pool/gnutls
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 233678 from Base:System

Browse Source 
- Improvement after code audit (audit-improve.patch)
  * Use unsigned type for encode()
  * tolerate NULL in strdup()
  Modify files: lib/gnutls_mem.c, lib/auth/srp_sb64.c

OBS-URL: https://build.opensuse.org/request/show/233678
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gnutls?expand=0&rev=73
This commit is contained in:
Stephan Kulow 2014-05-14 08:50:25 +00:00 committed by Git OBS Bridge
parent 6327ee3b7e
commit 46f6ba47ef
3 changed files with 43 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
audit-improve.patch Normal file
View File

@ -0,0 +1,33 @@
Index: gnutls-3.2.13/lib/gnutls_mem.c
===================================================================
--- gnutls-3.2.13.orig/lib/gnutls_mem.c
+++ gnutls-3.2.13/lib/gnutls_mem.c
@@ -73,9 +73,14 @@ void *gnutls_realloc_fast(void *ptr, siz
char *_gnutls_strdup(const char *str)
{
- size_t siz = strlen(str) + 1;
+ size_t siz;
char *ret;
+ if(unlikely(!str))
+ return NULL;
+
+ siz = strlen(str) + 1;
+
ret = gnutls_malloc(siz);
if (ret != NULL)
memcpy(ret, str, siz);
Index: gnutls-3.2.13/lib/auth/srp_sb64.c
===================================================================
--- gnutls-3.2.13.orig/lib/auth/srp_sb64.c
+++ gnutls-3.2.13/lib/auth/srp_sb64.c
@@ -143,7 +143,7 @@ _gnutls_sbase64_encode(uint8_t * data, s
unsigned i, j;
int ret, tmp;
uint8_t tmpres[4];
- int mod = data_size % 3;
+ unsigned int mod = data_size % 3;
ret = mod;
if (ret != 0)

8
gnutls.changes
View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Fri Apr 25 14:08:46 UTC 2014 - citypw@gmail.com
- Improvement after code audit (audit-improve.patch)
* Use unsigned type for encode()
* tolerate NULL in strdup()
Modify files: lib/gnutls_mem.c, lib/auth/srp_sb64.c
-------------------------------------------------------------------
Wed Apr 9 17:23:15 UTC 2014 - shchang@suse.com

2
gnutls.spec
View File

@ -37,6 +37,7 @@ Source3: baselibs.conf
Patch3: gnutls-3.0.26-skip-test-fwrite.patch
Patch6: gnutls-implement-trust-store-dir-3.2.8.diff
Patch7: audit-improve.patch
BuildRequires: automake
BuildRequires: gcc-c++
@ -137,6 +138,7 @@ Files needed for software development using gnutls.
%setup -q
%patch3
%patch6 -p1
%patch7 -p1
%build
autoreconf -if