- storage_mon/findif: fix handler out of scope leak, unitialized value

and check that netmaskbits != EOS

  Resolves: RHEL-17072
This commit is contained in:
Oyvind Albrigtsen 2023-11-22 12:43:05 +01:00
parent 20e88c96a3
commit 568498666b
3 changed files with 28 additions and 3 deletions

View File

@ -0,0 +1,23 @@
From cb968378959b8aa334e98daf62a1b08ef6525fb4 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Wed, 22 Nov 2023 10:32:31 +0100
Subject: [PATCH] storage_mon: use memset() to fix "uninitialized value"
covscan error, as qb_ipcc_recv() will always set a message (according to
honzaf)
---
tools/storage_mon.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/tools/storage_mon.c b/tools/storage_mon.c
index cc415e97f..a9227ef90 100644
--- a/tools/storage_mon.c
+++ b/tools/storage_mon.c
@@ -655,6 +655,7 @@ storage_mon_client(void)
int32_t rc;
+ memset(&response, 0, sizeof(response));
snprintf(ipcs_name, SMON_MAX_IPCSNAME, "storage_mon_%s", attrname);
conn = qb_ipcc_connect(ipcs_name, 0);
if (conn == NULL) {

View File

@ -45,7 +45,7 @@
Name: resource-agents Name: resource-agents
Summary: Open Source HA Reusable Cluster Resource Scripts Summary: Open Source HA Reusable Cluster Resource Scripts
Version: 4.10.0 Version: 4.10.0
Release: 50%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist} Release: 51%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}
License: GPLv2+ and LGPLv2+ License: GPLv2+ and LGPLv2+
URL: https://github.com/ClusterLabs/resource-agents URL: https://github.com/ClusterLabs/resource-agents
Source0: %{upstream_prefix}-%{upstream_version}.tar.gz Source0: %{upstream_prefix}-%{upstream_version}.tar.gz
@ -116,7 +116,8 @@ Patch63: RHEL-15301-1-exportfs-make-fsid-optional.patch
Patch64: RHEL-15301-2-ocft-exportfs-remove-fsid-required-test.patch Patch64: RHEL-15301-2-ocft-exportfs-remove-fsid-required-test.patch
Patch65: RHEL-15304-findif.sh-fix-loopback-handling.patch Patch65: RHEL-15304-findif.sh-fix-loopback-handling.patch
Patch66: RHEL-16247-aws-vpc-move-ip-aws-vpc-route53-awseip-awsvip-auth_type-role.patch Patch66: RHEL-16247-aws-vpc-move-ip-aws-vpc-route53-awseip-awsvip-auth_type-role.patch
Patch67: RHEL-17072-storage_mon-findif-leak-unitialized-values-EOS-fixes.patch Patch67: RHEL-17072-1-storage_mon-findif-leak-unitialized-values-EOS-fixes.patch
Patch68: RHEL-17072-2-storage_mon-use-memset-to-fix-covscan-error.patch
# bundled ha-cloud-support libs # bundled ha-cloud-support libs
Patch500: ha-cloud-support-aws.patch Patch500: ha-cloud-support-aws.patch
@ -308,6 +309,7 @@ exit 1
%patch -p1 -P 65 %patch -p1 -P 65
%patch -p1 -P 66 %patch -p1 -P 66
%patch -p1 -P 67 %patch -p1 -P 67
%patch -p1 -P 68
# bundled ha-cloud-support libs # bundled ha-cloud-support libs
%patch -p1 -P 500 %patch -p1 -P 500
@ -629,7 +631,7 @@ rm -rf %{buildroot}/usr/share/doc/resource-agents
%{_usr}/lib/ocf/lib/heartbeat/OCF_*.pm %{_usr}/lib/ocf/lib/heartbeat/OCF_*.pm
%changelog %changelog
* Tue Nov 21 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-50 * Wed Nov 22 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-51
- storage_mon/findif: fix handler out of scope leak, unitialized value - storage_mon/findif: fix handler out of scope leak, unitialized value
and check that netmaskbits != EOS and check that netmaskbits != EOS