Resolves: RHEL-18334

rpminspect license tweak

.systemtap.metadata

@@ -0,0 +1 @@
+f44f1853ddd462ac97b2c7c4b3a9434440d9d9c2 systemtap-5.0.tar.gz

RHEL-16549.patch

@@ -0,0 +1,59 @@
+commit 0fef0bd60ff4b359a32da52262855dfe82fe51ae
+gpg: Signature made Tue 14 Nov 2023 03:20:12 PM EST
+gpg:                using RSA key 4B35DCD2EA45C4E0783135BC8094BE9C9F4696A1
+gpg: Can't check signature: No public key
+Author: Yichun Zhang (agentzh) <yichun@openresty.com>
+Date:   Fri Nov 10 21:51:56 2023 -0800
+
+    PR31051: memory and uprobe leaks in early uprobe registraton code when errors happen
+
+diff --git a/runtime/linux/uprobes-inode.c b/runtime/linux/uprobes-inode.c
+index 997f4528d..289cce00b 100644
+--- a/runtime/linux/uprobes-inode.c
++++ b/runtime/linux/uprobes-inode.c
+@@ -529,6 +529,16 @@ stapiu_init(struct stapiu_consumer *consumers, size_t nconsumers)
+   }
+ 
+   if (unlikely(ret != 0)) {
++    for ( ;; ) {
++      struct stapiu_consumer *c = &consumers[i];
++      // protect against conceivable stapiu_refresh() at same time
++      mutex_lock(& c->consumer_lock);
++      stapiu_consumer_unreg(c);
++      mutex_unlock(& c->consumer_lock);
++      if (i == 0)
++        break;
++      i--;
++    }
+     return ret;
+   }
+ 
+@@ -545,7 +555,27 @@ stapiu_init(struct stapiu_consumer *consumers, size_t nconsumers)
+       break;
+     }
+   }
+-  return ret;
++
++  if (unlikely(ret != 0)) {
++    int j;
++    for (j = 0; j < nconsumers; ++j) {
++      struct stapiu_consumer *c = &consumers[j];
++      // protect against conceivable stapiu_refresh() at same time
++      mutex_lock(& c->consumer_lock);
++      stapiu_consumer_unreg(c);
++      mutex_unlock(& c->consumer_lock);
++    }
++    for ( ;; ) {
++      struct stapiu_consumer *c = &consumers[i];
++      stap_cleanup_task_finder_target(&c->finder);
++      if (i == 0)
++        break;
++      i--;
++    }
++    return ret;
++  }
++
++  return 0;
+ }
+ 
+ 

RHEL-18334.patch

@@ -0,0 +1,147 @@
+commit b84a5e8c2c5a857c0790a71df7824259a95131cf
+Author: William Cohen <wcohen@redhat.com>
+Date:   Mon Dec 4 11:28:10 2023 -0500
+
+    PR31074: Ensure that the set_kernel_string* functions limit their writes
+    
+    Both the set_kernel_string and set_kernel_string_n function use the
+    underlying _stp_store_deref_string_ function to write strings.  There
+    were two issues with the this function:
+    
+     1) wrote MAXSTRINGLEN bytes even if string was shorter
+     2) null write at end could spill past end of buffer
+    
+    The first issue was addressed by stopping to write once a null
+    character is encountered.  The second issue is a side effect of C
+    implicit promotion of character constants to ints and was addressed by
+    explicitlying casting the character constants as a char.
+    
+    The pr31074.exp test was added to verify that the write length are
+    limited to string length and the null write does not go beyond the end
+    of the buffer.
+
+diff --git a/runtime/linux/loc2c-runtime.h b/runtime/linux/loc2c-runtime.h
+index 68fbe2ab6..663360293 100644
+--- a/runtime/linux/loc2c-runtime.h
++++ b/runtime/linux/loc2c-runtime.h
+@@ -1007,11 +1007,14 @@ static inline int _stp_store_deref_string_(char *src, void *addr, size_t len,
+     {
+       for (i = 0; i < len - 1; ++i)
+ 	{
++	  if (*src == '\0')
++	    break;
+ 	  err = __stp_put_either(*src++, (u8 *)addr + i, seg);
+ 	  if (err)
+ 	    goto out;
+ 	}
+-      err = __stp_put_either('\0', (u8 *)addr + i, seg);
++      /* PR31074: cast (char) '\0' to make sure right size */
++      err = __stp_put_either((char) '\0', (u8 *)addr + i, seg);
+     }
+ 
+ out:
+diff --git a/testsuite/systemtap.base/pr31074.exp b/testsuite/systemtap.base/pr31074.exp
+new file mode 100644
+index 000000000..5b382b789
+--- /dev/null
++++ b/testsuite/systemtap.base/pr31074.exp
+@@ -0,0 +1,5 @@
++# Check that the set_kernel_* functions work correctly.
++
++set test "pr31074"
++
++stap_run $test no_load $all_pass_string -g $srcdir/$subdir/$test.stp
+diff --git a/testsuite/systemtap.base/pr31074.stp b/testsuite/systemtap.base/pr31074.stp
+new file mode 100644
+index 000000000..930c276b5
+--- /dev/null
++++ b/testsuite/systemtap.base/pr31074.stp
+@@ -0,0 +1,88 @@
++/*
++ * pr31074.stp
++ *
++ * Check that the set_kernel_string function work correctly.
++ */
++
++probe begin {  println("systemtap starting probe")  }
++probe end   {  println("systemtap ending probe")    }
++
++global errors = 0
++
++function assert_string(test, expected, value)
++{
++    if (value == expected)
++        return 1
++    printf("systemtap test failure - %s: expected \"%s\", got \"%s\"\n",
++           test, expected, value)
++    errors++
++    return 0
++}
++
++function assert_not_reached(test)
++{
++    printf("systemtap test failure - %s: missing exception\n", test)
++    errors++
++}
++
++function assert_buffer_untouched(test, addr)
++{
++  if (!buffer_42(addr)) {
++    printf("systemtap test failure - %s: buffer overwritten\n", test)
++    errors++
++  }
++}  
++
++
++probe end(1)
++{
++    test = "set_kernel_string"
++    addr3 = get_buffer3()
++    addr2 = get_buffer2()
++    if (assert_string(test, "", kernel_string(addr2))) {
++        set_kernel_string(addr2, "bar")
++        assert_string(test, "bar", kernel_string(addr2))
++    }
++    addr1 = get_buffer1()
++    if (assert_string(test, "", kernel_string(addr1))) {
++        set_kernel_string(addr1, "foo")
++        assert_string(test, "foo", kernel_string(addr1))
++    }
++    /* now check to make sure that "bar" has not been overwritten */
++   assert_string("no null overrun", "bar", kernel_string(addr2))
++   assert_buffer_untouched("no overrun", addr3)
++    if (!errors)
++        println("systemtap test success")
++}
++
++%{
++  static char buffer_x[4+4+MAXSTRINGLEN];
++%}
++
++function get_buffer1:long () %{
++  static char *buffer1 = &(buffer_x[0]);
++  memset(buffer1, 0, 4);
++  STAP_RETVALUE = (long)buffer1;
++%}
++
++function get_buffer2:long () %{
++  static char *buffer2 = &(buffer_x[4]);
++  memset(buffer2, 0, 4);
++  STAP_RETVALUE = (long)buffer2;
++%}
++
++function get_buffer3:long () %{
++  static char *buffer3 = &(buffer_x[8]);
++  memset(buffer3, 42, MAXSTRINGLEN);
++  STAP_RETVALUE = (long)buffer3;
++%}
++
++function buffer_42:long (addr:long) %{
++  int i;
++  char *buffer3 = (char *)STAP_ARG_addr;
++  STAP_RETVALUE = 1;
++  for(i=0; i< MAXSTRINGLEN; ++i){
++    if (buffer3[i] != 42) 
++      STAP_RETVALUE = 0;
++  }
++%}

systemtap.spec

@@ -116,7 +116,7 @@ m     stapdev  stapdev
 Name: systemtap
 # PRERELEASE
 Version: 5.0
-Release: 1%{?release_override}%{?dist}
+Release: 4%{?release_override}%{?dist}
 # for version, see also configure.ac
 
 
@@ -153,6 +153,9 @@ License: GPL-2.0-or-later
 URL: http://sourceware.org/systemtap/
 Source: ftp://sourceware.org/pub/systemtap/releases/systemtap-%{version}.tar.gz
 
+Patch1: RHEL-16549.patch
+Patch2: RHEL-18334.patch
+
 # Build*
 BuildRequires: make
 BuildRequires: gcc-c++
@@ -394,7 +397,7 @@ with the optional dtrace-compatibility preprocessor to process related
 
 %package testsuite
 Summary: Instrumentation System Testsuite
-License: GPL-2.0-or-later AND GPL AND GPL-2.0-only AND GPL-3.0-or-later AND MIT
+License: GPL-2.0-or-later AND GPL-2.0-only AND GPL-3.0-or-later AND MIT
 URL: http://sourceware.org/systemtap/
 Requires: systemtap = %{version}-%{release}
 Requires: systemtap-sdt-devel = %{version}-%{release}
@@ -579,6 +582,8 @@ or within a container.
 
 %prep
 %setup -q
+%patch -P1 -p1
+%patch -P2 -p1
 
 %build
 
@@ -1298,6 +1303,15 @@ exit 0
 
 # PRERELEASE
 %changelog
+* Wed Dec 6 2023 William Cohen <wcohen@redhat.com> - 5.0-4
+- RHEL-18334
+
+* Tue Nov 14 2023 Frank Ch. Eigler <fche@redhat.com> - 5.0-3
+- RHEL-16549
+
+* Mon Nov 06 2023 Frank Ch. Eigler <fche@redhat.com> - 5.0-2
+- License header tweak
+
 * Fri Nov 03 2023 Frank Ch. Eigler <fche@redhat.com> - 5.0-1
 - Upstream release, see wiki page below for detailed notes.
   https://sourceware.org/systemtap/wiki/SystemTapReleases