From aeac50dc448dcc172fa05b2847666afa3d04bfe2 Mon Sep 17 00:00:00 2001
From: Jan Rybar <jrybar@redhat.com>
Date: Tue, 2 May 2023 15:21:33 +0200
Subject: [PATCH] migrate to autosetup; convert specfile script to a patch;
 FORTIFY_SOURCE_3 detected a buffer overflow; Resolves: bz#2190057

---
 psacct-6.6.4-sprintf-buffer-overflow.patch | 12 +++++++++++
 psacct.spec                                | 25 +++++++++-------------
 2 files changed, 22 insertions(+), 15 deletions(-)
 create mode 100644 psacct-6.6.4-sprintf-buffer-overflow.patch

diff --git a/psacct-6.6.4-sprintf-buffer-overflow.patch b/psacct-6.6.4-sprintf-buffer-overflow.patch
new file mode 100644
index 0000000..d86d0eb
--- /dev/null
+++ b/psacct-6.6.4-sprintf-buffer-overflow.patch
@@ -0,0 +1,12 @@
+diff -up ./dev_hash.c.ori ./dev_hash.c
+--- ./dev_hash.c.ori	2023-05-02 10:40:45.509862165 +0200
++++ ./dev_hash.c	2023-05-02 10:40:48.266876499 +0200
+@@ -147,7 +147,7 @@ static void setup_devices(char *dirname)
+     {
+       char *fullname = (char *) alloca ((strlen (dirname)
+                                          + NAMLEN (dp)
+-                                         + 1) * sizeof (char));
++                                         + 2) * sizeof (char));  /* slash + null; Fedora BZ#2190057 */
+ 
+       (void)sprintf (fullname, "%s/%s", dirname, dp->d_name);
+       if (stat (fullname, &sp))
diff --git a/psacct.spec b/psacct.spec
index 012ac6a..16e21e8 100644
--- a/psacct.spec
+++ b/psacct.spec
@@ -4,7 +4,7 @@
 Summary: Utilities for monitoring process activities
 Name: psacct
 Version: 6.6.4
-Release: 16%{?dist}
+Release: 17%{?dist}
 License: GPL-3.0-or-later
 URL: http://www.gnu.org/software/acct/
 
@@ -16,6 +16,8 @@ Source3: accton-create
 Patch1: psacct-6.6.2-unnumberedsubsubsec.patch
 Patch2: psacct-6.6.1-SEGV-when-record-incomplete.patch
 Patch3: psacct-6.6.4-lastcomm-manpage-pid-twice.patch
+Patch4: psacct-6.6.4-sprintf-buffer-overflow.patch
+Patch5: psacct-6.6.4-specfile-tweaks-file-locs.patch
 
 Conflicts: filesystem < 3
 Requires: coreutils
@@ -27,6 +29,7 @@ BuildRequires: make
 BuildRequires: autoconf
 BuildRequires: systemd
 BuildRequires: gcc
+BuildRequires: git
 
 
 %description
@@ -40,20 +43,7 @@ commands.
 
 
 %prep
-%setup -q -n acct-%{version}
-
-%patch1 -p1 -b .subsubsec
-%patch2 -p1
-%patch3 -p1
-
-# fixing 'gets' undeclared
-sed -i 's|.*(gets,.*||g' lib/stdio.in.h
-
-# workaround for broken autotools stuff
-sed -i 's|@ACCT_FILE_LOC@|/var/account/pacct|g'      files.h.in
-sed -i 's|@SAVACCT_FILE_LOC@|/var/account/savacct|g' files.h.in
-sed -i 's|@USRACCT_FILE_LOC@|/var/account/usracct|g' files.h.in
-
+%autosetup -S git -n acct-%{version}
 
 %build
 %configure --enable-linux-multiformat
@@ -134,6 +124,11 @@ touch /var/account/pacct && chmod 0600 /var/account/pacct
 
 
 %changelog
+* Tue May 02 2023 Jan Rybar <jrybar@redhat.com> - 6.6.4-17
+- migrate to autosetup; convert specfile script to a patch
+- FORTIFY_SOURCE_3 detected a buffer overflow
+- Resolves: bz#2190057
+
 * Mon Apr 24 2023 Lukáš Zaoral <lzaoral@redhat.com> - 6.6.4-16
 - migrate to SPDX license format