From 1b628fdb08234e0d9214a8a84544c4f7a7e77918 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Apr 28 2020 09:41:38 +0000 Subject: import rpcbind-1.2.5-7.el8 --- diff --git a/SOURCES/rpcbind-0.2.4-systemd-service.patch b/SOURCES/rpcbind-0.2.4-systemd-service.patch index 0350020..68355c2 100644 --- a/SOURCES/rpcbind-0.2.4-systemd-service.patch +++ b/SOURCES/rpcbind-0.2.4-systemd-service.patch @@ -1,7 +1,7 @@ -diff -up rpcbind-0.2.4/systemd/rpcbind.service.in.orig rpcbind-0.2.4/systemd/rpcbind.service.in ---- rpcbind-0.2.4/systemd/rpcbind.service.in.orig 2017-12-16 15:46:12.896270101 -0500 -+++ rpcbind-0.2.4/systemd/rpcbind.service.in 2017-12-16 15:46:43.672027210 -0500 -@@ -7,7 +7,8 @@ RequiresMountsFor=@statedir@ +diff -up rpcbind-1.2.5/systemd/rpcbind.service.in.orig rpcbind-1.2.5/systemd/rpcbind.service.in +--- rpcbind-1.2.5/systemd/rpcbind.service.in.orig 2020-01-16 11:40:30.329120662 -0500 ++++ rpcbind-1.2.5/systemd/rpcbind.service.in 2020-01-16 11:44:26.605895713 -0500 +@@ -7,13 +7,14 @@ RequiresMountsFor=@statedir@ # Make sure we use the IP addresses listed for # rpcbind.socket, no matter how this unit is started. Requires=rpcbind.socket @@ -11,3 +11,10 @@ diff -up rpcbind-0.2.4/systemd/rpcbind.service.in.orig rpcbind-0.2.4/systemd/rpc [Service] Type=notify + # distro can provide a drop-in adding EnvironmentFile=-/??? if needed. + EnvironmentFile=/etc/sysconfig/rpcbind +-ExecStart=@_sbindir@/rpcbind $RPCBIND_OPTIONS -w -f ++ExecStart=@_sbindir@/rpcbind $RPCBIND_ARGS -w -f + + [Install] + WantedBy=multi-user.target diff --git a/SOURCES/rpcbind-1.2.5-covscan-resource-leaks.patch b/SOURCES/rpcbind-1.2.5-covscan-resource-leaks.patch new file mode 100644 index 0000000..e8ab75a --- /dev/null +++ b/SOURCES/rpcbind-1.2.5-covscan-resource-leaks.patch @@ -0,0 +1,94 @@ +diff -up rpcbind-1.2.5/src/rpcbind.c.orig rpcbind-1.2.5/src/rpcbind.c +--- rpcbind-1.2.5/src/rpcbind.c.orig 2020-02-06 14:19:34.199330296 -0500 ++++ rpcbind-1.2.5/src/rpcbind.c 2020-02-06 14:20:19.069973902 -0500 +@@ -350,7 +350,7 @@ init_transport(struct netconfig *nconf) + { + int fd = -1; + struct t_bind taddr; +- struct addrinfo hints, *res; ++ struct addrinfo hints, *res = NULL; + struct __rpc_sockinfo si; + SVCXPRT *my_xprt = NULL; + int status; /* bound checking ? */ +@@ -827,8 +827,12 @@ got_socket: + } + #endif + ++ if (res != NULL) ++ freeaddrinfo(res); + return (0); + error: ++ if (res != NULL) ++ freeaddrinfo(res); + close(fd); + return (1); + } +diff -up rpcbind-1.2.5/src/rpcb_stat.c.orig rpcbind-1.2.5/src/rpcb_stat.c +--- rpcbind-1.2.5/src/rpcb_stat.c.orig 2018-08-15 10:51:19.000000000 -0400 ++++ rpcbind-1.2.5/src/rpcb_stat.c 2020-02-06 14:20:19.073973959 -0500 +@@ -151,7 +151,7 @@ rpcbs_rmtcall(rpcvers_t rtype, rpcproc_t + rpcbs_rmtcalllist *rl; + struct netconfig *nconf; + +- if (rtype > RPCBVERS_STAT) ++ if (rtype >= RPCBVERS_STAT) + return; + for (rl = inf[rtype].rmtinfo; rl; rl = rl->next) { + +diff -up rpcbind-1.2.5/src/rpcinfo.c.orig rpcbind-1.2.5/src/rpcinfo.c +--- rpcbind-1.2.5/src/rpcinfo.c.orig 2020-02-06 14:19:34.193330210 -0500 ++++ rpcbind-1.2.5/src/rpcinfo.c 2020-02-06 14:20:19.073973959 -0500 +@@ -693,11 +693,11 @@ reply_proc (res, who, nconf) + } + if (!(uaddr = taddr2uaddr (nconf, who))) + { +- uaddr = UNKNOWN; ++ printf ("%s\t%s\n", UNKNOWN, hostname); ++ } else { ++ printf ("%s\t%s\n", uaddr, hostname); ++ free ((char *) uaddr); + } +- printf ("%s\t%s\n", uaddr, hostname); +- if (strcmp (uaddr, UNKNOWN)) +- free ((char *) uaddr); + return (FALSE); + } + +diff -up rpcbind-1.2.5/src/util.c.orig rpcbind-1.2.5/src/util.c +--- rpcbind-1.2.5/src/util.c.orig 2020-02-06 14:20:51.564439986 -0500 ++++ rpcbind-1.2.5/src/util.c 2020-02-06 14:20:39.994274027 -0500 +@@ -322,13 +322,20 @@ network_init() + /* + * Now join the RPC ipv6 multicast group on all interfaces. + */ +- if (getifaddrs(&ifp) < 0) ++ if (getifaddrs(&ifp) < 0) { ++ freeaddrinfo (res); + return; +- ++ } + mreq6.ipv6mr_interface = 0; + inet_pton(AF_INET6, RPCB_MULTICAST_ADDR, &mreq6.ipv6mr_multiaddr); + + s = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP); ++ if (s < 0) { ++ if (debugging) ++ fprintf(stderr, "socket(AF_INET6) failed: %s\n", strerror(errno)); ++ freeaddrinfo (res); ++ return; ++ } + + /* + * Loop through all interfaces. For each IPv6 multicast-capable +@@ -351,9 +358,9 @@ network_init() + if (debugging) + perror("setsockopt v6 multicast"); + } ++ close(s); + #endif +- +- /* close(s); */ ++ freeaddrinfo (res); + } + + struct sockaddr * diff --git a/SPECS/rpcbind.spec b/SPECS/rpcbind.spec index 952e13a..3ce893e 100644 --- a/SPECS/rpcbind.spec +++ b/SPECS/rpcbind.spec @@ -4,7 +4,7 @@ Name: rpcbind Version: 1.2.5 -Release: 4%{?dist} +Release: 7%{?dist} Summary: Universal Addresses to RPC Program Number Mapper Group: System Environment/Daemons License: BSD @@ -27,6 +27,11 @@ Requires(postun): systemd coreutils # Patch001: rpcbind-1.2.5-rpcinfo-bufoverflow.patch +# +# RHEL 8.2 +# +Patch002: rpcbind-1.2.5-covscan-resource-leaks.patch + Patch100: rpcbind-0.2.3-systemd-envfile.patch Patch101: rpcbind-0.2.3-systemd-tmpfiles.patch Patch102: rpcbind-0.2.4-runstatdir.patch @@ -47,6 +52,9 @@ RPC calls on a server on that machine. # 1637565 - rpcinfo: Fix stack buffer overflow %patch001 -p1 +# 1602680 - Please review important issues found by covscan... +%patch002 -p1 + %patch100 -p1 %patch101 -p1 %patch102 -p1 @@ -141,6 +149,15 @@ fi %attr(0700, %{rpcbind_user_group}, %{rpcbind_user_group}) %dir %{rpcbind_state_dir} %changelog +* Thu Feb 6 2020 Steve Dickson - 1.2.5-7 +- Clean up a error path found by a covscan (bz 1602680) + +* Thu Jan 16 2020 Steve Dickson - 1.2.5-6 +- Use sysconfig variable in service file (bz 1764985) + +* Mon Nov 11 2019 Steve Dickson - 1.2.5-5 +- Removed some issues found by covscan (bz 1602680) + * Fri Jul 26 2019 Steve Dickson - 1.2.5-4 - Enable gating using reverse dependency testing of nfs-utils (bz 1681967