fix buffer overflow with high port numbers
Resolves: RHEL-14440
This commit is contained in:
parent
a05a068785
commit
715a280ffc
11
sgpio-1.2-buffer-overflow.patch
Normal file
11
sgpio-1.2-buffer-overflow.patch
Normal file
@ -0,0 +1,11 @@
|
||||
--- sgpio/sgpio.c
|
||||
+++ sgpio/sgpio.c
|
||||
@@ -126,7 +126,7 @@
|
||||
int id;
|
||||
int host_port;
|
||||
int init;
|
||||
- char name[7];
|
||||
+ char name[5 /* prefix */ + 10 /* port number */ + 1 /* terminator */];
|
||||
};
|
||||
|
||||
/* structure for the disks associated with the led structure */
|
@ -1,7 +1,7 @@
|
||||
Summary: SGPIO captive backplane tool
|
||||
Name: sgpio
|
||||
Version: 1.2.0.10
|
||||
Release: 30%{?dist}
|
||||
Release: 31%{?dist}
|
||||
License: GPLv2+
|
||||
URL: http://sources.redhat.com/lvm2/wiki/DMRAID_Eventing
|
||||
Source: sgpio-1.2-0.10-src.tar.gz
|
||||
@ -9,6 +9,7 @@ Source: sgpio-1.2-0.10-src.tar.gz
|
||||
#Source: http://sources.redhat.com/lvm2/wiki/DMRAID_Eventing?action=AttachFile&do=get&target=sgpio-1.2.tgz
|
||||
Patch0: sgpio-1.2-makefile.patch
|
||||
Patch1: sgpio-1.2-coverity.patch
|
||||
Patch2: sgpio-1.2-buffer-overflow.patch
|
||||
BuildRequires: make
|
||||
BuildRequires: gcc
|
||||
BuildRequires: dos2unix
|
||||
@ -21,6 +22,7 @@ Intel SGPIO enclosure management utility
|
||||
dos2unix --keepdate Makefile README
|
||||
%patch0 -p1 -b .makefile
|
||||
%patch1 -p1 -b .coverity
|
||||
%patch2 -p1 -b .buffer-overflow
|
||||
chmod a-x *
|
||||
|
||||
%build
|
||||
@ -37,6 +39,9 @@ make clean
|
||||
%{_mandir}/man1/sgpio.*
|
||||
|
||||
%changelog
|
||||
* Mon Oct 23 2023 Lukáš Zaoral <lzaoral@redhat.com> - 1.2.0.10-31
|
||||
- fix buffer overflow with high port numbers (RHEL-14440)
|
||||
|
||||
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1.2.0.10-30
|
||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||
Related: rhbz#1991688
|
||||
|
Loading…
Reference in New Issue
Block a user