diff --git a/pinentry-1.1.1-coverity.patch b/pinentry-1.1.1-coverity.patch index 9f10278..2a86075 100644 --- a/pinentry-1.1.1-coverity.patch +++ b/pinentry-1.1.1-coverity.patch @@ -95,48 +95,100 @@ index 403dd60..4a2b67f 100644 rc = -1; if (! rc) -commit 75568e8bea256657258f79d3f1a0736198d05b60 -Author: Jakub Jelen -Date: Wed Apr 14 17:36:17 2021 +0200 - tty: Avoid double fclose - - * tty/pinentry-tty.c (tty_cmd_handler): Avoid double fclose - - -- - - Signed-off-by: Jakub Jelen +From 7f7fd8bcfd74919091cc318b27b8617a9ef2ac82 Mon Sep 17 00:00:00 2001 +From: NIIBE Yutaka +Date: Fri, 16 Apr 2021 12:54:43 +0900 +Subject: [PATCH] tty: Fix error return paths and its resource leaks. + +* tty/pinentry-tty.c (tty_cmd_handler): Only call do_touch_file +on successful interaction. Fix closing file. + +-- + +GnuPG-bug-id: 5384 +Co-authored-by: Jakub Jelen +Signed-off-by: NIIBE Yutaka +--- + tty/pinentry-tty.c | 34 +++++++++++++++++----------------- + 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/tty/pinentry-tty.c b/tty/pinentry-tty.c -index 4a2b67f..63e306f 100644 +index 4a2b67f..c4d85c6 100644 --- a/tty/pinentry-tty.c +++ b/tty/pinentry-tty.c -@@ -551,9 +551,6 @@ tty_cmd_handler (pinentry_t pinentry) - ttyfo = fopen (pinentry->ttyname, "w"); - if (!ttyfo) - { +@@ -525,6 +525,7 @@ tty_cmd_handler (pinentry_t pinentry) + int rc = 0; + FILE *ttyfi = stdin; + FILE *ttyfo = stdout; ++ int saved_errno = 0; + + #ifndef HAVE_DOSISH_SYSTEM + timed_out = 0; +@@ -545,30 +546,27 @@ tty_cmd_handler (pinentry_t pinentry) + { + ttyfi = fopen (pinentry->ttyname, "r"); + if (!ttyfi) +- rc = -1; +- else ++ return -1; ++ ++ ttyfo = fopen (pinentry->ttyname, "w"); ++ if (!ttyfo) + { +- ttyfo = fopen (pinentry->ttyname, "w"); +- if (!ttyfo) +- { - int err = errno; - fclose (ttyfi); - errno = err; - rc = -1; - } +- rc = -1; +- } ++ saved_errno = errno; ++ fclose (ttyfi); ++ errno = saved_errno; ++ return -1; } -@@ -562,7 +559,7 @@ tty_cmd_handler (pinentry_t pinentry) - if (!rc && terminal_save (fileno (ttyfi)) < 0) - rc = -1; + } +- if (!rc && terminal_save (fileno (ttyfi)) < 0) ++ if (terminal_save (fileno (ttyfi)) < 0) + rc = -1; +- - if (! rc) -+ if (!rc) ++ else { if (terminal_setup (fileno (ttyfi), !!pinentry->pin) == -1) { -@@ -583,7 +583,8 @@ tty_cmd_handler (pinentry_t pinentry) +- int err = errno; ++ saved_errno = errno; + fprintf (stderr, "terminal_setup failure, exiting\n"); +- errno = err; ++ rc = -1; + } + else + { +@@ -578,17 +576,19 @@ tty_cmd_handler (pinentry_t pinentry) + rc = confirm (pinentry, ttyfi, ttyfo); + + terminal_restore (fileno (ttyfi)); ++ do_touch_file (pinentry); + } + } + +- do_touch_file (pinentry); +- if (pinentry->ttyname) { fclose (ttyfi); -- fclose (ttyfo); -+ if (ttyfo) -+ fclose (ttyfo); + fclose (ttyfo); } - + ++ if (saved_errno) ++ errno = saved_errno; ++ return rc; + } + +-- +2.30.2 diff --git a/pinentry-1.1.1-rpath.patch b/pinentry-1.1.1-rpath.patch new file mode 100644 index 0000000..b21300e --- /dev/null +++ b/pinentry-1.1.1-rpath.patch @@ -0,0 +1,41 @@ +commit 6e8ad3150566d16a20cb3b54267191bcb0c14208 +Author: Damien Goutte-Gattat +Date: Tue Feb 23 22:05:37 2021 +0000 + + qt: Honor the --disable-rpath option. + + * m4/qt.m4: Do not set rpath if --disable-rpath has been specified + at configure time. + -- + + GnuPG-bug-id: 5307 + Signed-off-by: Damien Goutte-Gattat + +diff --git a/m4/qt.m4 b/m4/qt.m4 +index f8ef3f6..5f9de3f 100644 +--- a/m4/qt.m4 ++++ b/m4/qt.m4 +@@ -59,7 +59,9 @@ AC_DEFUN([FIND_QT], + + qtlibdir=`"$PKG_CONFIG" --variable libdir Qt5Core` + if test -n "$qtlibdir"; then ++ if test "$enable_rpath" != "no"; then + PINENTRY_QT_LDFLAGS="$PINENTRY_QT_LDFLAGS -Wl,-rpath \"$qtlibdir\"" ++ fi + fi + + AC_CHECK_TOOL(MOC, moc) + +diff -up pinentry-1.1.1/configure.rpath pinentry-1.1.1/configure +--- pinentry-1.1.1/configure.rpath 2021-04-16 09:08:48.306479991 +0200 ++++ pinentry-1.1.1/configure 2021-04-16 09:09:29.365068549 +0200 +@@ -10765,7 +10776,9 @@ fi + + qtlibdir=`"$PKG_CONFIG" --variable libdir Qt5Core` + if test -n "$qtlibdir"; then ++ if test "$enable_rpath" != "no"; then + PINENTRY_QT_LDFLAGS="$PINENTRY_QT_LDFLAGS -Wl,-rpath \"$qtlibdir\"" ++ fi + fi + + if test -n "$ac_tool_prefix"; then diff --git a/pinentry.spec b/pinentry.spec index 079ccba..b8ad2bd 100644 --- a/pinentry.spec +++ b/pinentry.spec @@ -1,7 +1,7 @@ Name: pinentry Version: 1.1.1 -Release: 6%{?dist} +Release: 7%{?dist} Summary: Collection of simple PIN or passphrase entry dialogs License: GPLv2+ @@ -10,6 +10,7 @@ Source0: https://gnupg.org/ftp/gcrypt/pinentry/%{name}-%{version}.tar.bz2 Source1: https://gnupg.org/ftp/gcrypt/pinentry/%{name}-%{version}.tar.bz2.sig Patch1: pinentry-1.1.1-coverity.patch +Patch2: pinentry-1.1.1-rpath.patch # borrowed from opensuse Source10: pinentry-wrapper @@ -89,6 +90,7 @@ This package contains the tty version of the PIN entry dialog. %prep %setup -q %patch1 -p1 -b .coverity +%patch2 -p1 -b .rpath %build @@ -146,6 +148,10 @@ rm -fv $RPM_BUILD_ROOT%{_infodir}/dir %{_bindir}/pinentry-tty %changelog +* Fri Apr 16 2021 Jakub Jelen - 1.1.1-7 +- Honor the disabled rpath +- Sync final version of coverity patches from upstream (#1938729) + * Fri Apr 16 2021 Mohan Boddu - 1.1.1-6 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937