diff --git a/0001-import-Don-t-call-unlink-NULL.patch b/0001-import-Don-t-call-unlink-NULL.patch deleted file mode 100644 index 264027a..0000000 --- a/0001-import-Don-t-call-unlink-NULL.patch +++ /dev/null @@ -1,53 +0,0 @@ -From ab1b0bf0f3611b556627f42e5accb1063acd91cc Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= -Date: Mon, 20 May 2019 14:19:01 +0200 -Subject: [PATCH 1/3] import: Don't call unlink(NULL) -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Although `man 3 unlink` doesn't mention what should be the unlink() -behaviour when NULL is passed to it, both coverity and clang complains -about that. - -Error: FORWARD_NULL (CWE-476): -osinfo-db-tools-1.5.0/tools/osinfo-db-import.c:157: var_compare_op: -Comparing "*source_file" to null implies that "*source_file" might be -null. -osinfo-db-tools-1.5.0/tools/osinfo-db-import.c:181: var_deref_model: -Passing null pointer "*source_file" to "unlink", which dereferences it. - # 179| g_error_free(err); - # 180| if (ret != 0) - # 181|-> unlink(*source_file); - # 182| - # 183| return ret; - -Error: CLANG_WARNING: -osinfo-db-tools-1.5.0/tools/osinfo-db-import.c:181:9: warning: Null -pointer passed as an argument to a 'nonnull' parameter - # unlink(*source_file); - # ^ - -Signed-off-by: Fabiano Fidêncio -Reviewed-by: Cole Robinson -(cherry picked from commit 07be7309d830419c27ec65c76905d1e23219f480) ---- - tools/osinfo-db-import.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tools/osinfo-db-import.c b/tools/osinfo-db-import.c -index 920f71b..11e68ae 100644 ---- a/tools/osinfo-db-import.c -+++ b/tools/osinfo-db-import.c -@@ -177,7 +177,7 @@ osinfo_db_import_download_file(GFile *file, - g_object_unref(out); - if (err != NULL) - g_error_free(err); -- if (ret != 0) -+ if (ret != 0 && *source_file != NULL) - unlink(*source_file); - - return ret; --- -2.21.0 - diff --git a/0002-export-Remove-unused-variable.patch b/0002-export-Remove-unused-variable.patch deleted file mode 100644 index 7ef64ee..0000000 --- a/0002-export-Remove-unused-variable.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 125f04cb6d742fb13f691cfbff54437014a399bd Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= -Date: Mon, 20 May 2019 14:25:34 +0200 -Subject: [PATCH 2/3] export: Remove unused variable -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -err is declared, set to NULL, but never used in -osinfo_db_export_create(). - -Error: DEADCODE (CWE-561): -osinfo-db-tools-1.5.0/tools/osinfo-db-export.c:410: assignment: -Assigning: "err" = "NULL". -osinfo-db-tools-1.5.0/tools/osinfo-db-export.c:448: null: At condition -"err", the value of "err" must be "NULL". -osinfo-db-tools-1.5.0/tools/osinfo-db-export.c:448: dead_error_condition: -The condition "err" cannot be true. -osinfo-db-tools-1.5.0/tools/osinfo-db-export.c:449: dead_error_line: -Execution cannot reach this statement: "g_error_free(err);". -osinfo-db-tools-1.5.0/tools/osinfo-db-export.c:449: effectively_constant: -Local variable "err" is assigned only once, to a constant value, making -it effectively constant throughout its scope. If this is not the intent, -examine the logic to see if there is a missing assigment that would make -"err" not remain constant. - # 447| archive_write_free(arc); - # 448| if (err) - # 449|-> g_error_free(err); - # 450| return ret; - # 451| } - -Signed-off-by: Fabiano Fidêncio -Reviewed-by: Cole Robinson -(cherry picked from commit 2d747c637c78c000002f97880436d94cc08a6b5c) ---- - tools/osinfo-db-export.c | 3 --- - 1 file changed, 3 deletions(-) - -diff --git a/tools/osinfo-db-export.c b/tools/osinfo-db-export.c -index 3137e1d..eef6688 100644 ---- a/tools/osinfo-db-export.c -+++ b/tools/osinfo-db-export.c -@@ -407,7 +407,6 @@ static int osinfo_db_export_create(const gchar *prefix, - struct archive *arc; - int ret = -1; - int r; -- GError *err = NULL; - - arc = archive_write_new(); - -@@ -445,8 +444,6 @@ static int osinfo_db_export_create(const gchar *prefix, - ret = 0; - cleanup: - archive_write_free(arc); -- if (err) -- g_error_free(err); - return ret; - } - --- -2.21.0 - diff --git a/0003-validate-Don-t-leak-files.patch b/0003-validate-Don-t-leak-files.patch deleted file mode 100644 index 4f1c8d9..0000000 --- a/0003-validate-Don-t-leak-files.patch +++ /dev/null @@ -1,36 +0,0 @@ -From f4f65ea3e895eaab87af049300d2d69ba3d51c9f Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= -Date: Mon, 20 May 2019 14:28:22 +0200 -Subject: [PATCH 3/3] validate: Don't leak "files" -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Error: CLANG_WARNING: -osinfo-db-tools-1.5.0/tools/osinfo-db-validate.c:319:9: warning: -Potential leak of memory pointed to by 'files' - # g_printerr("%s\n", error->message); - # ^ - -Signed-off-by: Fabiano Fidêncio -Reviewed-by: Cole Robinson -(cherry picked from commit 7ac63b928df3f445ede81cac0ade0ed6d810c3cb) ---- - tools/osinfo-db-validate.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/tools/osinfo-db-validate.c b/tools/osinfo-db-validate.c -index 0e28e1c..7fd87d2 100644 ---- a/tools/osinfo-db-validate.c -+++ b/tools/osinfo-db-validate.c -@@ -327,6 +327,7 @@ gint main(gint argc, gchar **argv) - g_object_unref(schema); - if (dir) - g_object_unref(dir); -+ g_free(files); - g_clear_error(&error); - g_option_context_free(context); - --- -2.21.0 - diff --git a/0004-import-Don-t-call-unlink-NULL-in-_import_extract.patch b/0004-import-Don-t-call-unlink-NULL-in-_import_extract.patch deleted file mode 100644 index 2f0d1f3..0000000 --- a/0004-import-Don-t-call-unlink-NULL-in-_import_extract.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 66cdd50832a99e175079bfb36a321fd9499c6f0e Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= -Date: Wed, 22 May 2019 18:06:28 +0200 -Subject: [PATCH] import: Don't call unlink(NULL) in _import_extract() -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Similarly to the issue fixed by ae52b0fbc, here we're also potentially -passing NULL to unlink(). - -Error: FORWARD_NULL (CWE-476): -osinfo-db-tools-1.5.0/tools/osinfo-db-import.c:332: var_compare_op: Comparing "source_file" to null implies that "source_file" might be null. -osinfo-db-tools-1.5.0/tools/osinfo-db-import.c:374: var_deref_model: Passing null pointer "source_file" to "unlink", which dereferences it. - # 372| g_object_unref(file); - # 373| if (!file_is_native) - # 374|-> unlink(source_file); - # 375| g_free(source_file); - # 376| return ret; - -Signed-off-by: Fabiano Fidêncio -Reviewed-by: Cole Robinson -(cherry picked from commit 69eb33ad4207c76c0738bfa00b40c97892bab0ad) ---- - tools/osinfo-db-import.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tools/osinfo-db-import.c b/tools/osinfo-db-import.c -index 11e68ae..675961d 100644 ---- a/tools/osinfo-db-import.c -+++ b/tools/osinfo-db-import.c -@@ -370,7 +370,7 @@ static int osinfo_db_import_extract(GFile *target, - archive_read_free(arc); - if (file) - g_object_unref(file); -- if (!file_is_native) -+ if (!file_is_native && source_file != NULL) - unlink(source_file); - g_free(source_file); - return ret; --- -2.21.0 - diff --git a/osinfo-db-tools.spec b/osinfo-db-tools.spec index 683ac5d..80abe19 100644 --- a/osinfo-db-tools.spec +++ b/osinfo-db-tools.spec @@ -2,17 +2,13 @@ Summary: Tools for managing the osinfo database Name: osinfo-db-tools -Version: 1.5.0 -Release: 3%{?dist} +Version: 1.6.0 +Release: 1%{?dist} License: GPLv2+ Source: https://releases.pagure.io/libosinfo/%{name}-%{version}.tar.gz URL: http://libosinfo.org/ ### Patches ### -Patch0001: 0001-import-Don-t-call-unlink-NULL.patch -Patch0002: 0002-export-Remove-unused-variable.patch -Patch0003: 0003-validate-Don-t-leak-files.patch -Patch0004: 0004-import-Don-t-call-unlink-NULL-in-_import_extract.patch BuildRequires: gcc BuildRequires: gettext-devel @@ -21,12 +17,12 @@ BuildRequires: glib2-devel BuildRequires: libxml2-devel >= 2.6.0 BuildRequires: libxslt-devel >= 1.0.0 BuildRequires: libarchive-devel +BuildRequires: libsoup-devel BuildRequires: json-glib-devel BuildRequires: /usr/bin/pod2man BuildRequires: python3 BuildRequires: python3-pytest BuildRequires: python3-requests -Requires: gvfs %description This package provides tools for managing the osinfo database of @@ -64,6 +60,9 @@ fi %{_mandir}/man1/osinfo-db-validate.1* %changelog +* Fri Jul 26 2019 Fabiano Fidêncio - 1.6.0-1 +- Update to 1.6.0 release + * Thu Jul 25 2019 Fedora Release Engineering - 1.5.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild diff --git a/sources b/sources index 254c331..2550cea 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (osinfo-db-tools-1.5.0.tar.gz) = baa42086ae13365e463064f0313228ec79d785a863b72c396d2a24d35496420d17ea09191629663c8c67ec46f3168f256ff50896053244cd0255be6ac08583d1 -SHA512 (osinfo-db-tools-1.5.0.tar.gz.asc) = 5497f750adc0c5c4de32bc24071d6487acb13dd7c9f34ba92efeb6d5b714577f5639cbebbe9fa18e7d5165eb613a1a32fe744ab8143bed3959c4064b6fabb793 +SHA512 (osinfo-db-tools-1.6.0.tar.gz) = a3bdf9d913b388b0f567a14245f57c4f1da9dae40d723f8e76096ffdae9d7a8e587ed4832e3e59c820bc01bbb2b74815b3fefd8e1f47cebd903091457fdee951 +SHA512 (osinfo-db-tools-1.6.0.tar.gz.asc) = 5ce5abb53702473328db070b2263f084198c33b1feed6f6f7ac6a46f7df9d8fa00557a789ad521752fc996fb72d0cb5b8226a34c5f94734d8397e9654d519c7d