From 24b2b871f3a8627e0813d00dfa14e69dc04ed68f Mon Sep 17 00:00:00 2001 From: Jan Rybar Date: Fri, 9 Jul 2021 16:41:22 +0200 Subject: [PATCH] Coverity scan findings fix Resolves: rhbz#1938848 --- covscan_findings.patch | 55 ++++++++++++++++++++++++++++++++++++++++++ procps-ng.spec | 9 +++++-- 2 files changed, 62 insertions(+), 2 deletions(-) create mode 100644 covscan_findings.patch diff --git a/covscan_findings.patch b/covscan_findings.patch new file mode 100644 index 0000000..b732fb0 --- /dev/null +++ b/covscan_findings.patch @@ -0,0 +1,55 @@ +commit a1bc3bf207c64e2a26d8a7a3c20dd960e0e5c545 +Author: Jan Rybar +Date: Thu May 6 16:30:54 2021 +0200 + + Coverity scan findings - memleaks, unused vars, potential nullptr dereferences + +diff --git a/lib/test_process.c b/lib/test_process.c +index e20b270d..f8ff5ed0 100644 +--- a/lib/test_process.c ++++ b/lib/test_process.c +@@ -69,6 +69,7 @@ signal_handler(int signum, siginfo_t *siginfo, void *ucontext) + exit(EXIT_FAILURE); + } + ++ free(signame); + } + + int main(int argc, char *argv[]) +diff --git a/pmap.c b/pmap.c +index 49a2a6a8..d8565fc3 100644 +--- a/pmap.c ++++ b/pmap.c +@@ -346,6 +346,9 @@ static void print_extended_maps (FILE *f) + if (listnode == NULL) { + assert(firstmapping == 2); + listnode = calloc(1, sizeof *listnode); ++ if (listnode == NULL) ++ xerrx(EXIT_FAILURE, _("ERROR: memory allocation failed")); ++ + if (listhead == NULL) { + assert(listtail == NULL); + listhead = listnode; +diff --git a/watch.c b/watch.c +index 1a95454e..772879cd 100644 +--- a/watch.c ++++ b/watch.c +@@ -124,8 +124,6 @@ static void reset_ansi(void) + + static void init_ansi_colors(void) + { +- int color; +- + short ncurses_colors[] = { + -1, COLOR_BLACK, COLOR_RED, COLOR_GREEN, COLOR_YELLOW, + COLOR_BLUE, COLOR_MAGENTA, COLOR_CYAN, COLOR_WHITE +@@ -172,6 +170,9 @@ static int process_ansi_color_escape_sequence(char** escape_sequence) { + // ESC[ 48;2;⟨r⟩;⟨g⟩;⟨b⟩ m Select RGB background color + int num; + ++ if (!escape_sequence) ++ return 0; /* avoid NULLPTR dereference, return "not understood" */ ++ + if ((*escape_sequence)[0] != ';') + return 0; /* not understood */ + diff --git a/procps-ng.spec b/procps-ng.spec index 2848dfd..bb27877 100644 --- a/procps-ng.spec +++ b/procps-ng.spec @@ -4,7 +4,7 @@ Summary: System and process monitoring utilities Name: procps-ng Version: 3.3.17 -Release: 2%{?dist} +Release: 3%{?dist} License: GPL+ and GPLv2 and GPLv2+ and GPLv3+ and LGPLv2+ URL: https://sourceforge.net/projects/procps-ng/ @@ -16,6 +16,7 @@ Source1: README.md Source2: README.top Patch1: pwait-to-pidwait.patch +Patch2: covscan_findings.patch BuildRequires: make @@ -88,7 +89,7 @@ Internationalization pack for procps-ng %prep %setup -q -n procps-%{version} -%autopatch +%autopatch -p1 cp -p %{SOURCE1} . cp -p %{SOURCE2} top/ @@ -159,6 +160,10 @@ ln -s %{_bindir}/pidof %{buildroot}%{_sbindir}/pidof %files i18n -f %{name}.lang %changelog +* Fri Jul 09 2021 Jan Rybar - 3.3.17-3 +- Coverity scan findings fix +- Resolves: rhbz#1938848 + * Fri Apr 16 2021 Mohan Boddu - 3.3.17-2 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937