diff --git a/.gitignore b/.gitignore index d161ad7..439b266 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ lsscsi-0.23.tgz /lsscsi-0.28.tgz /lsscsi-0.30.tgz /lsscsi-0.31.tgz +/lsscsi-0.32.tgz diff --git a/lsscsi-0.32-fix-uninitialized-variable.patch b/lsscsi-0.32-fix-uninitialized-variable.patch new file mode 100644 index 0000000..68a295a --- /dev/null +++ b/lsscsi-0.32-fix-uninitialized-variable.patch @@ -0,0 +1,34 @@ +From db8d419ba39e4547de602ef1ff58cd97d5e1102d Mon Sep 17 00:00:00 2001 +From: Tomas Bzatek +Date: Wed, 11 Nov 2020 15:39:16 +0100 +Subject: [PATCH] fix uninitialized variable + +Error: UNINIT (CWE-457): [#def1] +lsscsi-032r164/src/lsscsi.c:3341: var_decl: Declaring variable "type" without initializer. +lsscsi-032r164/src/lsscsi.c:3586: uninit_use_in_call: Using uninitialized value "type" when calling "is_direct_access_dev". + 3584| my_strcopy(blkdir, buff, sizeof(blkdir)); + 3585| value[0] = 0; + 3586|-> if (! (is_direct_access_dev(type) && + 3587| block_scan(blkdir) && + 3588| if_directory_chdir(blkdir, ".") && +--- + src/lsscsi.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/lsscsi.c b/src/lsscsi.c +index 6544153..8a30299 100644 +--- a/src/lsscsi.c ++++ b/src/lsscsi.c +@@ -3338,7 +3338,8 @@ one_sdev_entry(const char * dir_name, const char * devname, + const struct lsscsi_opts * op) + { + bool get_wwn = false; +- int type, n, vlen; ++ int type = 0; ++ int n, vlen; + int devname_len = 13; + char buff[LMAX_DEVPATH]; + char extra[LMAX_DEVPATH]; +-- +2.26.2 + diff --git a/lsscsi.spec b/lsscsi.spec index 5b54363..2b9e213 100644 --- a/lsscsi.spec +++ b/lsscsi.spec @@ -1,11 +1,13 @@ Summary: List SCSI devices (or hosts) and associated information Name: lsscsi -Version: 0.31 -Release: 3%{?dist} +Version: 0.32 +Release: 1%{?dist} License: GPLv2+ +# official git repository: https://github.com/doug-gilbert/lsscsi Source0: http://sg.danny.cz/scsi/%{name}-%{version}.tgz URL: http://sg.danny.cz/scsi/lsscsi.html BuildRequires: gcc +Patch0: lsscsi-0.32-fix-uninitialized-variable.patch %description Uses information provided by the sysfs pseudo file system in Linux kernel @@ -19,8 +21,7 @@ Author: %prep -%autosetup -p1 - +%autosetup -p 1 -n %{name}-032r164 %build %configure @@ -38,6 +39,9 @@ Author: %changelog +* Thu Nov 12 2020 Tomas Bzatek - 0.32-1 +- Update to 0.32 upstream snapshot + * Tue Jul 28 2020 Fedora Release Engineering - 0.31-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild diff --git a/sources b/sources index 00cfef6..4a057e5 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (lsscsi-0.31.tgz) = e76a011b79657fb138e88d37ff38d83b6bbe2e28330fb621ca5972ba4ffb0131a5e67c8afeb0292c002eaf91e1b69c8f051d48849e5ed822e8705365092a53ba +SHA512 (lsscsi-0.32.tgz) = 8755e6bbdb8daaf6ab28a62c8b3a10e1f57b70590a0da03e9a8bc96954b17606444e7f5577af2b176aa06d89244d9a5dd3f91251694676ba1dac1543b3788fb9