.gitignore

@@ -1 +1 @@
-SOURCES/libpciaccess-0.14.tar.bz2
+SOURCES/libpciaccess-0.16.tar.bz2

.libpciaccess.metadata

@@ -1 +1 @@
-f70a958bf4e744cb4ee93be64e9bc52ac05cdaeb SOURCES/libpciaccess-0.14.tar.bz2
+ffaa13f2df5f822da1089b55223b217c142ef919 SOURCES/libpciaccess-0.16.tar.bz2

SOURCES/0001-vgaarb-Check-snprintf-return-value.patch

@@ -0,0 +1,69 @@
+From c4af0f3ab992977d7fde65240a15481a1adc859c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jos=C3=A9=20Exp=C3=B3sito?= <jexposit@redhat.com>
+Date: Tue, 19 Mar 2024 13:45:19 +0100
+Subject: [PATCH] vgaarb: Check snprintf return value
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+snprintf() might return a negative value if an error occurs.
+Check its return value before using it in vgaarb_write().
+
+Signed-off-by: José Expósito <jexposit@redhat.com>
+---
+ src/common_vgaarb.c | 11 +++++++++++
+ 1 file changed, 11 insertions(+)
+
+diff --git a/src/common_vgaarb.c b/src/common_vgaarb.c
+index 515275f..a1edfab 100644
+--- a/src/common_vgaarb.c
++++ b/src/common_vgaarb.c
+@@ -238,6 +238,8 @@ pci_device_vgaarb_set_target(struct pci_device *dev)
+ 
+     len = snprintf(buf, BUFSIZE, "target PCI:%04x:%02x:%02x.%x",
+                    dev->domain, dev->bus, dev->dev, dev->func);
++    if (len < 0 || len >= BUFSIZE)
++        return -1;
+ 
+     ret = vgaarb_write(pci_sys->vgaarb_fd, buf, len);
+     if (ret)
+@@ -268,6 +270,9 @@ pci_device_vgaarb_decodes(int new_vgaarb_rsrc)
+         return 0;
+ 
+     len = snprintf(buf, BUFSIZE, "decodes %s", rsrc_to_str(new_vgaarb_rsrc));
++    if (len < 0 || len >= BUFSIZE)
++        return -1;
++
+     ret = vgaarb_write(pci_sys->vgaarb_fd, buf, len);
+     if (ret == 0)
+         dev->vgaarb_rsrc = new_vgaarb_rsrc;
+@@ -297,6 +302,8 @@ pci_device_vgaarb_lock(void)
+         return 0;
+ 
+     len = snprintf(buf, BUFSIZE, "lock %s", rsrc_to_str(dev->vgaarb_rsrc));
++    if (len < 0 || len >= BUFSIZE)
++        return -1;
+ 
+     return vgaarb_write(pci_sys->vgaarb_fd, buf, len);
+ }
+@@ -315,6 +322,8 @@ pci_device_vgaarb_trylock(void)
+         return 0;
+ 
+     len = snprintf(buf, BUFSIZE, "trylock %s", rsrc_to_str(dev->vgaarb_rsrc));
++    if (len < 0 || len >= BUFSIZE)
++        return -1;
+ 
+     return vgaarb_write(pci_sys->vgaarb_fd, buf, len);
+ }
+@@ -333,6 +342,8 @@ pci_device_vgaarb_unlock(void)
+         return 0;
+ 
+     len = snprintf(buf, BUFSIZE, "unlock %s", rsrc_to_str(dev->vgaarb_rsrc));
++    if (len < 0 || len >= BUFSIZE)
++        return -1;
+ 
+     return vgaarb_write(pci_sys->vgaarb_fd, buf, len);
+ }
+-- 
+2.44.0
+

SPECS/libpciaccess.spec

@@ -1,12 +1,8 @@
-#define gitdate 20140411
-#define gitrev  b9c068896914b4132a24839c9ef7f9fcd6282d88
-
 Name:           libpciaccess
-Version:        0.14
+Version:        0.16
-Release:        1%{?dist}
+Release:        7%{?dist}
 Summary:        PCI access library
 
-Group:          System Environment/Libraries
 License:        MIT
 URL:            https://www.x.org/
 
@@ -17,8 +13,10 @@ Source0:	https://www.x.org/archive/individual/lib/%{name}-%{version}.tar.bz2
 Source1:        make-libpciaccess-snapshot.sh
 
 Patch2:		libpciaccess-rom-size.patch
+Patch3:		0001-vgaarb-Check-snprintf-return-value.patch
 
 BuildRequires:  autoconf automake libtool pkgconfig xorg-x11-util-macros
+BuildRequires: make
 Requires:       hwdata
 
 %description
@@ -27,7 +25,6 @@ operating systems.
 
 %package devel
 Summary:        PCI access library development package
-Group:          Development/Libraries
 Requires:       %{name} = %{version}-%{release}
 Requires:       pkgconfig
 
@@ -35,8 +32,7 @@ Requires:       pkgconfig
 Development package for libpciaccess.
 
 %prep
-%setup -q -n %{name}-%{?gitdate:%{gitdate}}%{!?gitdate:%{version}}
+%autosetup -p1
-%patch2 -p1 -b .rom-size
 
 %build
 autoreconf -v --install
@@ -61,6 +57,41 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/*.la
 %{_libdir}/pkgconfig/pciaccess.pc
 
 %changelog
+* Wed Mar 20 2024 José Expósito <jexposit@redhat.com> - 0.16-7
+- Fix findings from static application security testing (SAST)
+  Resolves: https://issues.redhat.com/browse/RHEL-29753
+
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.16-6
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
+
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.16-5
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.16-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.16-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.16-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Wed Oct 30 2019 Adam Jackson <ajax@redhat.com> - 0.16-1
+- libpciaccess 0.16
+
+* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.15-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Thu Jul 11 2019 Adam Jackson <ajax@redhat.com> - 0.15-1
+- libpciaccess 0.15
+
+* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.14-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.14-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
 * Wed Apr 04 2018 Adam Jackson <ajax@redhat.com> - 0.14-1
 - libpciaccess 0.14