From 89129d9d9c0022478aaca23534391921ae66ac45 Mon Sep 17 00:00:00 2001 From: CentOS Buildsys Date: Jan 26 2014 12:31:09 +0000 Subject: import libndp-1.2-4.el7.src.rpm --- diff --git a/SOURCES/0001-libndp-fix-cppcheck-Undefined-behavior-Variable-buf-.patch b/SOURCES/0001-libndp-fix-cppcheck-Undefined-behavior-Variable-buf-.patch new file mode 100644 index 0000000..8cd0ead --- /dev/null +++ b/SOURCES/0001-libndp-fix-cppcheck-Undefined-behavior-Variable-buf-.patch @@ -0,0 +1,41 @@ +From 4376e752c822444f1a26b5e1e974ddd7104ae15c Mon Sep 17 00:00:00 2001 +From: Jiri Pirko +Date: Wed, 18 Dec 2013 13:26:49 +0100 +Subject: [patch] libndp: fix [cppcheck] Undefined behavior: Variable 'buf' is + used as parameter and destination in s[n]printf() + +cppcheck --enable=all --inconclusive --std=posix . + +ndp_msg_opt_dnssl_domain(): + if (dom_len > len) + return NULL; + + if (strlen(buf)) +----> sprintf(buf, "%s.", buf); + buf[strlen(buf) + dom_len] = '\0'; + memcpy(buf + strlen(buf), ptr, dom_len); + +So just use strcat instead. + +Reported-by: Dan Williams +Signed-off-by: Jiri Pirko +--- + libndp/libndp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libndp/libndp.c b/libndp/libndp.c +index 0bc3fe3..e510e2e 100644 +--- a/libndp/libndp.c ++++ b/libndp/libndp.c +@@ -1540,7 +1540,7 @@ char *ndp_msg_opt_dnssl_domain(struct ndp_msg *msg, int offset, + return NULL; + + if (strlen(buf)) +- sprintf(buf, "%s.", buf); ++ strcat(buf, "."); + buf[strlen(buf) + dom_len] = '\0'; + memcpy(buf + strlen(buf), ptr, dom_len); + ptr += dom_len; +-- +1.8.4.2 + diff --git a/SPECS/libndp.spec b/SPECS/libndp.spec index c6ba583..04defa5 100644 --- a/SPECS/libndp.spec +++ b/SPECS/libndp.spec @@ -1,12 +1,14 @@ Name: libndp Version: 1.2 -Release: 1%{?dist} +Release: 4%{?dist} Summary: Library for Neighbor Discovery Protocol Group: System Environment/Libraries License: LGPLv2+ URL: http://www.libndp.org/ Source: http://www.libndp.org/files/libndp-%{version}.tar.gz +Patch0: 0001-libndp-fix-cppcheck-Undefined-behavior-Variable-buf-.patch + %description This package contains a library which provides a wrapper for IPv6 Neighbor Discovery Protocol. It also provides a tool @@ -23,6 +25,7 @@ necessary for developing programs using libndp. %prep %setup -q +%patch0 -p1 -b .fix_cppcheck_var_buf %build %configure --disable-static @@ -48,6 +51,15 @@ find $RPM_BUILD_ROOT -name \*.la -delete %{_libdir}/pkgconfig/*.pc %changelog +* Fri Jan 24 2014 Daniel Mach - 1.2-4 +- Mass rebuild 2014-01-24 + +* Tue Jan 21 2014 Jiri Pirko - 1.2-3 +- libndp: fix [cppcheck] Undefined behavior: Variable 'buf' is used as parameter and destination in s[n]printf() [1044084] + +* Fri Dec 27 2013 Daniel Mach - 1.2-2 +- Mass rebuild 2013-12-27 + * Tue Oct 15 2013 Jiri Pirko - 1.2-1 - Update to 1.2 - libndp: silently ignore packets with optlen 0 [1016064]