diff --git a/libtasn1-4.16-coverity.patch b/libtasn1-4.16-coverity.patch new file mode 100644 index 0000000..6ce90f4 --- /dev/null +++ b/libtasn1-4.16-coverity.patch @@ -0,0 +1,70 @@ +diff -up libtasn1-4.16.0/lib/coding.c.coverity libtasn1-4.16.0/lib/coding.c +--- libtasn1-4.16.0/lib/coding.c.coverity 2020-02-01 23:22:04.000000000 +0100 ++++ libtasn1-4.16.0/lib/coding.c 2021-04-13 17:34:34.101819976 +0200 +@@ -1103,7 +1103,10 @@ asn1_der_coding (asn1_node_const element + max_len = *len; + + if (der == NULL && max_len > 0) +- return ASN1_VALUE_NOT_VALID; ++ { ++ err = ASN1_VALUE_NOT_VALID; ++ goto error; ++ } + + counter = 0; + move = DOWN; +diff -up libtasn1-4.16.0/lib/element.c.coverity libtasn1-4.16.0/lib/element.c +--- libtasn1-4.16.0/lib/element.c.coverity 2020-01-03 23:20:17.000000000 +0100 ++++ libtasn1-4.16.0/lib/element.c 2021-04-13 18:05:21.054820798 +0200 +@@ -142,7 +142,7 @@ int + _asn1_append_sequence_set (asn1_node node, struct node_tail_cache_st *pcache) + { + asn1_node p, p2; +- char temp[LTOSTR_MAX_SIZE]; ++ char temp[LTOSTR_MAX_SIZE+1]; + long n; + + if (!node || !(node->down)) +@@ -183,7 +183,12 @@ _asn1_append_sequence_set (asn1_node nod + n = strtol (p->name + 1, NULL, 0); + n++; + temp[0] = '?'; ++ if (n < 0) ++ return ASN1_GENERIC_ERROR; ++ /* assuming non-negative n, we have enough space in buffer */ + _asn1_ltostr (n, temp + 1); ++ if (strlen(temp) >= LTOSTR_MAX_SIZE) ++ return ASN1_GENERIC_ERROR; + } + _asn1_set_name (p2, temp); + /* p2->type |= CONST_OPTION; */ +diff -up libtasn1-4.16.0/lib/int.h.coverity libtasn1-4.16.0/lib/int.h +--- libtasn1-4.16.0/lib/int.h.coverity 2020-01-03 23:20:17.000000000 +0100 ++++ libtasn1-4.16.0/lib/int.h 2021-04-13 17:34:34.101819976 +0200 +@@ -213,6 +213,7 @@ void *_asn1_realloc(void *ptr, size_t si + ret = realloc(ptr, size); + if (ret == NULL) + { ++ /* cppcheck-suppress doubleFree */ + free(ptr); + } + return ret; +diff -up libtasn1-4.16.0/src/asn1Coding.c.coverity libtasn1-4.16.0/src/asn1Coding.c +--- libtasn1-4.16.0/src/asn1Coding.c.coverity 2019-07-19 19:55:08.000000000 +0200 ++++ libtasn1-4.16.0/src/asn1Coding.c 2021-04-13 17:34:34.102819982 +0200 +@@ -72,13 +72,13 @@ readAssignment (FILE * file, char *varNa + + int ret; + +- ret = fscanf (file, "%s", varName); ++ ret = fscanf (file, "%1023s", varName); + if (ret == EOF) + return ASSIGNMENT_EOF; + if (!strcmp (varName, "''")) + varName[0] = 0; + +- ret = fscanf (file, "%s", value); ++ ret = fscanf (file, "%1023s", value); + if (ret == EOF) + return ASSIGNMENT_ERROR; + diff --git a/libtasn1.spec b/libtasn1.spec index 95d56b1..40c6d52 100644 --- a/libtasn1.spec +++ b/libtasn1.spec @@ -1,7 +1,7 @@ Summary: The ASN.1 library used in GNUTLS Name: libtasn1 Version: 4.16.0 -Release: 4%{?dist} +Release: 5%{?dist} # The libtasn1 library is LGPLv2+, utilities are GPLv3+ License: GPLv3+ and LGPLv2+ @@ -10,6 +10,7 @@ Source0: http://ftp.gnu.org/gnu/libtasn1/%name-%version.tar.gz Source1: http://ftp.gnu.org/gnu/libtasn1/%name-%version.tar.gz.sig Source2: gpgkey-1F42418905D8206AA754CCDC29EE58B996865171.gpg Patch1: libtasn1-3.4-rpath.patch +Patch200: libtasn1-4.16-coverity.patch BuildRequires: gnupg2 BuildRequires: gcc @@ -55,6 +56,7 @@ gpgv2 --keyring %{SOURCE2} %{SOURCE1} %{SOURCE0} %setup -q %patch1 -p1 -b .rpath +%patch200 -p1 -b .coverity %build autoreconf -v -f --install @@ -93,6 +95,9 @@ make check %changelog +* Mon Apr 12 2021 Dmitry Belyavskiy - 4.16.0-5 +- Coverity-related fixes (#1938797) + * Tue Jan 26 2021 Fedora Release Engineering - 4.16.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild