diff --git a/covscan-findings.patch b/covscan-findings.patch new file mode 100644 index 0000000..c9a3b22 --- /dev/null +++ b/covscan-findings.patch @@ -0,0 +1,49 @@ +diff --git a/lib/test_process.c b/lib/test_process.c +index e20b270d..f8ff5ed0 100644 +--- a/lib/test_process.c ++++ b/lib/test_process.c +@@ -69,6 +69,7 @@ signal_handler(int signum, siginfo_t *siginfo, void *ucontext) + exit(EXIT_FAILURE); + } + ++ free(signame); + } + + int main(int argc, char *argv[]) +diff --git a/pmap.c b/pmap.c +index 49a2a6a8..d8565fc3 100644 +--- a/pmap.c ++++ b/pmap.c +@@ -346,6 +346,9 @@ static void print_extended_maps (FILE *f) + if (listnode == NULL) { + assert(firstmapping == 2); + listnode = calloc(1, sizeof *listnode); ++ if (listnode == NULL) ++ xerrx(EXIT_FAILURE, _("ERROR: memory allocation failed")); ++ + if (listhead == NULL) { + assert(listtail == NULL); + listhead = listnode; +diff --git a/watch.c b/watch.c +index 1a95454e..772879cd 100644 +--- a/watch.c ++++ b/watch.c +@@ -124,8 +124,6 @@ static void reset_ansi(void) + + static void init_ansi_colors(void) + { +- int color; +- + short ncurses_colors[] = { + -1, COLOR_BLACK, COLOR_RED, COLOR_GREEN, COLOR_YELLOW, + COLOR_BLUE, COLOR_MAGENTA, COLOR_CYAN, COLOR_WHITE +@@ -172,6 +170,9 @@ static int process_ansi_color_escape_sequence(char** escape_sequence) { + // ESC[ 48;2;⟨r⟩;⟨g⟩;⟨b⟩ m Select RGB background color + int num; + ++ if (!escape_sequence) ++ return 0; /* avoid NULLPTR dereference, return "not understood" */ ++ + if ((*escape_sequence)[0] != ';') + return 0; /* not understood */ + diff --git a/procps-ng.spec b/procps-ng.spec index e8d2308..79c8108 100644 --- a/procps-ng.spec +++ b/procps-ng.spec @@ -4,7 +4,7 @@ Summary: System and process monitoring utilities Name: procps-ng Version: 3.3.17 -Release: 1%{?dist} +Release: 2%{?dist} License: GPL+ and GPLv2 and GPLv2+ and GPLv3+ and LGPLv2+ URL: https://sourceforge.net/projects/procps-ng/ @@ -16,6 +16,7 @@ Source1: README.md Source2: README.top Patch1: pwait-to-pidwait.patch +Patch2: covscan-findings.patch BuildRequires: make @@ -88,7 +89,7 @@ Internationalization pack for procps-ng %prep %setup -q -n procps-%{version} -%autopatch +%autopatch -p1 cp -p %{SOURCE1} . cp -p %{SOURCE2} top/ @@ -159,6 +160,9 @@ ln -s %{_bindir}/pidof %{buildroot}%{_sbindir}/pidof %files i18n -f %{name}.lang %changelog +* Tue May 04 2021 Jan Rybar - 3.3.17-2 +- fixed coverity findings + * Thu Feb 18 2021 Jan Rybar - 3.3.17-1 - rebase to procps-ng-3.3.17 - new distribution of i18n manpages