Accepting request 983881 from home:marxin:branches:hardware

- Add fix-buffer-overflow-in-backup.patch in order to address https://github.com/gammu/gammu/issues/701. - Use autosetup. OBS-URL: https://build.opensuse.org/request/show/983881 OBS-URL: https://build.opensuse.org/package/show/hardware/gammu?expand=0&rev=58
2022-06-20 08:31:09 +00:00 · 2022-06-20 08:31:09 +00:00 · 5ac0e78b1c
commit 5ac0e78b1c
parent 2edee83e82
3 changed files with 47 additions and 8 deletions
--- a/0001-Fix-buffer-overflow-in-Backup.Creator.patch
+++ b/0001-Fix-buffer-overflow-in-Backup.Creator.patch
@ -0,0 +1,36 @@
+From ec7e2902c19a886578062979e2749372bfea0380 Mon Sep 17 00:00:00 2001
+From: Martin Liska <mliska@suse.cz>
+Date: Mon, 20 Jun 2022 10:24:13 +0200
+Subject: [PATCH] Fix buffer overflow in Backup.Creator
+
+I noticed that while testing the upcoming GCC 12 with -D_FORTIFY_SOURCE=3:
+here I have
+
+$1 = 0x7ffff7f0f940 <Buffer.1.lto_priv.1> "Linux, kernel 5.16.14-1-default (#1 SMP PREEMPT Fri Mar 11 12:33:34 UTC 2022 (80acc65))"
+(gdb) p (int)strlen(GetOS())
+$3 = 87
+so GetOS() returns 87 chars while:
+
+include/gammu-backup.h: char Creator[80];
+
+Fixes: #701
+---
+ include/gammu-backup.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/include/gammu-backup.h b/include/gammu-backup.h
+index e7fbc6e74..d5574ea7a 100644
+--- a/include/gammu-backup.h
+++ b/include/gammu-backup.h
+@@ -218,7 +218,7 @@ typedef struct {
+ 	/**
+ 	 * Name of program which created backup
+ 	 */
+-	char Creator[80];
+	char Creator[512];
+ 	/**
+ 	 * Timestamp of backup
+ 	 */
+-- 
+2.36.1
+
--- a/gammu.changes
+++ b/gammu.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Mon May 23 19:38:16 UTC 2022 - Martin Liška <mliska@suse.cz>
+
+- Add fix-buffer-overflow-in-backup.patch in order to address
+  https://github.com/gammu/gammu/issues/701.
+- Use autosetup.
+
 -------------------------------------------------------------------
 Fri Oct 15 07:32:06 UTC 2021 - Johannes Segitz <jsegitz@suse.com>

--- a/gammu.spec
+++ b/gammu.spec
@ -1,7 +1,7 @@
 #
 # spec file for package gammu
 #
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -32,6 +32,7 @@ Patch2:         0001-Enable-fPIE-pie.patch
 Patch3:         0001-Update-Python-scripts-to-Python-3.patch
 Patch4:         0001-Docs-Adjust-attributes-order-to-avoid-bugs-in-breath.patch
 Patch5:         harden_gammu-smsd.service.patch
+Patch6:         0001-Fix-buffer-overflow-in-Backup.Creator.patch
 BuildRequires:  cmake >= 2.8
 BuildRequires:  doxygen
 BuildRequires:  gettext
@ -185,12 +186,7 @@ Currently supported phones include:
 This package contains the Gammu SMS daemon shared library.

 %prep
-%setup -q
-%patch1 -p1
-%patch2 -p1
-%patch3 -p1
-%patch4 -p1
-%patch5 -p1
+%autosetup -p1

 # GPL-3.0 licensed files, bnc#775397
 rm -rf contrib/sms-gammu2android