Additional coverity fixes
Related: RHEL-120852
This commit is contained in:
Charalampos Stratakis
parent
1d011fa00c
commit
ae795548c8
@ -46,7 +46,7 @@
|
||||
Summary: Scientific Tools for Python
|
||||
Name: python%{python3_pkgversion}-scipy
|
||||
Version: 1.16.2
|
||||
Release: 3%{?dist}
|
||||
Release: 4%{?dist}
|
||||
|
||||
# BSD-3-Clause -- whole package except:
|
||||
# BSD-2-Clause -- scipy/_lib/_pep440.py
|
||||
@ -93,6 +93,7 @@ Patch: compatibility-with-meson-1.4.1.patch
|
||||
# https://github.com/scipy/scipy/pull/24209
|
||||
# https://github.com/scipy/scipy/pull/24374
|
||||
# https://github.com/scipy/scipy/pull/24384
|
||||
# https://github.com/scipy/scipy/pull/24608
|
||||
Patch: scipy-coverity-fixes.patch
|
||||
|
||||
# Coverity scan fixes for the bundled HiGHS project
|
||||
@ -330,6 +331,10 @@ popd
|
||||
|
||||
|
||||
%changelog
|
||||
* Tue Feb 17 2026 Charalampos Stratakis <cstratak@redhat.com> - 1.16.2-4
|
||||
- Additional coverity fixes
|
||||
Related: RHEL-120852
|
||||
|
||||
* Tue Feb 10 2026 Charalampos Stratakis <cstratak@redhat.com> - 1.16.2-3
|
||||
- Fix issues uncovered via coverity scanning
|
||||
Related: RHEL-120852
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 0d941ffeac1ac04a6d76890bdf114d898267d488 Mon Sep 17 00:00:00 2001
|
||||
From 831457080986da1b686e8060f5957c507d5af18e Mon Sep 17 00:00:00 2001
|
||||
From: Charalampos Stratakis <cstratak@redhat.com>
|
||||
Date: Sat, 20 Dec 2025 00:39:36 +0100
|
||||
Subject: [PATCH 01/15] BUG: ndimage: fix potential double-free in
|
||||
Subject: [PATCH 01/16] BUG: ndimage: fix potential double-free in
|
||||
NI_InitFilterOffsets
|
||||
|
||||
Null out offset pointers after freeing them in the error path of
|
||||
@ -33,10 +33,10 @@ index a6e3ff0..934ac74 100644
|
||||
2.53.0
|
||||
|
||||
|
||||
From 51ec935d77be786ce3b5e8b95c5fa23a4dd3dbe7 Mon Sep 17 00:00:00 2001
|
||||
From ac244882ec070351e8de297245d2fb002a93bfa8 Mon Sep 17 00:00:00 2001
|
||||
From: Charalampos Stratakis <cstratak@redhat.com>
|
||||
Date: Sat, 20 Dec 2025 01:08:47 +0100
|
||||
Subject: [PATCH 02/15] BUG: signal/_firfilter.cc: fix out-of-bounds read in
|
||||
Subject: [PATCH 02/16] BUG: signal/_firfilter.cc: fix out-of-bounds read in
|
||||
pylab_convolve_2d
|
||||
|
||||
Move the type_num bounds check before using it as an array index.
|
||||
@ -73,10 +73,10 @@ index 9636961..b1f3f19 100644
|
||||
2.53.0
|
||||
|
||||
|
||||
From 94b1d8ee75e0cbf37bd970b70ba1e120d4d47d19 Mon Sep 17 00:00:00 2001
|
||||
From 901a5326ffd89038b21d89d8b3df5f8458ef305e Mon Sep 17 00:00:00 2001
|
||||
From: Charalampos Stratakis <cstratak@redhat.com>
|
||||
Date: Sat, 20 Dec 2025 01:20:43 +0100
|
||||
Subject: [PATCH 03/15] BUG: optimize/__lbfgsb.c: fix pointer arithmetic bug in
|
||||
Subject: [PATCH 03/16] BUG: optimize/__lbfgsb.c: fix pointer arithmetic bug in
|
||||
cauchy function
|
||||
|
||||
Change nseg += 1 to *nseg += 1 to increment the segment counter
|
||||
@ -104,10 +104,10 @@ index 306f6d6..4a1dc98 100644
|
||||
2.53.0
|
||||
|
||||
|
||||
From 7e65e5528db55cffb8814ecdb51e9573060695e2 Mon Sep 17 00:00:00 2001
|
||||
From d10a6599ba758887c7a1c9b2e15d39f0f387da53 Mon Sep 17 00:00:00 2001
|
||||
From: Charalampos Stratakis <cstratak@redhat.com>
|
||||
Date: Sat, 20 Dec 2025 03:43:12 +0100
|
||||
Subject: [PATCH 04/15] BUG: optimize/tnc/tnc.c: fix uninitialized xoffset when
|
||||
Subject: [PATCH 04/16] BUG: optimize/tnc/tnc.c: fix uninitialized xoffset when
|
||||
scale is provided
|
||||
|
||||
When calling tnc() with a non-NULL scale array but NULL offset array,
|
||||
@ -137,10 +137,10 @@ index 0b06d0e..d902dbf 100644
|
||||
2.53.0
|
||||
|
||||
|
||||
From c7da8ee0aa7a24fe937467de4b845b0c222519ba Mon Sep 17 00:00:00 2001
|
||||
From 75a7278f79a0ab3d3b7a65b0611b89bb47f88806 Mon Sep 17 00:00:00 2001
|
||||
From: SoheilStar <75124326+soheil-star01@users.noreply.github.com>
|
||||
Date: Sat, 20 Dec 2025 23:21:11 +0200
|
||||
Subject: [PATCH 05/15] BUG: optimize: Remove redundant conditional in
|
||||
Subject: [PATCH 05/16] BUG: optimize: Remove redundant conditional in
|
||||
_shgo.sampling_custom
|
||||
|
||||
Both if and else branches executed the same code. Simplifies to a
|
||||
@ -169,10 +169,10 @@ index b98a4b5..5fe0899 100644
|
||||
2.53.0
|
||||
|
||||
|
||||
From e07ace4aa764caef5c5abe2b8aa1982bb0348164 Mon Sep 17 00:00:00 2001
|
||||
From 7a648a78aa56fc79bd7e0ec26320b17d26bc698a Mon Sep 17 00:00:00 2001
|
||||
From: Charalampos Stratakis <cstratak@redhat.com>
|
||||
Date: Mon, 22 Dec 2025 01:40:36 +0100
|
||||
Subject: [PATCH 06/15] BUG: sparse.linalg: Fix copy-paste error in
|
||||
Subject: [PATCH 06/16] BUG: sparse.linalg: Fix copy-paste error in
|
||||
get_OPinv_matvec
|
||||
|
||||
In the type check condition for matrix M, is_pydata_spmatrix() was
|
||||
@ -198,10 +198,10 @@ index f678dea..0c70bf9 100644
|
||||
2.53.0
|
||||
|
||||
|
||||
From c3d3b109da83c889a12cb1735b31ed5466b4066e Mon Sep 17 00:00:00 2001
|
||||
From 90cba299c613da720e923c65c57230b046c22b87 Mon Sep 17 00:00:00 2001
|
||||
From: Charalampos Stratakis <cstratak@redhat.com>
|
||||
Date: Mon, 22 Dec 2025 02:23:55 +0100
|
||||
Subject: [PATCH 07/15] BUG: optimize/_direct: Fix memory leaks in
|
||||
Subject: [PATCH 07/16] BUG: optimize/_direct: Fix memory leaks in
|
||||
direct_direct_()
|
||||
|
||||
Two early return paths bypassed the cleanup section, leaking all
|
||||
@ -245,10 +245,10 @@ index 05249fa..9ec6a42 100644
|
||||
2.53.0
|
||||
|
||||
|
||||
From 6f4515431ceb479e788255e5b0041670a4d28a6d Mon Sep 17 00:00:00 2001
|
||||
From db2d85df49602f5fe82da03ec5750cad597a3648 Mon Sep 17 00:00:00 2001
|
||||
From: Charalampos Stratakis <cstratak@redhat.com>
|
||||
Date: Tue, 13 Jan 2026 23:07:38 +0100
|
||||
Subject: [PATCH 08/15] BUG: fix freeing of uninitialized memory in error paths
|
||||
Subject: [PATCH 08/16] BUG: fix freeing of uninitialized memory in error paths
|
||||
in ndimage
|
||||
|
||||
Initialize pointer arrays immediately after allocation and error check,
|
||||
@ -320,10 +320,10 @@ index f0f86a7..5a11419 100644
|
||||
2.53.0
|
||||
|
||||
|
||||
From 329c6a1df8fbe16c8d59b4a8b58abe29ec03284e Mon Sep 17 00:00:00 2001
|
||||
From 0ee12cdbbd73242b1febdf951803f60711b95fe8 Mon Sep 17 00:00:00 2001
|
||||
From: Charalampos Stratakis <cstratak@redhat.com>
|
||||
Date: Wed, 14 Jan 2026 04:14:29 +0100
|
||||
Subject: [PATCH 09/15] BUG: fix uninitialized variables in odr
|
||||
Subject: [PATCH 09/16] BUG: fix uninitialized variables in odr
|
||||
|
||||
The if-else clauses handling pwe and pwd arrays had no terminal
|
||||
else clause. If an object passed validation but didn't match any
|
||||
@ -367,10 +367,10 @@ index f86a65f..2027166 100644
|
||||
2.53.0
|
||||
|
||||
|
||||
From 9e52501a67a6e190bc81dbd91c4a14866639663c Mon Sep 17 00:00:00 2001
|
||||
From 9da2c240fa0a277dc2db35b3754840ed7561d6a3 Mon Sep 17 00:00:00 2001
|
||||
From: Charalampos Stratakis <cstratak@redhat.com>
|
||||
Date: Wed, 14 Jan 2026 05:07:07 +0100
|
||||
Subject: [PATCH 10/15] BUG: fix uninitialized variable in ILU complex copy at
|
||||
Subject: [PATCH 10/16] BUG: fix uninitialized variable in ILU complex copy at
|
||||
sparse/SuperLU
|
||||
|
||||
The SMILU_3 case in the second loop of ilu_ccopy_to_ucol.c and
|
||||
@ -413,10 +413,10 @@ index bb444d7..063d685 100644
|
||||
2.53.0
|
||||
|
||||
|
||||
From 09b460c7de6e9c8ddabd52d4a49b7fbba4003d4a Mon Sep 17 00:00:00 2001
|
||||
From 33b64448e9dd754b2fed17c4a05bd62e09a06b82 Mon Sep 17 00:00:00 2001
|
||||
From: ilayn <ilhanpolat@gmail.com>
|
||||
Date: Thu, 15 Jan 2026 18:10:05 +0100
|
||||
Subject: [PATCH 11/15] MAINT:optimize: Fix memleaks in DIRECT solver and
|
||||
Subject: [PATCH 11/16] MAINT:optimize: Fix memleaks in DIRECT solver and
|
||||
ext.mod.
|
||||
|
||||
---
|
||||
@ -546,10 +546,10 @@ index d1bfb33..d21734d 100644
|
||||
2.53.0
|
||||
|
||||
|
||||
From ba52739d21f8cf3ee52775df23c05605143de74f Mon Sep 17 00:00:00 2001
|
||||
From da3df170f45d970ddf3ef0e35e7ea241a46ce306 Mon Sep 17 00:00:00 2001
|
||||
From: ilayn <ilhanpolat@gmail.com>
|
||||
Date: Thu, 15 Jan 2026 18:19:06 +0100
|
||||
Subject: [PATCH 12/15] MAINT:optimize: Enable multi-phase init to DIRECT
|
||||
Subject: [PATCH 12/16] MAINT:optimize: Enable multi-phase init to DIRECT
|
||||
|
||||
---
|
||||
scipy/optimize/_directmodule.c | 54 +++++++++++++++++++---------------
|
||||
@ -633,10 +633,10 @@ index d21734d..aa3a80b 100644
|
||||
2.53.0
|
||||
|
||||
|
||||
From da22a05e07ba8e88a1220be834b29de0ad975601 Mon Sep 17 00:00:00 2001
|
||||
From 73c1ffae44562b099b69c72922897a2ff2807ff7 Mon Sep 17 00:00:00 2001
|
||||
From: ilayn <ilhanpolat@gmail.com>
|
||||
Date: Thu, 15 Jan 2026 20:51:09 +0100
|
||||
Subject: [PATCH 13/15] MAINT:optimize: Decref callback in DIRECT solver
|
||||
Subject: [PATCH 13/16] MAINT:optimize: Decref callback in DIRECT solver
|
||||
|
||||
---
|
||||
scipy/optimize/_direct/DIRect.c | 1 +
|
||||
@ -658,10 +658,10 @@ index 85bdaed..16c6426 100644
|
||||
2.53.0
|
||||
|
||||
|
||||
From e38338f279ba7235d479e3ed202b118c508d82d1 Mon Sep 17 00:00:00 2001
|
||||
From 2758feb6b3e9f0677d06a6764759886c8a188a09 Mon Sep 17 00:00:00 2001
|
||||
From: Charalampos Stratakis <cstratak@redhat.com>
|
||||
Date: Wed, 28 Jan 2026 01:00:20 +0100
|
||||
Subject: [PATCH 14/15] BUG: Initialize icoor array in NI_GeometricTransform in
|
||||
Subject: [PATCH 14/16] BUG: Initialize icoor array in NI_GeometricTransform in
|
||||
ndimage
|
||||
|
||||
The icoor array could be used uninitialized if a user-provided
|
||||
@ -707,10 +707,10 @@ index 5a11419..84e9a72 100644
|
||||
2.53.0
|
||||
|
||||
|
||||
From 859399cecffdbbbc6a0f86c8aec1339200afd6fb Mon Sep 17 00:00:00 2001
|
||||
From 80c6e128c8ad9d4c1208a75d08d135ddf5ad5acf Mon Sep 17 00:00:00 2001
|
||||
From: Charalampos Stratakis <cstratak@redhat.com>
|
||||
Date: Wed, 28 Jan 2026 02:17:37 +0100
|
||||
Subject: [PATCH 15/15] BUG: optimize: validate itmax in trlib_eigen_inverse
|
||||
Subject: [PATCH 15/16] BUG: optimize: validate itmax in trlib_eigen_inverse
|
||||
|
||||
Add early return when itmax <= 0 to prevent use of uninitialized
|
||||
residuals array. The inverse iteration loop sets residuals[jj] only
|
||||
@ -739,3 +739,41 @@ index 79c4aaf..4156483 100644
|
||||
--
|
||||
2.53.0
|
||||
|
||||
|
||||
From e0d53160e19ac80621446c3793d8f94ea711a126 Mon Sep 17 00:00:00 2001
|
||||
From: Charalampos Stratakis <cstratak@redhat.com>
|
||||
Date: Tue, 17 Feb 2026 01:14:29 +0100
|
||||
Subject: [PATCH 16/16] BUG: Split edge_offsets/data_offsets error checks in
|
||||
NI_GeometricTransform
|
||||
|
||||
The combined check allowed a path where edge_offsets fails but
|
||||
data_offsets succeeds, reaching cleanup before data_offsets elements
|
||||
are NULL-initialized.
|
||||
|
||||
Completes the fix in 339ccf65c3.
|
||||
---
|
||||
scipy/ndimage/src/ni_interpolation.c | 7 ++++++-
|
||||
1 file changed, 6 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/scipy/ndimage/src/ni_interpolation.c b/scipy/ndimage/src/ni_interpolation.c
|
||||
index 84e9a72..1030ca1 100644
|
||||
--- a/scipy/ndimage/src/ni_interpolation.c
|
||||
+++ b/scipy/ndimage/src/ni_interpolation.c
|
||||
@@ -295,8 +295,13 @@ NI_GeometricTransform(PyArrayObject *input, int (*map)(npy_intp*, double*,
|
||||
|
||||
/* offsets used at the borders: */
|
||||
edge_offsets = malloc(irank * sizeof(npy_intp*));
|
||||
+ if (NPY_UNLIKELY(!edge_offsets)) {
|
||||
+ NPY_END_THREADS;
|
||||
+ PyErr_NoMemory();
|
||||
+ goto exit;
|
||||
+ }
|
||||
data_offsets = malloc(irank * sizeof(npy_intp*));
|
||||
- if (NPY_UNLIKELY(!edge_offsets || !data_offsets)) {
|
||||
+ if (NPY_UNLIKELY(!data_offsets)) {
|
||||
NPY_END_THREADS;
|
||||
PyErr_NoMemory();
|
||||
goto exit;
|
||||
--
|
||||
2.53.0
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user