From e0bf0f3d719d72a6e557371f024a3ad44c35b9b4 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Nov 02 2021 15:24:41 +0000 Subject: import fstrm-0.6.1-3.el9 --- diff --git a/.fstrm.metadata b/.fstrm.metadata new file mode 100644 index 0000000..af4c83b --- /dev/null +++ b/.fstrm.metadata @@ -0,0 +1 @@ +06c55912eea39a994cfb116192d82c89212db172 SOURCES/fstrm-0.6.1.tar.gz diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..435a984 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/fstrm-0.6.1.tar.gz diff --git a/SOURCES/fstrm-0.6.1-Fix-CLANG_WARNING.patch b/SOURCES/fstrm-0.6.1-Fix-CLANG_WARNING.patch new file mode 100644 index 0000000..d85cef9 --- /dev/null +++ b/SOURCES/fstrm-0.6.1-Fix-CLANG_WARNING.patch @@ -0,0 +1,90 @@ +From abefc739f769a8c9bd89db78b9a3e9dd9e366064 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= +Date: Mon, 11 Jan 2021 12:25:27 +0100 +Subject: [PATCH] Fix CLANG_WARNING + +libmy/argv.c:1352:7: warning[core.uninitialized.Assign]: The expression is an uninitialized value. The computed value will also be garbage + (*(int *)var)++; + ^~~~~~~~~~~~~ +libmy/argv.c:1207:29: note: Assuming field 'at_value' is not equal to 0 + for (type_p = argv_types; type_p->at_value != 0; type_p++) { + ^~~~~~~~~~~~~~~~~~~~~ +libmy/argv.c:1207:3: note: Loop condition is true. Entering loop body + for (type_p = argv_types; type_p->at_value != 0; type_p++) { + ^ +libmy/argv.c:1208:9: note: Assuming 'val_type' is equal to field 'at_value' + if (type_p->at_value == val_type) { + ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ +libmy/argv.c:1208:5: note: Taking true branch + if (type_p->at_value == val_type) { + ^ +libmy/argv.c:1210:7: note: Execution continues on line 1214 + break; + ^ +libmy/argv.c:1214:15: note: Field 'at_value' is not equal to 0 + if (type_p->at_value == 0) { + ^ +libmy/argv.c:1214:3: note: Taking false branch + if (type_p->at_value == 0) { + ^ +libmy/argv.c:1222:7: note: Assuming the condition is true + if (type & ARGV_FLAG_ARRAY) { + ^~~~~~~~~~~~~~~~~~~~~~ +libmy/argv.c:1222:3: note: Taking true branch + if (type & ARGV_FLAG_ARRAY) { + ^ +libmy/argv.c:1225:9: note: Assuming field 'aa_entry_n' is equal to 0 + if (arr_p->aa_entry_n == 0) { + ^~~~~~~~~~~~~~~~~~~~~~ +libmy/argv.c:1225:5: note: Taking true branch + if (arr_p->aa_entry_n == 0) { + ^ +libmy/argv.c:1226:35: note: Storing uninitialized value + arr_p->aa_entries = (char *)malloc(ARRAY_INCR *size); + ^~~~~~~~~~~~~~~~~~~~~~~~ +libmy/argv.c:1234:9: note: Assuming field 'aa_entries' is not equal to NULL + if (arr_p->aa_entries == NULL) { + ^~~~~~~~~~~~~~~~~~~~~~~~~ +libmy/argv.c:1234:5: note: Taking false branch + if (arr_p->aa_entries == NULL) { + ^ +libmy/argv.c:1251:3: note: Control jumps to 'case 17:' at line 1349 + switch (val_type) { + ^ +libmy/argv.c:1351:9: note: Assuming 'arg' is equal to NULL + if (arg == NULL) { + ^~~~~~~~~~~ +libmy/argv.c:1351:5: note: Taking true branch + if (arg == NULL) { + ^ +libmy/argv.c:1352:7: note: The expression is an uninitialized value. The computed value will also be garbage + (*(int *)var)++; + ^~~~~~~~~~~~~ +--- + libmy/argv.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/libmy/argv.c b/libmy/argv.c +index 0b28026..547065c 100644 +--- a/libmy/argv.c ++++ b/libmy/argv.c +@@ -1223,12 +1223,15 @@ static int string_to_value(const char *arg, ARGV_PNT var, + arr_p = (argv_array_t *)var; + + if (arr_p->aa_entry_n == 0) { +- arr_p->aa_entries = (char *)malloc(ARRAY_INCR *size); ++ arr_p->aa_entries = (char *)calloc(ARRAY_INCR, size); + } + else if (arr_p->aa_entry_n % ARRAY_INCR == 0) { + arr_p->aa_entries = + (char *)realloc(arr_p->aa_entries, (arr_p->aa_entry_n + ARRAY_INCR) * + size); ++ if (arr_p->aa_entries != NULL) ++ memset((char *)(arr_p->aa_entries) + arr_p->aa_entry_n * size, 0, ++ ARRAY_INCR*size); + } + + if (arr_p->aa_entries == NULL) { +-- +2.26.3 + diff --git a/SOURCES/fstrm-0.6.1-Fix-deadcode-and-check-return-code.patch b/SOURCES/fstrm-0.6.1-Fix-deadcode-and-check-return-code.patch new file mode 100644 index 0000000..f6e0634 --- /dev/null +++ b/SOURCES/fstrm-0.6.1-Fix-deadcode-and-check-return-code.patch @@ -0,0 +1,43 @@ +From 600db5413294701bdfda8ce19fa804bcbc866d2e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= +Date: Fri, 8 Jan 2021 13:23:17 +0100 +Subject: [PATCH 2/3] Fix deadcode and check return code + +1. fstrm-0.6.0/libmy/argv.c:1782: addr_non_null: The address of an object "argv_types" is never null. +2. fstrm-0.6.0/libmy/argv.c:1782: assignment: Assigning: "type_p" = "argv_types". +3. fstrm-0.6.0/libmy/argv.c:1809: notnull: At condition "type_p == NULL", the value of "type_p" cannot be "NULL". +4. fstrm-0.6.0/libmy/argv.c:1809: dead_error_condition: The condition "type_p == NULL" cannot be true. +5. fstrm-0.6.0/libmy/argv.c:1810: dead_error_begin: Execution cannot reach this statement: "(void)fprintf(argv_error_st...". + +40. fstrm-0.6.0/libmy/argv.c:2724: check_return: Calling "string_to_value" without checking return value (as is done elsewhere 6 out of 7 times). +--- + libmy/argv.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/libmy/argv.c b/libmy/argv.c +index c3aadfe..16dca73 100644 +--- a/libmy/argv.c ++++ b/libmy/argv.c +@@ -1806,7 +1806,7 @@ static void display_variables(const argv_t *args) + int entry_c, size = 0; + + /* find the type and the size for array */ +- if (type_p == NULL) { ++ if (type_p->at_value == 0) { + (void)fprintf(argv_error_stream, "%s: illegal variable type %d\n", + __FILE__, val_type); + continue; +@@ -2721,7 +2721,9 @@ static void do_list(argv_t *grid, const int arg_c, char **argv, + case ARGV_LONG: + case ARGV_FLOAT: + case ARGV_DOUBLE: +- string_to_value(*arg_p, match_p->ar_variable, match_p->ar_type); ++ if (string_to_value(*arg_p, match_p->ar_variable, match_p->ar_type) != NOERROR) { ++ *okay_bp = ARGV_FALSE; ++ } + char_c = len; + /* we actually used it so we advance the queue tail position */ + (*queue_tail_p)++; +-- +2.26.3 + diff --git a/SOURCES/fstrm-0.6.1-Invalid-dereference.patch b/SOURCES/fstrm-0.6.1-Invalid-dereference.patch new file mode 100644 index 0000000..2a1364a --- /dev/null +++ b/SOURCES/fstrm-0.6.1-Invalid-dereference.patch @@ -0,0 +1,83 @@ +From d6149aaad2a72a8f000283015f6e381bb2821ee2 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= +Date: Thu, 7 Jan 2021 16:08:40 +0100 +Subject: [PATCH 1/3] Invalid dereference + +libmy/argv.c:3212: var_deref_model: Passing null pointer "queue_list" to "do_list", which dereferences it +libmy/argv.c:3204: var_deref_model: Passing null pointer "queue_list" to "do_list", which dereferences it. + +Workaround to possibility no arguments is received + +Usually at least one arg is always passed in argv - program name. Do not +dereference null queue_list in unlikely case no parameter in argv. +--- + libmy/argv.c | 45 +++++++++++++++++++++++---------------------- + 1 file changed, 23 insertions(+), 22 deletions(-) + +diff --git a/libmy/argv.c b/libmy/argv.c +index 6c64906..c3aadfe 100644 +--- a/libmy/argv.c ++++ b/libmy/argv.c +@@ -3197,28 +3197,29 @@ int argv_process_no_env(argv_t *args, const int arg_n, char **argv) + } + queue_head = 0; + queue_tail = 0; +- } +- +- /* do the env args before? */ +- if (argv_process_env_b && (! argv_env_after_b) && env_vect_p != NULL) { +- do_list(args, env_n, env_vect_p, queue_list, &queue_head, &queue_tail, +- &okay_b); +- free(env_vect_p); +- free(environ_p); +- env_vect_p = NULL; +- } +- +- /* do the external args */ +- do_list(args, arg_n - 1, argv + 1, queue_list, &queue_head, &queue_tail, +- &okay_b); ++ ++ /* do the env args before? */ ++ if (argv_process_env_b && (! argv_env_after_b) && env_vect_p != NULL) { ++ do_list(args, env_n, env_vect_p, queue_list, &queue_head, &queue_tail, ++ &okay_b); ++ free(env_vect_p); ++ free(environ_p); ++ env_vect_p = NULL; ++ } ++ ++ /* do the external args */ ++ if (arg_n > 0) ++ do_list(args, arg_n - 1, argv + 1, queue_list, &queue_head, &queue_tail, ++ &okay_b); + +- /* DO the env args after? */ +- if (argv_process_env_b && argv_env_after_b && env_vect_p != NULL) { +- do_list(args, env_n, env_vect_p, queue_list, &queue_head, &queue_tail, +- &okay_b); +- free(env_vect_p); +- free(environ_p); +- env_vect_p = NULL; ++ /* DO the env args after? */ ++ if (argv_process_env_b && argv_env_after_b && env_vect_p != NULL) { ++ do_list(args, env_n, env_vect_p, queue_list, &queue_head, &queue_tail, ++ &okay_b); ++ free(env_vect_p); ++ free(environ_p); ++ env_vect_p = NULL; ++ } + } + + /* make sure the XOR and MAND args and argument-options are okay */ +@@ -3233,7 +3234,7 @@ int argv_process_no_env(argv_t *args, const int arg_n, char **argv) + } + + /* if we allocated the space then free it */ +- if (arg_n > 0) { ++ if (queue_list) { + free(queue_list); + } + +-- +2.26.3 + diff --git a/SOURCES/fstrm-0.6.1-Possible-resource-leak-fix.patch b/SOURCES/fstrm-0.6.1-Possible-resource-leak-fix.patch new file mode 100644 index 0000000..bde2fca --- /dev/null +++ b/SOURCES/fstrm-0.6.1-Possible-resource-leak-fix.patch @@ -0,0 +1,40 @@ +From 1499d3e2715bad67588b5c0b6c02865eeb65aa16 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= +Date: Fri, 8 Jan 2021 17:43:03 +0100 +Subject: [PATCH 3/3] Possible resource leak fix + +34. fstrm-0.6.0/libmy/argv.c:2238: alloc_fn: Storage is returned from allocation function "realloc". +35. fstrm-0.6.0/libmy/argv.c:2238: var_assign: Assigning: "argv" = storage returned from "realloc(argv, 8UL * max)". +37. fstrm-0.6.0/libmy/argv.c:2254: var_assign: Assigning: "argv_p" = "argv". +47. fstrm-0.6.0/libmy/argv.c:2229: leaked_storage: Variable "argv_p" going out of scope leaks the storage it points to. +48. fstrm-0.6.0/libmy/argv.c:2229: leaked_storage: Variable "argv" going out of scope leaks the storage it points to. +--- + libmy/argv.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/libmy/argv.c b/libmy/argv.c +index 16dca73..0b28026 100644 +--- a/libmy/argv.c ++++ b/libmy/argv.c +@@ -2226,7 +2226,7 @@ static void file_args(const char *path, argv_t *grid, + *argv_p = string_copy(line); + if (*argv_p == NULL) { + *okay_bp = ARGV_FALSE; +- return; ++ goto cleanup; + } + + argv_p++; +@@ -2257,7 +2257,8 @@ static void file_args(const char *path, argv_t *grid, + + /* now do the list */ + do_list(grid, arg_c, argv, queue_list, queue_head_p, queue_tail_p, okay_bp); +- ++ ++cleanup: + /* now free up the list */ + for (argv_p = argv; argv_p < argv + arg_c; argv_p++) { + free(*argv_p); +-- +2.26.3 + diff --git a/SPECS/fstrm.spec b/SPECS/fstrm.spec new file mode 100644 index 0000000..00243be --- /dev/null +++ b/SPECS/fstrm.spec @@ -0,0 +1,189 @@ +%global _hardened_build 1 +%{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}} + +Name: fstrm +Summary: Frame Streams implementation in C +Version: 0.6.1 +Release: 3%{?dist} +License: MIT +URL: https://github.com/farsightsec/fstrm +Source0: https://dl.farsightsecurity.com/dist/%{name}/%{name}-%{version}.tar.gz +# Patches to libmy library +# https://github.com/farsightsec/libmy/pull/4 +Patch1: fstrm-0.6.1-Fix-deadcode-and-check-return-code.patch +Patch2: fstrm-0.6.1-Invalid-dereference.patch +Patch3: fstrm-0.6.1-Possible-resource-leak-fix.patch +Patch4: fstrm-0.6.1-Fix-CLANG_WARNING.patch +BuildRequires: autoconf automake libtool +BuildRequires: libevent-devel +# Upstream repository without a single release +# https://github.com/farsightsec/libmy +# Always included as sources copy in farsightsec projects +Provides: bundled(libmy) + +%description +Frame Streams is a light weight, binary clean protocol that allows for the +transport of arbitrarily encoded data payload sequences with minimal framing +overhead -- just four bytes per data frame. Frame Streams does not specify +an encoding format for data frames and can be used with any data serialization +format that produces byte sequences, such as Protocol Buffers, XML, JSON, +MessagePack, YAML, etc. + +%package utils +Summary: Frame Streams (fstrm) utilities +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description utils +Frame Streams is a light weight, binary clean protocol that allows for the +transport of arbitrarily encoded data payload sequences with minimal framing +overhead -- just four bytes per data frame. Frame Streams does not specify +an encoding format for data frames and can be used with any data serialization +format that produces byte sequences, such as Protocol Buffers, XML, JSON, +MessagePack, YAML, etc. + +The fstrm-utils package contains command line utilities. + +%package devel +Summary: Development Files for fstrm library +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description devel +The fstrm-devel package contains header files required to build an application +using fstrm library. + +%package doc +Summary: API documentation for fstrm library +BuildArch: noarch +BuildRequires: doxygen +BuildRequires: make +Requires: %{name} = %{version}-%{release} + +%description doc +The fstrm-doc package contains Doxygen generated API documentation for +fstrm library. + +%prep +%autosetup -p1 +# regenerated build scripts to: +# - remove RPATHs +# - allow dynamic linking and execution of 'make check' +autoreconf -fi + +%build +%configure --disable-static +%make_build +make html + +%install +# install the library +%make_install +rm %{buildroot}%{_libdir}/libfstrm.la + +# install documentation +mkdir -p %{buildroot}%{_pkgdocdir}/ +cp -ar html %{buildroot}%{_pkgdocdir}/html + +%check +make check + +%if 0%{?fedora} || 0%{?rhel} > 7 +# https://fedoraproject.org/wiki/Changes/Removing_ldconfig_scriptlets +%else +%post -p /sbin/ldconfig +%postun -p /sbin/ldconfig +%endif + +%files +%doc COPYRIGHT LICENSE +%exclude %{_pkgdocdir}/html +%{_libdir}/libfstrm.so.* + +%files utils +%{_bindir}/fstrm_capture +%{_bindir}/fstrm_dump +%{_bindir}/fstrm_replay +%{_mandir}/man1/fstrm_* + +%files devel +%doc README.md +%{_includedir}/fstrm.h +%{_includedir}/fstrm/ +%{_libdir}/pkgconfig/libfstrm.pc +%{_libdir}/libfstrm.so + +%files doc +%doc %{_pkgdocdir}/html + +%changelog +* Mon Aug 09 2021 Mohan Boddu +- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags + Related: rhbz#1991688 + +* Fri Apr 09 2021 Petr Menšík - 0.6.1-2 +- Apply coverity fixes also to bundled libmy + +* Thu Apr 08 2021 Petr Menšík - 0.6.1-1 +- Update to 0.6.1 (#1946415) + +* Thu Apr 15 2021 Mohan Boddu - 0.6.0-5 +- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 + +* Tue Jan 26 2021 Fedora Release Engineering - 0.6.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Sep 15 2020 Petr Menšík - 0.6.0-3 +- Move command line tools to utils subpackage + +* Tue Sep 15 2020 Petr Menšík - 0.6.0-2 +- Rebuilt for libevent rebase + +* Tue Aug 11 2020 Michał Kępień - 0.6.0-1 +- Update to new upstream version 0.6.0 + +* Mon Jul 27 2020 Fedora Release Engineering - 0.5.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue Jan 28 2020 Fedora Release Engineering - 0.5.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Thu Oct 10 2019 Tomas Krizek - 0.5.0-1 +- Update to new upstream version 0.5.0 + +* Thu Jul 25 2019 Fedora Release Engineering - 0.4.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Thu Jan 31 2019 Fedora Release Engineering - 0.4.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Fri Jul 13 2018 Fedora Release Engineering - 0.4.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Thu May 17 2018 Tomas Krizek - 0.4.0-1 +- Update to new upstream version 0.4.0 BZ#1577420 + +* Thu Apr 05 2018 Tomas Krizek - 0.3.2-1 +- Update to new upstream version 0.3.2 + +* Wed Feb 07 2018 Fedora Release Engineering - 0.3.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Wed Aug 02 2017 Fedora Release Engineering - 0.3.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 0.3.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Fri Feb 10 2017 Fedora Release Engineering - 0.3.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Sun Oct 23 2016 Jan Vcelak - 0.3.0-1 +- new upstream release + +* Wed Feb 03 2016 Fedora Release Engineering - 0.2.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Wed Jun 17 2015 Fedora Release Engineering - 0.2.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Mon Dec 15 2014 Jan Vcelak 0.2.0-1 +- initial package