diff --git a/coverity_scan.patch b/coverity_scan.patch new file mode 100644 index 0000000..90391c4 --- /dev/null +++ b/coverity_scan.patch @@ -0,0 +1,23 @@ +diff --git a/src/dh_crypto.c b/src/dh_crypto.c +index a847c6a2..1eb94307 100644 +--- a/src/dh_crypto.c ++++ b/src/dh_crypto.c +@@ -341,8 +341,16 @@ int ssh_dh_set_parameters(struct dh_ctx *ctx, + goto done; + } + +- OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_P, modulus); +- OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_G, generator); ++ rc = OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_P, modulus); ++ if (rc != 1) { ++ rc = SSH_ERROR; ++ goto done; ++ } ++ rc = OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_FFC_G, generator); ++ if (rc != 1) { ++ rc = SSH_ERROR; ++ goto done; ++ } + params = OSSL_PARAM_BLD_to_param(param_bld); + if (params == NULL) { + OSSL_PARAM_BLD_free(param_bld); diff --git a/libssh.spec b/libssh.spec index ca812e0..b1136b9 100644 --- a/libssh.spec +++ b/libssh.spec @@ -1,6 +1,6 @@ Name: libssh Version: 0.10.4 -Release: 1%{?dist} +Release: 2%{?dist} Summary: A library implementing the SSH protocol License: LGPLv2+ URL: http://www.libssh.org @@ -36,6 +36,8 @@ Provides: libssh_threads.so.4()(64bit) Provides: libssh_threads.so.4 %endif +Patch1: coverity_scan.patch + %description The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is @@ -126,6 +128,10 @@ popd %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config %changelog +* Tue Sep 27 2022 Norbert Pocs - 0.10.4-2 +- Fix coverity scan issues +- Resolves: rhbz#2130126 + * Mon Sep 19 2022 Norbert pocs - 0.10.4-1 - Rebase to version 0.10.4 - Add pkcs11 support