fix static analysis findings (RHEL-44993)

Resolves: RHEL-44993
2024-08-06 15:50:23 +02:00 · 2024-08-06 15:50:23 +02:00 · 2a6dcaaac0
commit 2a6dcaaac0
parent 511630eda3
5 changed files with 64 additions and 3 deletions
--- a/gating.yaml
+++ b/gating.yaml
@ -0,0 +1,8 @@
+--- !Policy
+product_versions:
+  - rhel-10
+decision_context: osci_compose_gate
+rules:
+  - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}
+
+
--- a/libpng-1.6.40-fix_sast.patch
+++ b/libpng-1.6.40-fix_sast.patch
@ -0,0 +1,12 @@
+diff -up libpng-1.6.40/pngrutil.c.fix_sast libpng-1.6.40/pngrutil.c
+--- libpng-1.6.40/pngrutil.c.fix_sast	2024-08-06 15:35:51.789156138 +0200
+++ libpng-1.6.40/pngrutil.c	2024-08-06 15:35:51.816156415 +0200
+@@ -1815,7 +1815,7 @@ png_handle_sPLT(png_structrp png_ptr, pn
+ void /* PRIVATE */
+ png_handle_tRNS(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length)
+ {
+-   png_byte readbuf[PNG_MAX_PALETTE_LENGTH];
+   png_byte readbuf[PNG_MAX_PALETTE_LENGTH] = {0};
+ 
+    png_debug(1, "in png_handle_tRNS");
+ 
--- a/libpng.spec
+++ b/libpng.spec
@ -4,7 +4,7 @@ Summary:       A library of functions for manipulating PNG image format files
 Name:          libpng
 Epoch:         2
 Version:       1.6.40
-Release:       4%{?dist}
+Release:       5%{?dist}
 License:       zlib
 URL:           http://www.libpng.org/pub/png/

@ -12,6 +12,8 @@ Source0:       https://github.com/glennrp/%{name}/archive/v%{version}/%{name}-%{
 Source1:       pngusr.dfa
 Patch0:        libpng-multilib.patch
 Patch1:        libpng-fix-arm-neon.patch
+# fix static analysis findings, RHEL-44993
+Patch2:        libpng-1.6.40-fix_sast.patch

 BuildRequires: gcc
 BuildRequires: zlib-devel
@ -62,8 +64,9 @@ The libpng-tools package contains tools used by the authors of libpng.
 # Provide pngusr.dfa for build.
 cp -p %{SOURCE1} .

-%patch0 -p1
-%patch1 -p1 -b .arm
+%patch -P 0 -p1
+%patch -P 1 -p1 -b .arm
+%patch -P 2 -p1 -b .fix_sast

 %build
 autoreconf -vif
@ -104,6 +107,9 @@ make check
 %{_bindir}/pngfix

 %changelog
+* Tue Aug 06 2024 Michal Hlavinka <mhlavink@redhat.com> - 2:1.6.40-5
+- fix static analysis findings (RHEL-44993)
+
 * Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 2:1.6.40-4
 - Bump release for June 2024 mass rebuild

--- a/plans/.fmf/version
+++ b/plans/.fmf/version
@ -0,0 +1 @@
+1
--- a/plans/tier1.fmf
+++ b/plans/tier1.fmf
@ -0,0 +1,34 @@
+---
+
+summary: Tier1 plan for libpng
+
+discover:
+  how: fmf
+  url: https://pkgs.devel.redhat.com/git/tests/libpng
+  ref: master
+  filter: tier:1
+
+prepare:
+  - how: shell
+    script: |
+      set -euxo pipefail
+
+      ENABLE_REPO_CMD="yum-config-manager --enable"
+      if command -v dnf >/dev/null 2>&1; then
+        ENABLE_REPO_CMD="dnf config-manager --set-enabled"
+      fi
+
+      ${ENABLE_REPO_CMD} beaker-tasks || :
+  - how: shell
+    script: |
+        set -exuo pipefail
+
+        if [[ -f /etc/os-release ]]; then
+          . /etc/os-release
+          if [[ "${ID:-}" == "rhel" && "${VERSION_ID%%.*}" -ge 8 ]]; then
+            dnf config-manager --enable rhel-CRB
+          fi
+        fi
+
+execute:
+  how: tmt