Fix issues identified by OpenScanHub

Resolves: RHEL-44656

Signed-off-by: Siteshwar Vashisht <svashisht@redhat.com>

readline-8.3-sast.patch

@@ -0,0 +1,28 @@
+diff --git a/text.c b/text.c
+--- a/text.c
++++ b/text.c
+@@ -1409,8 +1409,7 @@ rl_change_case (int count, int op)
+ #if defined (HANDLE_MULTIBYTE)
+   WCHAR_T wc, nwc;
+   char mb[MB_LEN_MAX+1];
+-  int mlen;
+-  size_t m;
++  size_t m, mlen;
+   mbstate_t mps;
+ #endif
+ 
+@@ -1479,12 +1478,12 @@ rl_change_case (int count, int op)
+ 
+ 	      memset (&ts, 0, sizeof (mbstate_t));
+ 	      mlen = WCRTOMB (mb, nwc, &ts);
+-	      if (mlen < 0)
++	      if (MB_INVALIDCH (mlen))
+ 		{
+ 		  nwc = wc;
+ 		  memset (&ts, 0, sizeof (mbstate_t));
+ 		  mlen = WCRTOMB (mb, nwc, &ts);
+-		  if (mlen < 0)		/* should not happen */
++		  if (MB_INVALIDCH (mlen))		/* should not happen */
+ 		    strncpy (mb, rl_line_buffer + start, mlen = m);
+ 		}
+ 	      if (mlen > 0)

readline.spec

@@ -1,7 +1,7 @@
 Summary: A library for editing typed command lines
 Name: readline
 Version: 8.2
-Release: 9%{?dist}
+Release: 10%{?dist}
 
 # * Main sources are GPL-3.0-or-later
 # * examples/rlfe are GPL-2.0-or-later
@@ -23,6 +23,7 @@ Patch7: readline-8.2-patch-7.patch
 Patch8: readline-8.2-patch-8.patch
 Patch9: readline-8.2-patch-9.patch
 Patch10: readline-8.2-patch-10.patch
+Patch11: readline-8.3-sast.patch
 
 # Other patches
 # Remove RPATH, use CFLAGS
@@ -97,6 +98,10 @@ rm -vf %{buildroot}%{_infodir}/dir*
 %{_libdir}/libhistory.a
 
 %changelog
+* Thu Aug 29 2024 Siteshwar Vashisht <svashisht@redhat.com> - 8.2-10
+- Fix issues identified by OpenScanHub
+  Resolves: RHEL-44656
+
 * Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 8.2-9
 - Bump release for June 2024 mass rebuild