From d353a9beeeaa431a77fae5ff123772a45308d5bd Mon Sep 17 00:00:00 2001 From: eabdullin Date: Tue, 12 Nov 2024 10:46:17 +0000 Subject: [PATCH] import UBI libsolv-0.7.24-3.el9 --- ...rite-the-package-subdir-with-the-inf.patch | 41 +++++++++++++++++++ ...libsolv-0.7.24-static_analysis_fixes.patch | 34 +++++++++++++++ SPECS/libsolv.spec | 9 +++- 3 files changed, 83 insertions(+), 1 deletion(-) create mode 100644 SOURCES/libsolv-0.7.24-repo_conda-overwrite-the-package-subdir-with-the-inf.patch create mode 100644 SOURCES/libsolv-0.7.24-static_analysis_fixes.patch diff --git a/SOURCES/libsolv-0.7.24-repo_conda-overwrite-the-package-subdir-with-the-inf.patch b/SOURCES/libsolv-0.7.24-repo_conda-overwrite-the-package-subdir-with-the-inf.patch new file mode 100644 index 0000000..a60f345 --- /dev/null +++ b/SOURCES/libsolv-0.7.24-repo_conda-overwrite-the-package-subdir-with-the-inf.patch @@ -0,0 +1,41 @@ +From 86717630b78f015ed3e0d41aa299cdde532b9c6f Mon Sep 17 00:00:00 2001 +From: Michael Schroeder +Date: Fri, 21 Jul 2023 13:53:46 +0200 +Subject: [PATCH] repo_conda: overwrite the package subdir with the info subdir + if there is a conflict +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This is what classic conda does, so we also need to do it. +Fixes issue #529 + +Signed-off-by: Petr Písař +--- + ext/repo_conda.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/ext/repo_conda.c b/ext/repo_conda.c +index 9211cbea..356d3b11 100644 +--- a/ext/repo_conda.c ++++ b/ext/repo_conda.c +@@ -314,8 +314,16 @@ parse_package(struct parsedata *pd, struct solv_jsonparser *jp, char *kfn, char + /* if we have a global subdir make sure that it matches */ + if (subdir && pd->subdir && strcmp(subdir, pd->subdir) != 0) + { ++ /* we used to return an error here, but classic conda ++ * just overwrites the package subdir with the global ++ * subdir */ ++#if 0 + pd->error = "subdir mismatch"; + return JP_ERROR; ++#else ++ solv_free(subdir); ++ subdir = solv_strdup(pd->subdir); ++#endif + } + + if (fn || kfn) +-- +2.44.0 + diff --git a/SOURCES/libsolv-0.7.24-static_analysis_fixes.patch b/SOURCES/libsolv-0.7.24-static_analysis_fixes.patch new file mode 100644 index 0000000..d216c18 --- /dev/null +++ b/SOURCES/libsolv-0.7.24-static_analysis_fixes.patch @@ -0,0 +1,34 @@ +diff -up libsolv-0.7.24/ext/repo_rpmmd.c.orig libsolv-0.7.24/ext/repo_rpmmd.c +--- libsolv-0.7.24/ext/repo_rpmmd.c.orig 2023-04-13 10:10:14.000000000 -0400 ++++ libsolv-0.7.24/ext/repo_rpmmd.c 2024-04-08 14:00:05.923253315 -0400 +@@ -609,6 +609,8 @@ fill_cshash_from_new_solvables(struct pa + KeyValue kv; + Repokey *key; + ++ memset(&kv, 0, sizeof(kv)); ++ + for (i = pd->first; i < pool->nsolvables; i++) + { + if (pool->solvables[i].repo != pd->repo) +diff -up libsolv-0.7.24/ext/repo_susetags.c.orig libsolv-0.7.24/ext/repo_susetags.c +--- libsolv-0.7.24/ext/repo_susetags.c.orig 2023-04-13 10:10:14.000000000 -0400 ++++ libsolv-0.7.24/ext/repo_susetags.c 2024-04-08 14:00:50.560276418 -0400 +@@ -339,6 +339,7 @@ lookup_shared_id(Repodata *data, Id p, I + if (uninternalized) + { + KeyValue kv; ++ memset(&kv, 0, sizeof(kv)); + Repokey *key = repodata_lookup_kv_uninternalized(data, p, keyname, &kv); + if (!key) + return 0; +diff -up libsolv-0.7.24/ext/testcase.c.orig libsolv-0.7.24/ext/testcase.c +--- libsolv-0.7.24/ext/testcase.c.orig 2023-04-13 10:10:14.000000000 -0400 ++++ libsolv-0.7.24/ext/testcase.c 2024-04-08 14:12:49.660462318 -0400 +@@ -1497,6 +1497,7 @@ testcase_solverresult(Solver *solv, int + if ((resultflags & TESTCASE_RESULT_USERINSTALLED) != 0) + { + Queue q; ++ queue_init(&q); + solver_get_userinstalled(solv, &q, 0); + for (i = 0; i < q.count; i++) + { diff --git a/SPECS/libsolv.spec b/SPECS/libsolv.spec index e227c93..14666d3 100644 --- a/SPECS/libsolv.spec +++ b/SPECS/libsolv.spec @@ -23,7 +23,7 @@ Name: lib%{libname} Version: 0.7.24 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Package dependency solver License: BSD @@ -36,6 +36,8 @@ Patch3: 0003-Revert-Add-complex_deps-requirement-to-choice1b-test.patch Patch4: 0004-Revert-Add-more-choicerules-tests.patch Patch5: 0005-Treat-condition-both-as-positive-and-negative-litera.patch Patch6: 0006-Allow_break_arch_lock_step_on_erase.patch +Patch7: libsolv-0.7.24-static_analysis_fixes.patch +Patch8: libsolv-0.7.24-repo_conda-overwrite-the-package-subdir-with-the-inf.patch BuildRequires: cmake BuildRequires: gcc-c++ @@ -262,6 +264,11 @@ export LD_LIBRARY_PATH=%{buildroot}%{_libdir} %endif %changelog +* Tue Apr 09 2024 Petr Pisar - 0.7.24-3 +- Some static analysis fixes for unitialized structs + Resolves: RHEL-25498 +- Fix a memory leak in parse_package() of repo conda (RHEL-25496) + * Wed Jun 21 2023 Jaroslav Rohel - 0.7.24-2 - Backport Allow to break arch lock-step on erase operations (RhBug:2172288,2172292)