 2019 10:38:12 +0200
Subject: [PATCH 2/4] link/sriov: fix memleak in rtnl_link_sriov_clone()
Found by Coverity.
(cherry picked from commit f1a085994a78a69abcd583d682b9850bc20ed482)
---
lib/route/link/sriov.c | 24 ++++++++++++++++++------
1 file changed, 18 insertions(+), 6 deletions(-)
diff --git a/lib/route/link/sriov.c b/lib/route/link/sriov.c
index 5c20ecff68f6..2a87cfe5ff3f 100644
--- a/lib/route/link/sriov.c
+++ b/lib/route/link/sriov.c
@@ -109,8 +109,10 @@ int rtnl_link_sriov_clone(struct rtnl_link *dst, struct rtnl_link *src) {
if (s_vf->ce_mask & SRIOV_ATTR_ADDR) {
vf_addr = nl_addr_clone(s_vf->vf_lladdr);
- if (!vf_addr)
+ if (!vf_addr) {
+ rtnl_link_vf_put(d_vf);
return -NLE_NOMEM;
+ }
d_vf->vf_lladdr = vf_addr;
}
@@ -120,8 +122,10 @@ int rtnl_link_sriov_clone(struct rtnl_link *dst, struct rtnl_link *src) {
err = rtnl_link_vf_vlan_alloc(&dst_vlans,
src_vlans->size);
- if (err < 0)
+ if (err < 0) {
+ rtnl_link_vf_put(d_vf);
return err;
+ }
dst_vlan_info = dst_vlans->vlans;
memcpy(dst_vlans, src_vlans, sizeof(nl_vf_vlans_t));
memcpy(dst_vlan_info, src_vlan_info,
@@ -558,8 +562,10 @@ int rtnl_link_sriov_parse_vflist(struct rtnl_link *link, struct nlattr **tb) {
vf_data->vf_lladdr = nl_addr_build(AF_LLC,
vf_lladdr->mac, 6);
- if (vf_data->vf_lladdr == NULL)
+ if (vf_data->vf_lladdr == NULL) {
+ rtnl_link_vf_put(vf_data);
return -NLE_NOMEM;
+ }
nl_addr_set_family(vf_data->vf_lladdr, AF_LLC);
vf_data->ce_mask |= SRIOV_ATTR_ADDR;
}
@@ -576,8 +582,10 @@ int rtnl_link_sriov_parse_vflist(struct rtnl_link *link, struct nlattr **tb) {
err = rtnl_link_vf_vlan_info(list_len, vf_vlan_info,
&vf_vlans);
- if (err < 0)
+ if (err < 0) {
+ rtnl_link_vf_put(vf_data);
return err;
+ }
vf_data->vf_vlans = vf_vlans;
vf_data->ce_mask |= SRIOV_ATTR_VLAN;
@@ -586,8 +594,10 @@ int rtnl_link_sriov_parse_vflist(struct rtnl_link *link, struct nlattr **tb) {
if (vf_vlan->vlan) {
err = rtnl_link_vf_vlan_alloc(&vf_vlans, 1);
- if (err < 0)
+ if (err < 0) {
+ rtnl_link_vf_put(vf_data);
return err;
+ }
vf_vlans->vlans[0].vf_vlan = vf_vlan->vlan;
vf_vlans->vlans[0].vf_vlan_qos = vf_vlan->qos;
@@ -649,8 +659,10 @@ int rtnl_link_sriov_parse_vflist(struct rtnl_link *link, struct nlattr **tb) {
err = nla_parse_nested(stb, IFLA_VF_STATS_MAX,
t[IFLA_VF_STATS],
sriov_stats_policy);
- if (err < 0)
+ if (err < 0) {
+ rtnl_link_vf_put(vf_data);
return err;
+ }
SET_VF_STAT(link, cur, stb,
RTNL_LINK_VF_STATS_RX_PACKETS,
--
2.21.0
From 9f910abd4b39015cfdcc78566915ed1d852c0fd1 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 27 Aug 2019 14:43:54 +0200
Subject: [PATCH 3/4] lib: accept %NULL arguments for nl_addr_cmp()
Just be more forgiving. Also, this avoids a coverity warning:
Error: FORWARD_NULL (CWE-476): [#def1]
libnl-3.4.0/lib/route/addr.c:502: var_compare_op: Comparing "a->a_peer" to null implies that "a->a_peer" might be null.
libnl-3.4.0/lib/route/addr.c:513: var_deref_model: Passing null pointer "a->a_peer" to "nl_addr_cmp", which dereferences it.
libnl-3.4.0/lib/addr.c:587:8: deref_parm: Directly dereferencing parameter "a".
# 585| int nl_addr_cmp(const struct nl_addr *a, const struct nl_addr *b)
# 586| {
# 587|-> int d = a->a_family - b->a_family;
# 588|
# 589| if (d == 0) {
https://bugzilla.redhat.com/show_bug.cgi?id=1606988
(cherry picked from commit 34708e2ef048f3788f3f2d5018735b27b156d244)
---
lib/addr.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/lib/addr.c b/lib/addr.c
index c299b402a12b..b43791d52179 100644
--- a/lib/addr.c
+++ b/lib/addr.c
@@ -584,8 +584,16 @@ int nl_addr_shared(const struct nl_addr *addr)
*/
int nl_addr_cmp(const struct nl_addr *a, const struct nl_addr *b)
{
- int d = a->a_family - b->a_family;
+ int d;
+
+ if (a == b)
+ return 0;
+ if (!a)
+ return -1;
+ if (!b)
+ return 1;
+ d = a->a_family - b->a_family;
if (d == 0) {
d = a->a_len - b->a_len;
--
2.21.0
From 0fd322bb429228a200cc7935a5b597748faaadf8 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 27 Aug 2019 14:58:35 +0200
Subject: [PATCH 4/4] lib: fix error code from nfnl_exp_build_message()
Otherwise we return success but don't actually set the output
result. This can lead to a crash, in case of out-of-memory.
Found by Coverity.
https://bugzilla.redhat.com/show_bug.cgi?id=1606988
(cherry picked from commit f3d5c44d21243d5eb59bfc2878d4977df2fd1369)
---
lib/netfilter/exp.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lib/netfilter/exp.c b/lib/netfilter/exp.c
index 24ec55f4c374..947eea0d4bcd 100644
--- a/lib/netfilter/exp.c
+++ b/lib/netfilter/exp.c
@@ -490,6 +490,8 @@ static int nfnl_exp_build_message(const struct nfnl_exp *exp, int cmd, int flags
return 0;
nla_put_failure:
+ err = -NLE_NOMEM;
+
err_out:
nlmsg_free(msg);
return err;
--
2.21.0

View File

@ -1,6 +1,6 @@
Name: libnl3
Version: 3.4.0
Release: 5%{?dist}
Version: 3.5.0
Release: 1%{?dist}
Summary: Convenience library for kernel netlink sockets
Group: Development/Libraries
License: LGPLv2
@ -13,7 +13,6 @@ Source: http://www.infradead.org/~tgr/libnl/files/libnl-%{fullversion}.tar.gz
Source1: http://www.infradead.org/~tgr/libnl/files/libnl-doc-%{fullversion}.tar.gz
#Patch1: some.patch
Patch1: 0001-fix-coverity-issues-rh1606988.patch
BuildRequires: flex bison
BuildRequires: libtool autoconf automake
@ -68,7 +67,7 @@ Requires: %{name} = %{version}-%{release}
%description -n python2-libnl3
Python 2 bindings for libnl3
%endif # with python2
%endif
%package -n python3-libnl3
Summary: libnl3 binding for Python 3
@ -98,7 +97,7 @@ CFLAGS="$RPM_OPT_FLAGS" %py3_build
%if %{with python2}
CFLAGS="$RPM_OPT_FLAGS" %py2_build
CFLAGS="$RPM_OPT_FLAGS" %py2_build
%endif # with python2
%endif
popd
%install
@ -110,7 +109,7 @@ pushd ./python/
%py3_install
%if %{with python2}
%py2_install
%endif # with python2
%endif
popd
%check
@ -120,7 +119,7 @@ pushd ./python/
%{__python3} setup.py check
%if %{with python2}
%{__python2} setup.py check
%endif # with python2
%endif
popd
%post -p /sbin/ldconfig
@ -163,7 +162,7 @@ popd
%defattr(-,root,root,-)
%{python2_sitearch}/netlink
%{python2_sitearch}/netlink-*.egg-info
%endif # with python2
%endif
%files -n python3-libnl3
%defattr(-,root,root,-)
@ -171,6 +170,9 @@ popd
%{python3_sitearch}/netlink-*.egg-info
%changelog
* Tue Nov 26 2019 Thomas Haller <thaller@redhat.com> - 3.5.0-1
- Update to 3.5.0
* Tue Aug 27 2019 Thomas Haller <thaller@redhat.com> - 3.4.0-5
- Fix issues found by coverity (rh #1606988)