From f678f58aac73bb1253c8e0c84f1cfa666a51ab1a5ff063971aaae1430693cc97 Mon Sep 17 00:00:00 2001
From: Jean Delvare <jdelvare@suse.com>
Date: Fri, 9 Sep 2022 10:36:56 +0000
Subject: [PATCH] 2 recommended fixes from upstream: - news-fix-typo.patch: We
 ship the NEWS file so avoid including a   typo in it. -
 dmioem-fix-segmentation-fault-in-dmi_hp_240_attr.patch: Passing   NULL to a
 %s printf conversion specifier is illegal, and can   result in a segmentation
 fault. Current version of glibc doesn't   mind, but alternative, past or
 future libc implementations could   crash, so let's fix it.

OBS-URL: https://build.opensuse.org/package/show/Base:System/dmidecode?expand=0&rev=64
---
 dmidecode.changes                             | 12 ++++++
 dmidecode.spec                                |  4 ++
 ...egmentation-fault-in-dmi_hp_240_attr.patch | 42 +++++++++++++++++++
 news-fix-typo.patch                           | 20 +++++++++
 4 files changed, 78 insertions(+)
 create mode 100644 dmioem-fix-segmentation-fault-in-dmi_hp_240_attr.patch
 create mode 100644 news-fix-typo.patch

diff --git a/dmidecode.changes b/dmidecode.changes
index 836b021..0e3fd7f 100644
--- a/dmidecode.changes
+++ b/dmidecode.changes
@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Fri Sep  9 10:00:42 UTC 2022 - Jean Delvare <jdelvare@suse.de>
+
+2 recommended fixes from upstream:
+- news-fix-typo.patch: We ship the NEWS file so avoid including a
+  typo in it.
+- dmioem-fix-segmentation-fault-in-dmi_hp_240_attr.patch: Passing
+  NULL to a %s printf conversion specifier is illegal, and can
+  result in a segmentation fault. Current version of glibc doesn't
+  mind, but alternative, past or future libc implementations could
+  crash, so let's fix it.
+
 -------------------------------------------------------------------
 Mon Jun 27 15:48:12 UTC 2022 - Jean Delvare <jdelvare@suse.de>
 
diff --git a/dmidecode.spec b/dmidecode.spec
index 4c78d4b..b614698 100644
--- a/dmidecode.spec
+++ b/dmidecode.spec
@@ -27,6 +27,8 @@ Source0:        http://download.savannah.gnu.org/releases/%{name}/%{name}-%{vers
 Source1:        http://download.savannah.gnu.org/releases/%{name}/%{name}-%{version}.tar.xz.sig
 # https://savannah.nongnu.org/project/memberlist-gpgkeys.php?group=dmidecode
 Source2:        %{name}.keyring
+Patch1:         news-fix-typo.patch
+Patch2:         dmioem-fix-segmentation-fault-in-dmi_hp_240_attr.patch
 Provides:       pmtools:%{_sbindir}/dmidecode
 Obsoletes:      pmtools < 20071117
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
@@ -49,6 +51,8 @@ the BIOS told it to.
 
 %prep
 %setup -q
+%patch1 -p1
+%patch2 -p1
 
 %build
 CFLAGS="%{optflags}" make %{?_smp_mflags}
diff --git a/dmioem-fix-segmentation-fault-in-dmi_hp_240_attr.patch b/dmioem-fix-segmentation-fault-in-dmi_hp_240_attr.patch
new file mode 100644
index 0000000..853c976
--- /dev/null
+++ b/dmioem-fix-segmentation-fault-in-dmi_hp_240_attr.patch
@@ -0,0 +1,42 @@
+From: Jean Delvare <jdelvare@suse.de>
+Date: Fri, 9 Sep 2022 11:46:53 +0200
+Subject: dmioem: Fix segmentation fault in dmi_hp_240_attr()
+Patch-mainline: yes
+Git-commit: c3357b532941a8df387618e692e522cc7a43b3e8
+
+pr_attr() does not accept a NULL format string. glibc can deal with
+it, but FreeBSD's libc chokes on it.
+
+Display the attributes as a list instead. Pack the attribute name and
+status into a single formatted string that can be passed to
+pr_list_item(). That's arguably a hack, but it's cheap, non-intrusive,
+and works nicely in the end.
+
+Bug reported by Scott Benesh (Microchip).
+
+Signed-off-by: Jean Delvare <jdelvare@suse.de>
+Fixes: a4b31b2bc537 ("dmioem: Present HPE type 240 attributes in a nicer way")
+Cc: Jerry Hoemann <jerry.hoemann@hpe.com>
+---
+ dmioem.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- dmidecode-3.4.orig/dmioem.c	2022-06-27 17:06:32.000000000 +0200
++++ dmidecode-3.4/dmioem.c	2022-09-09 11:57:12.283832820 +0200
+@@ -198,13 +198,14 @@ static void dmi_hp_240_attr(u64 defined,
+ 	};
+ 	unsigned int i;
+ 
+-	pr_attr("Attributes Defined/Set", NULL);
++	pr_list_start("Attributes Defined/Set", NULL);
+ 	for (i = 0; i < ARRAY_SIZE(attributes); i++)
+ 	{
+ 		if (!(defined.l & (1UL << i)))
+ 			continue;
+-		pr_subattr(attributes[i], "%s", set.l & (1UL << i) ? "Yes" : "No");
++		pr_list_item("%s: %s", attributes[i], set.l & (1UL << i) ? "Yes" : "No");
+ 	}
++	pr_list_end();
+ }
+ 
+ static void dmi_hp_203_assoc_hndl(const char *fname, u16 num)
diff --git a/news-fix-typo.patch b/news-fix-typo.patch
new file mode 100644
index 0000000..893405c
--- /dev/null
+++ b/news-fix-typo.patch
@@ -0,0 +1,20 @@
+From: Jean Delvare <jdelvare@suse.de>
+Date: Mon, 27 Jun 2022 20:19:11 +0200
+Subject: [PATCH] NEWS: Fix typo
+Patch-mainline: yes
+Git-commit: fb8766a9d26053b3ad5f6228ffaf09690b7cac90
+---
+ NEWS |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- dmidecode-3.4.orig/NEWS	2022-06-27 17:06:32.000000000 +0200
++++ dmidecode-3.4/NEWS	2022-09-09 11:57:06.661756361 +0200
+@@ -7,7 +7,7 @@ Version 3.4 (Mon Jun 27 2022)
+     characteristics, new slot characteristics, new on-board device types, new
+     pointing device interface types, and a new record type (type 45 -
+     Firmware Inventory Information).
+-  - Decode HPE OEM records 194, 199, 203, 236, 237, 238 ans 240.
++  - Decode HPE OEM records 194, 199, 203, 236, 237, 238 and 240.
+   - Bug fixes:
+     Fix OEM vendor name matching
+     Fix ASCII filtering of strings