diff --git a/procmail-3.22-coverity-scan-fixes.patch b/procmail-3.22-coverity-scan-fixes.patch new file mode 100644 index 0000000..633e36f --- /dev/null +++ b/procmail-3.22-coverity-scan-fixes.patch @@ -0,0 +1,86 @@ +diff --git a/src/cstdio.c b/src/cstdio.c +index 0a0bd5b..306a973 100644 +--- a/src/cstdio.c ++++ b/src/cstdio.c +@@ -15,6 +15,7 @@ static /*const*/char rcsid[]= + #include "variables.h" + #include "shell.h" + #include "cstdio.h" ++#include "common.h" + + static uchar rcbuf[STDBUF],*rcbufp,*rcbufend; /* buffer for custom stdio */ + static off_t blasttell; +diff --git a/src/foldinfo.c b/src/foldinfo.c +index 10fe406..d05ad84 100644 +--- a/src/foldinfo.c ++++ b/src/foldinfo.c +@@ -18,6 +18,7 @@ static /*const*/char rcsid[]= + #include "goodies.h" + #include "locking.h" + #include "foldinfo.h" ++#include "acommon.h" + + static const char + maildirtmp[]=MAILDIRtmp,maildircur[]=MAILDIRcur; +@@ -186,8 +187,8 @@ int screenmailbox(chp,egid,Deliverymode) + if(!stat(buf,&stbuf)) + { unsigned wwsdir; + accspooldir=(wwsdir= /* world writable spool dir? */ +- ((S_IWGRP|S_IXGRP|S_IWOTH|S_IXOTH)&stbuf.st_mode)== +- (S_IWGRP|S_IXGRP|S_IWOTH|S_IXOTH) ++ (((S_IWGRP|S_IXGRP|S_IWOTH|S_IXOTH)&stbuf.st_mode)== ++ (S_IWGRP|S_IXGRP|S_IWOTH|S_IXOTH)) + <<1| /* note it in bit 1 */ + uid==stbuf.st_uid); /* we own the spool dir, note it in bit 0 */ + if((CAN_toggle_sgid||accspooldir)&&privileged) +diff --git a/src/lmtp.c b/src/lmtp.c +index 2c5b676..2bfacc4 100644 +--- a/src/lmtp.c ++++ b/src/lmtp.c +@@ -51,7 +51,7 @@ static int lreaddyn P((void)); + + int childserverpid; + +-static ctopfd; ++static int ctopfd; + static char*overread; + static size_t overlen; + +diff --git a/src/locking.c b/src/locking.c +index 572719b..5740c2d 100644 +--- a/src/locking.c ++++ b/src/locking.c +@@ -95,7 +95,10 @@ faillock: nlog("Lock failure on");logqnl(name); + permanent=nfsTRY; + ds: ssleep((unsigned)locksleep); + ce: if(nextexit) +-term: { free(name); /* drop the preallocated buffer */ ++term: { ++ if(nextexit) ++ elog(whilstwfor),elog("lockfile"),logqnl(name); ++ free(name); /* drop the preallocated buffer */ + break; + } + } +@@ -103,7 +106,7 @@ term: { free(name); /* drop the preallocated buffer */ + setegid(gid); /* we put back our regular permissions */ + lcking&=~lck_DELAYSIG; + if(nextexit) +- elog(whilstwfor),elog("lockfile"),logqnl(name),Terminate(); ++ Terminate(); + return !!*lockp; + } + +diff --git a/src/mailfold.c b/src/mailfold.c +index 6c8bcf4..23b8ac2 100644 +--- a/src/mailfold.c ++++ b/src/mailfold.c +@@ -378,7 +378,7 @@ void concon(ch)const int ch; /* flip between concatenated and split fields */ + } + } + +-void readmail(rhead,tobesent)const long tobesent; ++void readmail(rhead,tobesent)int rhead;const long tobesent; + { char*chp,*pastend;static size_t contlengthoffset; + ;{ long dfilled; + if(rhead==2) /* already read, just examine what we have */ diff --git a/procmail.spec b/procmail.spec index a03017f..917cee0 100644 --- a/procmail.spec +++ b/procmail.spec @@ -8,7 +8,7 @@ Summary: Mail processing program Name: procmail Version: 3.22 -Release: 48%{?dist} +Release: 49%{?dist} License: GPLv2+ or Artistic Group: Applications/Internet # Source: ftp://ftp.procmail.org/pub/procmail/procmail-%{version}.tar.gz @@ -27,6 +27,7 @@ Patch6: procmail-3.22-getline.patch Patch7: procmail-3.22-CVE-2014-3618.patch Patch8: procmail-3.22-crash-fix.patch Patch9: procmail-3.22-CVE-2017-16844.patch +Patch10: procmail-3.22-coverity-scan-fixes.patch BuildRequires: gcc %description @@ -48,6 +49,7 @@ forward certain incoming mail automatically to someone. %patch7 -p1 -b .CVE-2014-3618 %patch8 -p1 -b .crash-fix %patch9 -p1 -b .CVE-2017-16844 +%patch10 -p1 -b .coverity-scan-fixes find examples -type f | xargs chmod 644 @@ -79,6 +81,9 @@ cp -p %{SOURCE2} telsas_procmailrc %{_mandir}/man[15]/* %changelog +* Thu Dec 6 2018 Jaroslav Škarvada - 3.22-49 +- Fixed issues found by Coverity Scan + * Fri Jul 20 2018 Jaroslav Škarvada - 3.22-48 - Fixed FTBFS by adding gcc requirement Resolves: rhbz#1606850