diff --git a/opensc-gcc11.patch b/opensc-gcc11.patch new file mode 100644 index 0000000..0f41d60 --- /dev/null +++ b/opensc-gcc11.patch @@ -0,0 +1,17 @@ +diff --git a/src/tools/opensc-explorer.c b/src/tools/opensc-explorer.c +index 41e620a..57f8a79 100644 +--- a/src/tools/opensc-explorer.c ++++ b/src/tools/opensc-explorer.c +@@ -1839,6 +1839,12 @@ static int do_apdu(int argc, char **argv) + if (argc < 1) + return usage(do_apdu); + ++ /* gcc-11 complains about BUF potentially being used without being ++ initialized. I can't convince myself that the calls to ++ parse_string_or_hexdata will fully initialize it, so we just ++ initialize it here. */ ++ memset (buf, 0, sizeof (buf)); ++ + /* loop over the args and parse them, making sure the result fits into buf[] */ + for (i = 0, len = 0; i < (unsigned) argc && len < sizeof(buf); i++) { + size_t len0 = sizeof(buf) - len; diff --git a/opensc.spec b/opensc.spec index 4328a7f..a85c6f8 100644 --- a/opensc.spec +++ b/opensc.spec @@ -3,7 +3,7 @@ Name: opensc Version: 0.20.0 -Release: 8%{?dist} +Release: 9%{?dist} Summary: Smart card library and applications License: LGPLv2+ @@ -19,6 +19,7 @@ Patch2: opensc-0.20.0-no-common.patch Patch3: opensc-0.20.0-cardos.patch # https://github.com/OpenSC/OpenSC/commit/8551e84d Patch4: opensc-0.20.0-lto-build.patch +Patch5: %{name}-gcc11.patch BuildRequires: pcsc-lite-devel BuildRequires: readline-devel @@ -58,6 +59,7 @@ every software/card that does so, too. %patch2 -p1 -b .no-common %patch3 -p1 -b .cardos %patch4 -p1 -b .lto-build +%patch5 -p1 -b .gcc11 cp %{SOURCE2} tests/ # The test-pkcs11-tool-allowed-mechanisms already works in Fedora @@ -208,6 +210,9 @@ rm %{buildroot}%{_mandir}/man1/opensc-notify.1* %changelog +* Fri Oct 30 2020 Jeff Law - 0.20.0-9 +- Fix potentially uninitialized array reference exposed by gcc-11 + * Wed Aug 19 2020 Igor Raits - 0.20.0-8 - Drop useless ldconfig scriptlets