fix buffer overflow with high port numbers
Resolves: RHEL-11034
This commit is contained in:
parent
ff8325e2a3
commit
3b5a8be450
11
sgpio-1.2-buffer-overflow.patch
Normal file
11
sgpio-1.2-buffer-overflow.patch
Normal file
@ -0,0 +1,11 @@
|
||||
--- sgpio/sgpio.c
|
||||
+++ sgpio/sgpio.c
|
||||
@@ -126,7 +126,7 @@
|
||||
int id;
|
||||
int host_port;
|
||||
int init;
|
||||
- char name[7];
|
||||
+ char name[5 /* prefix */ + 10 /* port number */ + 1 /* terminator */];
|
||||
};
|
||||
|
||||
/* structure for the disks associated with the led structure */
|
@ -1,7 +1,7 @@
|
||||
Summary: SGPIO captive backplane tool
|
||||
Name: sgpio
|
||||
Version: 1.2.0.10
|
||||
Release: 21%{?dist}
|
||||
Release: 22%{?dist}
|
||||
License: GPLv2+
|
||||
Group: System Environment/Base
|
||||
URL: http://sources.redhat.com/lvm2/wiki/DMRAID_Eventing
|
||||
@ -10,6 +10,7 @@ Source: sgpio-1.2-0.10-src.tar.gz
|
||||
#Source: http://sources.redhat.com/lvm2/wiki/DMRAID_Eventing?action=AttachFile&do=get&target=sgpio-1.2.tgz
|
||||
Patch0: sgpio-1.2-makefile.patch
|
||||
Patch1: sgpio-1.2-coverity.patch
|
||||
Patch2: sgpio-1.2-buffer-overflow.patch
|
||||
BuildRequires: dos2unix
|
||||
|
||||
%description
|
||||
@ -20,6 +21,7 @@ Intel SGPIO enclosure management utility
|
||||
dos2unix --keepdate Makefile README
|
||||
%patch0 -p1 -b .makefile
|
||||
%patch1 -p1 -b .coverity
|
||||
%patch2 -p1 -b .buffer-overflow
|
||||
chmod a-x *
|
||||
|
||||
%build
|
||||
@ -36,6 +38,9 @@ make install INSTALL="%{__install} -p" DESTDIR=$RPM_BUILD_ROOT SBIN_DIR=$RPM_BUI
|
||||
%{_mandir}/man1/sgpio.*
|
||||
|
||||
%changelog
|
||||
* Mon Oct 09 2023 Lukáš Zaoral <lzaoral@redhat.com> - 1.2.0.10-22
|
||||
- fix buffer overflow with high port numbers (RHEL-11034)
|
||||
|
||||
* Mon Feb 26 2018 Jan Synáček <jsynacek@redhat.com> - 1.2.0.10-21
|
||||
- use distribution LDFLAGS during build (#1548559)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user