From d42252d5a6345df226be328ed5193b77ae33e3c9 Mon Sep 17 00:00:00 2001 From: Than Ngo Date: Thu, 25 Nov 2021 13:36:42 +0100 Subject: [PATCH] fixed covscan issues --- opencryptoki-3.16.0-covscan.patch | 90 ------------------------------- opencryptoki.spec | 13 +++-- 2 files changed, 8 insertions(+), 95 deletions(-) delete mode 100644 opencryptoki-3.16.0-covscan.patch diff --git a/opencryptoki-3.16.0-covscan.patch b/opencryptoki-3.16.0-covscan.patch deleted file mode 100644 index 44acf4e..0000000 --- a/opencryptoki-3.16.0-covscan.patch +++ /dev/null @@ -1,90 +0,0 @@ -diff -up opencryptoki-3.16.0/usr/lib/common/key.c.me opencryptoki-3.16.0/usr/lib/common/key.c ---- opencryptoki-3.16.0/usr/lib/common/key.c.me 2021-06-17 16:51:43.353937929 +0200 -+++ opencryptoki-3.16.0/usr/lib/common/key.c 2021-06-17 18:25:58.460154709 +0200 -@@ -1621,10 +1621,10 @@ error: - free(never_extr_attr); - if (always_sens_attr) - free(always_sens_attr); -- if (trusted_attr) -+ if (wrap_trusted_attr) - free(wrap_trusted_attr); - if (trusted_attr) -- free(wrap_trusted_attr); -+ free(trusted_attr); - if (chkval_attr) - free(chkval_attr); - if (wraptmpl_attr) -@@ -2318,8 +2318,8 @@ error: - free(type_attr); - if (modulus_attr) - free(modulus_attr); -- if (public_exp_attr) -- free(public_exp_attr); -+ if (private_exp_attr) -+ free(private_exp_attr); - if (public_exp_attr) - free(public_exp_attr); - -diff -up opencryptoki-3.16.0/usr/lib/common/mech_aes.c.me opencryptoki-3.16.0/usr/lib/common/mech_aes.c ---- opencryptoki-3.16.0/usr/lib/common/mech_aes.c.me 2021-06-17 18:24:18.502746362 +0200 -+++ opencryptoki-3.16.0/usr/lib/common/mech_aes.c 2021-06-17 18:24:50.840201978 +0200 -@@ -3440,6 +3440,7 @@ CK_RV ckm_aes_key_gen(STDLL_TokData_t *t - else - memcpy(value_attr->pValue, aes_key, key_size); - free(aes_key); -+ aes_key = NULL; - - key_type_attr->type = CKA_KEY_TYPE; - key_type_attr->ulValueLen = sizeof(CK_KEY_TYPE); -diff -up opencryptoki-3.16.0/usr/lib/common/mech_des3.c.me opencryptoki-3.16.0/usr/lib/common/mech_des3.c ---- opencryptoki-3.16.0/usr/lib/common/mech_des3.c.me 2021-06-17 18:20:48.851711819 +0200 -+++ opencryptoki-3.16.0/usr/lib/common/mech_des3.c 2021-06-17 18:22:59.953601204 +0200 -@@ -2776,6 +2776,7 @@ CK_RV ckm_des3_key_gen(STDLL_TokData_t * - else - memcpy(value_attr->pValue, des_key, 3 * DES_KEY_SIZE); - free(des_key); -+ des_key = NULL; - - key_type_attr->type = CKA_KEY_TYPE; - key_type_attr->ulValueLen = sizeof(CK_KEY_TYPE); -diff -up opencryptoki-3.16.0/usr/lib/common/mech_des.c.me opencryptoki-3.16.0/usr/lib/common/mech_des.c ---- opencryptoki-3.16.0/usr/lib/common/mech_des.c.me 2021-06-17 18:23:12.251782646 +0200 -+++ opencryptoki-3.16.0/usr/lib/common/mech_des.c 2021-06-17 18:23:42.388227257 +0200 -@@ -1288,6 +1288,7 @@ CK_RV ckm_des_key_gen(STDLL_TokData_t *t - else - memcpy(value_attr->pValue, des_key, DES_KEY_SIZE); - free(des_key); -+ des_key = NULL; - - key_type_attr->type = CKA_KEY_TYPE; - key_type_attr->ulValueLen = sizeof(CK_KEY_TYPE); -diff -up opencryptoki-3.16.0/usr/lib/soft_stdll/soft_specific.c.me opencryptoki-3.16.0/usr/lib/soft_stdll/soft_specific.c -diff -up opencryptoki-3.16.0/usr/sbin/pkcsslotd/socket_server.c.me opencryptoki-3.16.0/usr/sbin/pkcsslotd/socket_server.c ---- opencryptoki-3.16.0/usr/sbin/pkcsslotd/socket_server.c.me 2021-06-17 15:23:53.205373200 +0200 -+++ opencryptoki-3.16.0/usr/sbin/pkcsslotd/socket_server.c 2021-06-17 18:20:25.490376922 +0200 -@@ -625,7 +625,6 @@ static void event_delivered(struct event - rc = admin_event_delivered(conn, event); - if (rc != 0) { - admin_hangup(conn); -- event_free(event); - } - admin_put(conn); - } else { -@@ -1247,7 +1246,7 @@ static int listener_socket_create(const - - memset(&address, 0, sizeof(struct sockaddr_un)); - address.sun_family = AF_UNIX; -- strcpy(address.sun_path, file_path); -+ snprintf(address.sun_path, sizeof(address.sun_path), "%s", file_path); - - if (bind(listener_socket, - (struct sockaddr *) &address, sizeof(struct sockaddr_un)) != 0) { -@@ -1656,7 +1655,7 @@ int init_socket_data(Slot_Mgr_Socket_t * - int socket_connection_handler(int timeout_secs) - { - struct epoll_event events[MAX_EPOLL_EVENTS]; -- int num_events, i, rc, err; -+ int num_events, i, rc = 0, err; - struct epoll_info *info; - - do { diff --git a/opencryptoki.spec b/opencryptoki.spec index d3953b7..3704e6c 100644 --- a/opencryptoki.spec +++ b/opencryptoki.spec @@ -1,24 +1,24 @@ Name: opencryptoki Summary: Implementation of the PKCS#11 (Cryptoki) specification v3.0 Version: 3.17.0 -Release: 2%{?dist} +Release: 3%{?dist} License: CPL URL: https://github.com/opencryptoki/opencryptoki Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz Source1: opencryptoki.module # https://bugzilla.redhat.com/show_bug.cgi?id=732756 Patch0: opencryptoki-3.11.0-group.patch - # bz#1373833, change tmpfiles snippets from /var/lock/* to /run/lock/* Patch1: opencryptoki-3.11.0-lockdir.patch - # add missing config file Patch2: opencryptoki-1.17.0-p11sak.patch - +# covscan +Patch3: opencryptoki-3.17.0-covscan.patch # Use --no-undefined to debug missing symbols #Patch100: %%{name}-3.2-no-undefined.patch - # upstream patches +# PIDfile below legacy directory /var/run/ +Patch300: opencryptoki-pkcsslotd-pidfile.patch Requires(pre): coreutils Requires: (selinux-policy >= 34.9-1 if selinux-policy-targeted) @@ -328,6 +328,9 @@ fi %changelog +* Thu Nov 25 2021 Than Ngo - 3.17.0-3 +- fix covscan issues + * Tue Nov 09 2021 Than Ngo - 3.17.0-2 - add missing config file p11sak_defined_attrs.conf