rpms
/
diffutils
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c10-beta'
${ noResults }
diffutils/SOURCES/diffutils-3.10-coverity.patch

185 lines
8.2 KiB
Raw Permalink Normal View History Unescape

import diffutils-3.10-7.el10
3 months ago
diff -up diffutils-3.10/lib/nstrftime.c.orig diffutils-3.10/lib/nstrftime.c
--- diffutils-3.10/lib/nstrftime.c.orig 2023-05-20 11:05:07.000000000 +0200
+++ diffutils-3.10/lib/nstrftime.c 2024-07-30 16:36:42.914438967 +0200
@@ -882,6 +882,7 @@ __strftime_internal (STREAM_OR_CHAR_T *s
*u = '\0';
len = strftime (ubuf, sizeof ubuf, ufmt, tp);
if (len != 0)
+ /* coverity[verrun-buffer-arg: FALSE] */
cpy (len - 1, ubuf + 1);
}
break;
@@ -1044,10 +1045,13 @@ __strftime_internal (STREAM_OR_CHAR_T *s
i += padding;
width -= padding;
}
+ /* coverity[bad_memset : FALSE] */
+ /* coverity[overrun-buffer-arg : FALSE] */
width_add1 (0, sign_char);
width--;
}
+ /* coverity[bad_memset : FALSE] */
cpy (numlen, bufp);
}
break;
@@ -1126,7 +1130,9 @@ __strftime_internal (STREAM_OR_CHAR_T *s
buf[j - 1] = n % 10 + L_('0'), n /= 10;
if (!pad)
pad = L_('0');
+ /* coverity[bad_memset : FALSE] */
width_cpy (0, ndigs, buf);
+ /* coverity[bad_memset : FALSE] */
width_add (width - ndigs, 0, (void) 0);
}
break;
@@ -1495,6 +1501,7 @@ __strftime_internal (STREAM_OR_CHAR_T *s
since this is most likely the right thing to do if a
multibyte string has been misparsed. */
bad_format:
+ /* coverity[bad_memset : FALSE] */
cpy (f - percent + 1, percent);
break;
}
diff -up diffutils-3.10/lib/regcomp.c.orig diffutils-3.10/lib/regcomp.c
--- diffutils-3.10/lib/regcomp.c.orig 2024-07-30 16:42:46.745614022 +0200
+++ diffutils-3.10/lib/regcomp.c 2024-07-30 16:45:16.815548192 +0200
@@ -1175,6 +1175,8 @@ analyze (regex_t *preg)
dfa->inveclosures = re_malloc (re_node_set, dfa->nodes_len);
if (__glibc_unlikely (dfa->inveclosures == NULL))
return REG_ESPACE;
+ /* The 'postorder' function initializes that memory */
+ /* coverity[alloc_fn: FALSE] */
ret = calc_inveclosure (dfa);
}
diff -up diffutils-3.10/lib/sigsegv.c.orig diffutils-3.10/lib/sigsegv.c
--- diffutils-3.10/lib/sigsegv.c.orig 2023-05-20 11:05:07.000000000 +0200
+++ diffutils-3.10/lib/sigsegv.c 2024-07-30 16:36:42.914438967 +0200
@@ -1459,6 +1459,7 @@ stackoverflow_deinstall_handler (void)
{
stack_t ss;
ss.ss_flags = SS_DISABLE;
+ /* coverity[uninit_use_in_call : FALSE] */
if (sigaltstack (&ss, (stack_t *) 0) < 0)
perror ("gnulib sigsegv (stackoverflow_deinstall_handler)");
}
diff -up diffutils-3.10/lib/stackvma.c.orig diffutils-3.10/lib/stackvma.c
--- diffutils-3.10/lib/stackvma.c.orig 2023-01-30 01:17:41.000000000 +0100
+++ diffutils-3.10/lib/stackvma.c 2024-07-30 16:38:45.404872853 +0200
@@ -176,7 +176,7 @@ rof_open (struct rofile *rof, const char
/* Attempt to read the contents in a single system call. */
if (size > MIN_LEFTOVER)
{
- int n = read (fd, rof->buffer, size);
+ size_t n = read (fd, rof->buffer, size);
if (n < 0 && errno == EINTR)
goto retry;
# if defined __DragonFly__
@@ -186,7 +186,7 @@ rof_open (struct rofile *rof, const char
if (n <= 0)
/* Empty file. */
goto fail1;
- if (n + MIN_LEFTOVER <= size)
+ if (MIN_LEFTOVER <= size -n)
{
/* The buffer was sufficiently large. */
rof->filled = n;
@@ -195,21 +195,23 @@ rof_open (struct rofile *rof, const char
large enough. We need the equivalent of full_read(). */
for (;;)
{
+ /* rof->filled cannot exceed size (due to the buffer size check), the subtraction is unlikely to overflow. */
+ /* coverity[overflow_sink : FALSE] */
n = read (fd, rof->buffer + rof->filled, size - rof->filled);
if (n < 0 && errno == EINTR)
goto retry;
if (n < 0)
/* Some error. */
goto fail1;
- if (n + MIN_LEFTOVER > size - rof->filled)
- /* Allocate a larger buffer. */
- break;
if (n == 0)
{
/* Reached the end of file. */
close (fd);
return 0;
}
+ if (size - rof->filled - n < MIN_LEFTOVER)
+ /* Allocate a larger buffer. */
+ break;
rof->filled += n;
}
# else
diff -up diffutils-3.10/lib/time_rz.c.orig diffutils-3.10/lib/time_rz.c
--- diffutils-3.10/lib/time_rz.c.orig 2023-01-02 02:20:08.000000000 +0100
+++ diffutils-3.10/lib/time_rz.c 2024-07-30 16:36:42.914438967 +0200
@@ -303,10 +303,12 @@ mktime_z (timezone_t tz, struct tm *tm)
time_t t = mktime (&tm_1);
bool ok = 0 <= tm_1.tm_yday;
#if HAVE_STRUCT_TM_TM_ZONE || HAVE_TZNAME
+ /* coverity[uninit_use_in_call : FALSE] */
ok = ok && save_abbr (tz, &tm_1);
#endif
if (revert_tz (old_tz) && ok)
{
+ /* coverity[uninit_use : FALSE] */
*tm = tm_1;
return t;
}
diff -up diffutils-3.10/src/analyze.c.orig diffutils-3.10/src/analyze.c
--- diffutils-3.10/src/analyze.c.orig 2023-05-20 11:17:26.000000000 +0200
+++ diffutils-3.10/src/analyze.c 2024-07-30 16:36:42.915438987 +0200
@@ -689,6 +689,7 @@ diff_2_files (struct comparison *cmp)
for (f = 0; f < 2; f++)
{
free (cmp->file[f].equivs);
+ /* coverity[offset_free : FALSE] */
free (cmp->file[f].linbuf + cmp->file[f].linbuf_base);
}
diff -up diffutils-3.10/src/diff3.c.orig diffutils-3.10/src/diff3.c
--- diffutils-3.10/src/diff3.c.orig 2023-05-20 11:17:26.000000000 +0200
+++ diffutils-3.10/src/diff3.c 2024-07-30 16:36:42.915438987 +0200
@@ -798,6 +798,8 @@ using_to_diff3_block (struct diff_block
D_LINEARRAY (result, FILEC) + result_offset,
D_LENARRAY (result, FILEC) + result_offset,
D_NUMLINES (ptr, FC)))
+ /* There is a potential resource leak here, but it is not important */
+ /* coverity[leaked_storage : FALSE] */
return 0;
}
@@ -827,6 +829,8 @@ using_to_diff3_block (struct diff_block
D_LINEARRAY (result, FILE0 + d) + result_offset,
D_LENARRAY (result, FILE0 + d) + result_offset,
D_NUMLINES (ptr, FO)))
+ /* There is a potential resource leak here, but it is not important */
+ /* coverity[leaked_storage : FALSE] */
return 0;
/* Catch the lines between here and the next diff */
diff -up diffutils-3.10/src/diff.c.orig diffutils-3.10/src/diff.c
--- diffutils-3.10/src/diff.c.orig 2024-07-30 16:35:17.766783183 +0200
+++ diffutils-3.10/src/diff.c 2024-07-30 16:36:42.915438987 +0200
@@ -429,6 +429,7 @@ main (int argc, char **argv)
sizeof C_ifdef_group_formats - 7 /* 7*"@" */,
&alloc))
xalloc_die ();
+ /* coverity[alloc_strlen : FALSE] */
char *b = xmalloc (alloc);
char *base = b;
int changes = 0;
diff -up diffutils-3.10/src/ifdef.c.orig diffutils-3.10/src/ifdef.c
--- diffutils-3.10/src/ifdef.c.orig 2023-02-19 19:04:39.000000000 +0100
+++ diffutils-3.10/src/ifdef.c 2024-07-30 16:36:42.915438987 +0200
@@ -361,6 +361,7 @@ do_printf_spec (FILE *out, char const *s
format spec "%3lx". Here the spec prefix is "%3". */
size_t spec_prefix_len = f - spec - 2;
size_t pI_len = sizeof pI - 1;
+ /* coverity[bad_alloc_arithmetic : FALSE] */
char *format = xmalloca (spec_prefix_len + pI_len + 2);
char *p = mempcpy (format, spec, spec_prefix_len);
p = stpcpy (p, pI);