Coverity-related fixes (#1938797)

Resolves: rhbz#1938797 fixup! Coverity-related fixes (#1938797)
2021-04-12 15:29:39 +02:00 · 2021-04-12 15:29:39 +02:00 · e7747488e9
commit e7747488e9
parent a084f0cb5a
2 changed files with 76 additions and 1 deletions
--- a/libtasn1-4.16-coverity.patch
+++ b/libtasn1-4.16-coverity.patch
@ -0,0 +1,70 @@
 diff -up libtasn1-4.16.0/lib/coding.c.coverity libtasn1-4.16.0/lib/coding.c
 --- libtasn1-4.16.0/lib/coding.c.coverity	2020-02-01 23:22:04.000000000 +0100
 +++ libtasn1-4.16.0/lib/coding.c	2021-04-13 17:34:34.101819976 +0200
@@ -1103,7 +1103,10 @@ asn1_der_coding (asn1_node_const element
   max_len = *len;
   if (der == NULL && max_len > 0)
 -    return ASN1_VALUE_NOT_VALID;
 +    {
 +      err = ASN1_VALUE_NOT_VALID;
 +      goto error;
 +    }
   counter = 0;
   move = DOWN;
 diff -up libtasn1-4.16.0/lib/element.c.coverity libtasn1-4.16.0/lib/element.c
 --- libtasn1-4.16.0/lib/element.c.coverity	2020-01-03 23:20:17.000000000 +0100
 +++ libtasn1-4.16.0/lib/element.c	2021-04-13 18:05:21.054820798 +0200
@@ -142,7 +142,7 @@ int
 _asn1_append_sequence_set (asn1_node node, struct node_tail_cache_st *pcache)
 {
   asn1_node p, p2;
 -  char temp[LTOSTR_MAX_SIZE];
 +  char temp[LTOSTR_MAX_SIZE+1];
   long n;
   if (!node || !(node->down))
@@ -183,7 +183,12 @@ _asn1_append_sequence_set (asn1_node nod
       n = strtol (p->name + 1, NULL, 0);
       n++;
       temp[0] = '?';
 +      if (n < 0)
 +	return ASN1_GENERIC_ERROR;
 +      /* assuming non-negative n, we have enough space in buffer */
       _asn1_ltostr (n, temp + 1);
 +      if (strlen(temp) >= LTOSTR_MAX_SIZE)
 +	return ASN1_GENERIC_ERROR;
     }
   _asn1_set_name (p2, temp);
   /*  p2->type |= CONST_OPTION; */
 diff -up libtasn1-4.16.0/lib/int.h.coverity libtasn1-4.16.0/lib/int.h
 --- libtasn1-4.16.0/lib/int.h.coverity	2020-01-03 23:20:17.000000000 +0100
 +++ libtasn1-4.16.0/lib/int.h	2021-04-13 17:34:34.101819976 +0200
@@ -213,6 +213,7 @@ void *_asn1_realloc(void *ptr, size_t si
   ret = realloc(ptr, size);
   if (ret == NULL)
     {
 +      /* cppcheck-suppress doubleFree */
       free(ptr);
     }
   return ret;
 diff -up libtasn1-4.16.0/src/asn1Coding.c.coverity libtasn1-4.16.0/src/asn1Coding.c
 --- libtasn1-4.16.0/src/asn1Coding.c.coverity	2019-07-19 19:55:08.000000000 +0200
 +++ libtasn1-4.16.0/src/asn1Coding.c	2021-04-13 17:34:34.102819982 +0200
@@ -72,13 +72,13 @@ readAssignment (FILE * file, char *varNa
   int ret;
 -  ret = fscanf (file, "%s", varName);
 +  ret = fscanf (file, "%1023s", varName);
   if (ret == EOF)
     return ASSIGNMENT_EOF;
   if (!strcmp (varName, "''"))
     varName[0] = 0;
 -  ret = fscanf (file, "%s", value);
 +  ret = fscanf (file, "%1023s", value);
   if (ret == EOF)
     return ASSIGNMENT_ERROR;
--- a/libtasn1.spec
+++ b/libtasn1.spec
@ -1,7 +1,7 @@
 Summary:	The ASN.1 library used in GNUTLS
 Name:		libtasn1
 Version:	4.16.0
-Release:	4%{?dist}
+Release:	5%{?dist}
 # The libtasn1 library is LGPLv2+, utilities are GPLv3+
 License:	GPLv3+ and LGPLv2+
@ -10,6 +10,7 @@ Source0:	http://ftp.gnu.org/gnu/libtasn1/%name-%version.tar.gz
 Source1:	http://ftp.gnu.org/gnu/libtasn1/%name-%version.tar.gz.sig
 Source2:	gpgkey-1F42418905D8206AA754CCDC29EE58B996865171.gpg
 Patch1:		libtasn1-3.4-rpath.patch
 Patch200:	libtasn1-4.16-coverity.patch
 BuildRequires:	gnupg2
 BuildRequires:	gcc
@ -55,6 +56,7 @@ gpgv2 --keyring %{SOURCE2} %{SOURCE1} %{SOURCE0}
 %setup -q
 %patch1 -p1 -b .rpath
 %patch200 -p1 -b .coverity
 %build
 autoreconf -v -f --install
@ -93,6 +95,9 @@ make check
 %changelog
 * Mon Apr 12 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 4.16.0-5
 - Coverity-related fixes (#1938797)
 * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 4.16.0-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild