From 509c931d2e3f20a0577094d16f662fbe1c835b609c137ae0d40931cc925df5ff Mon Sep 17 00:00:00 2001 From: Neal Gompa Date: Thu, 24 Jan 2019 04:18:21 +0000 Subject: [PATCH] - Backport patch from upstream to fix bugs discovered by Coverity + Add patch: 0001-Fix-some-small-bugs-found-by-Coverity.patch OBS-URL: https://build.opensuse.org/package/show/Archiving/zchunk?expand=0&rev=16 --- ...ix-some-small-bugs-found-by-Coverity.patch | 63 +++++++++++++++++++ zchunk.changes | 6 ++ zchunk.spec | 2 + 3 files changed, 71 insertions(+) create mode 100644 0001-Fix-some-small-bugs-found-by-Coverity.patch diff --git a/0001-Fix-some-small-bugs-found-by-Coverity.patch b/0001-Fix-some-small-bugs-found-by-Coverity.patch new file mode 100644 index 0000000..e2bc6c8 --- /dev/null +++ b/0001-Fix-some-small-bugs-found-by-Coverity.patch @@ -0,0 +1,63 @@ +From 13b0e4d2068a3e4777ad431936910dd732e82dad Mon Sep 17 00:00:00 2001 +From: Jonathan Dieter +Date: Sat, 29 Dec 2018 12:25:44 +0000 +Subject: [PATCH] Fix some small bugs found by Coverity + +Signed-off-by: Jonathan Dieter +--- + src/lib/comp/comp.c | 14 +++++++++++++- + 1 file changed, 13 insertions(+), 1 deletion(-) + +diff --git a/src/lib/comp/comp.c b/src/lib/comp/comp.c +index da0cfe1..89b3301 100644 +--- a/src/lib/comp/comp.c ++++ b/src/lib/comp/comp.c +@@ -479,8 +479,10 @@ ssize_t comp_read(zckCtx *zck, char *dst, size_t dst_size, bool use_dict) { + } + } + if(zck->comp.data_loc == zck->comp.data_idx->comp_length) { +- if(!comp_end_dchunk(zck, use_dict, zck->comp.data_idx->length)) ++ if(!comp_end_dchunk(zck, use_dict, zck->comp.data_idx->length)) { ++ free(src); + return -1; ++ } + if(zck->comp.data_idx == NULL) + zck->comp.data_eof = true; + continue; +@@ -659,10 +661,15 @@ ssize_t PUBLIC zck_get_chunk_comp_data(zckChunk *idx, char *dst, + /* Make sure chunk size is valid */ + if(zck_get_chunk_size(idx) < 0) + return -1; ++ + /* If the chunk is empty, we're done */ + if(zck_get_chunk_size(idx) == 0) + return 0; + ++ /* Make sure requested chunk has a beginning */ ++ if(zck_get_chunk_start(idx) < 0) ++ return -1; ++ + /* Seek to beginning of requested chunk */ + if(!seek_data(zck, zck_get_chunk_start(idx), SEEK_SET)) + return -1; +@@ -687,12 +694,17 @@ ssize_t PUBLIC zck_get_chunk_data(zckChunk *idx, char *dst, + /* If the chunk is empty, we're done */ + if(zck_get_chunk_size(idx) == 0) + return 0; ++ /* Make sure requested chunk has a beginning */ ++ if(zck_get_chunk_start(idx) < 0) ++ return -1; + + /* Read dictionary if needed */ + zckChunk *dict = zck_get_first_chunk(zck); + if(dict == NULL) + return -1; + if(zck_get_chunk_size(dict) > 0 && zck->comp.dict == NULL) { ++ if(zck_get_chunk_start(dict) < 0) ++ return -1; + if(!seek_data(zck, zck_get_chunk_start(dict), SEEK_SET)) + return -1; + if(!comp_reset(zck)) +-- +2.20.1 + diff --git a/zchunk.changes b/zchunk.changes index 670fab6..891262a 100644 --- a/zchunk.changes +++ b/zchunk.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Thu Jan 24 04:17:23 UTC 2019 - Neal Gompa + +- Backport patch from upstream to fix bugs discovered by Coverity + + Add patch: 0001-Fix-some-small-bugs-found-by-Coverity.patch + ------------------------------------------------------------------- Wed Jan 23 10:38:19 UTC 2019 - Neal Gompa diff --git a/zchunk.spec b/zchunk.spec index 17ca1df..45da541 100644 --- a/zchunk.spec +++ b/zchunk.spec @@ -29,6 +29,8 @@ License: BSD-2-Clause AND MIT Group: Productivity/Archiving/Compression URL: https://github.com/zchunk/zchunk Source0: %{url}/archive/%{version}/%{name}-%{version}.tar.gz +# Patches backported from upstream +Patch0001: 0001-Fix-some-small-bugs-found-by-Coverity.patch BuildRequires: meson >= 0.44.0 BuildRequires: pkgconfig BuildRequires: pkgconfig(libcurl)