Rebuild for qatzip v1.0.7

Fix snprintf truncation check (bz 2046925, github.com/intel/QATzip/pull/57)
Add -fstack-protector-strong build option (bz 2044889)

Signed-off-by: Vladis Dronov <vdronov@redhat.com>

.gitignore

@@ -1 +1 @@
-/qatzip-1.0.6.tar.gz
+/qatzip-1.0.7.tar.gz

1-fix-snprintf-truncation.patch

@@ -0,0 +1,14 @@
+--- utils/qzip.c.orig
++++ utils/qzip.c
+@@ -469,9 +469,8 @@ int makeOutName(const char *in_name, const char *out_name,
+  * parent directory. */
+ void mkPath(char *path, const char *dirpath, char *file)
+ {
+-    if (strlen(dirpath) + strlen(file) + 1 < MAX_PATH_LEN) {
+-        snprintf(path, MAX_PATH_LEN, "%s/%s", dirpath, file);
+-    } else {
++    if (snprintf(path, MAX_PATH_LEN, "%s/%s", dirpath, file) >= MAX_PATH_LEN) {
++        /* truncation occurred */
+         assert(0);
+     }
+ }

2-add-strong-stack-prot.patch

@@ -0,0 +1,24 @@
+--- configure.orig	2022-02-08 17:54:38.857757054 +0100
++++ configure	2022-02-08 18:09:34.392172703 +0100
+@@ -142,15 +142,15 @@ includedir=${includedir:-$prefix/include
+ mandir=${mandir:-$prefix/share/man}
+
+ # define CFLAGS and LDFLAGS if no environment variables defined
+-if test -z ${CFLAGS}; then
+-  CFLAGS='-Wall -Werror -std=gnu99 -pedantic -fstack-protector -fPIE -fPIC -fno-strict-overflow -fno-delete-null-pointer-checks -fwrapv'
++if test -z "${CFLAGS}"; then
++  CFLAGS="-Wall -Werror -std=gnu99 -pedantic -fstack-protector-strong -fPIE -fPIC -fno-strict-overflow -fno-delete-null-pointer-checks -fwrapv"
+ else
+-  CFLAGS+=" -Wall -Werror -std=gnu99 -pedantic -fstack-protector -fPIE -fPIC"
++  CFLAGS+=" -Wall -Werror -std=gnu99 -pedantic -fstack-protector-strong -fPIE -fPIC"
+ fi
+-if test -z ${LDFLAGS}; then
+-  LDFLAGS='-fstack-protector -fPIC -pie -z relro -z now -Wl,-z,noexecstack'
++if test -z "${LDFLAGS}"; then
++  LDFLAGS="-fstack-protector-strong -fPIC -pie -z relro -z now -Wl,-z,noexecstack"
+ else
+-  LDFLAGS+=" -fstack-protector -fPIC -pie -z relro -z now -Wl,-z,noexecstack"
++  LDFLAGS+=" -fstack-protector-strong -fPIC -pie -z relro -z now -Wl,-z,noexecstack"
+ fi
+
+ # try to build 32 or 64 bit system binary

README.md

@@ -1,3 +0,0 @@
-# qatzip
-
-The qatzip package

qatzip.spec

@@ -4,8 +4,8 @@
 %global libqatzip_soversion 1
 
 Name:           qatzip
-Version:        1.0.6
+Version:        1.0.7
-Release:        4%{?dist}
+Release:        1%{?dist}
 Summary:        Intel QuickAssist Technology (QAT) QATzip Library
 License:        BSD
 URL:            https://github.com/intel/%{githubname}
@@ -18,6 +18,9 @@ BuildRequires:  qatlib-devel >= 21.08.0
 # https://bugzilla.redhat.com/show_bug.cgi?id=1987280
 ExclusiveArch:  x86_64
 
+Patch0: 1-fix-snprintf-truncation.patch
+Patch1: 2-add-strong-stack-prot.patch
+
 %description
 QATzip is a user space library which builds on top of the Intel
 QuickAssist Technology user space library, to provide extended
@@ -45,7 +48,7 @@ This package contains headers and libraries required to build
 applications that use the QATzip APIs.
 
 %prep
-%autosetup -n %{githubname}-%{version}
+%autosetup -p0 -n %{githubname}-%{version}
 
 %build
 %set_build_flags
@@ -82,6 +85,11 @@ rm -vf %{buildroot}%{_mandir}/*.pdf
 %{_libdir}/libqatzip.so
 
 %changelog
+* Wed Feb 09 2022 Vladis Dronov <vdronov@redhat.com> - 1.0.7-1
+- Rebuild for qatzip v1.0.7
+- Fix snprintf truncation check (bz 2046925)
+- Add -fstack-protector-strong build option (bz 2044889)
+
 * Fri Jan 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.6-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
 

sources

@@ -1 +1 @@
-SHA512 (qatzip-1.0.6.tar.gz) = 3a909d24a52cef98e07702a1282069f4c4948a03ad3148e7e14e09e520962415ae5579362530107476874216e15b5b66561643e8b94f80bb90b85cf18b2a5566
+SHA512 (qatzip-1.0.7.tar.gz) = d5e21aa0fc42d1fba439f7afecdb904e2ffa4960651ce003386988b5ebcff50b2e57d60ca379de7aa2285449a39f3314a1a82336ec0adfe3a4bec3bb8da613d3