From b6467c6305a1463a96147a126200ce847a272b61 Mon Sep 17 00:00:00 2001 From: Jan Rybar Date: Tue, 15 Oct 2024 13:27:35 +0200 Subject: [PATCH] Static analysis bug fixes Resolves: RHEL-43279 --- psacct.spec | 7 ++++++- sast_bugs.patch | 28 ++++++++++++++++++++++++++++ 2 files changed, 34 insertions(+), 1 deletion(-) create mode 100644 sast_bugs.patch diff --git a/psacct.spec b/psacct.spec index 0fa4cd9..abffdfc 100644 --- a/psacct.spec +++ b/psacct.spec @@ -4,7 +4,7 @@ Summary: Utilities for monitoring process activities Name: psacct Version: 6.6.4 -Release: 22%{?dist} +Release: 23%{?dist} License: GPL-3.0-or-later URL: http://www.gnu.org/software/acct/ @@ -18,6 +18,7 @@ Patch2: psacct-6.6.1-SEGV-when-record-incomplete.patch Patch3: psacct-6.6.4-lastcomm-manpage-pid-twice.patch Patch4: psacct-6.6.4-sprintf-buffer-overflow.patch Patch5: psacct-6.6.4-specfile-tweaks-file-locs.patch +Patch6: sast_bugs.patch Conflicts: filesystem < 3 Requires: coreutils @@ -124,6 +125,10 @@ touch /var/account/pacct && chmod 0600 /var/account/pacct %changelog +* Tue Oct 15 2024 Jan Rybar - 6.6.4-23 +- fixed bugs discovered by static analysis +- Resolves: RHEL-43279 + * Mon Jun 24 2024 Troy Dawson - 6.6.4-22 - Bump release for June 2024 mass rebuild diff --git a/sast_bugs.patch b/sast_bugs.patch new file mode 100644 index 0000000..c0c26aa --- /dev/null +++ b/sast_bugs.patch @@ -0,0 +1,28 @@ +diff --git a/sa.c b/sa.c +index e2e654e..a432e5a 100644 +--- a/sa.c ++++ b/sa.c +@@ -1042,9 +1042,11 @@ void write_savacct_file(char *filename) + { + printf ("%s (write_savacct_file): probs writing to file `%s'\n", + program_name, s); ++ fclose(fp); + exit(EXIT_FAILURE); + } + } ++ fclose(fp); + + if (rename (s, filename) != 0) + { +@@ -1084,9 +1086,11 @@ void write_usracct_file(char *filename) + { + printf ("%s (write_usracct_file): probs writing to file `%s'\n", + program_name, s); ++ fclose(fp); + exit(EXIT_FAILURE); + } + } ++ fclose(fp); + + if (rename (s, filename) != 0) + {