.gdbm.metadata

@@ -1 +1 @@
-2b6cc7453341904432b457fb8a2450e5f2aaf331 SOURCES/gdbm-1.19.tar.gz
+50ba1b1d45ce33fd44e4fdaaf3b55a9d8f3dc418 SOURCES/gdbm-1.23.tar.gz

.gitignore

@@ -1 +1 @@
-SOURCES/gdbm-1.19.tar.gz
+SOURCES/gdbm-1.23.tar.gz

SOURCES/SAST.patch

@@ -0,0 +1,63 @@
+diff -ur -x 'cscope.*' -x '*.swp' gdbm-1.23/src/recover.c gdbm_patched/src/recover.c
+--- gdbm-1.23/src/recover.c	2022-01-06 13:36:37.000000000 +0100
++++ gdbm_patched/src/recover.c	2024-07-22 13:27:36.000000000 +0200
+@@ -143,13 +143,19 @@
+   /* Fix up DBF to have the correct information for the new file. */
+   if (dbf->file_locking)
+     _gdbm_unlock_file (dbf);
+-  close (dbf->desc);
+-  free (dbf->header);
+-  free (dbf->dir);
+ 
+   _gdbm_cache_flush (dbf);
+   _gdbm_cache_free (dbf);
+ 
++// SAST patch
++// in the worst case _gdbm_cache_flush would return -1
++// but the return value is ignored, so there should not be any change in the
++// behavior or semantic of the function
++ 
++  close (dbf->desc);
++  free (dbf->header);
++  free (dbf->dir);
++
+   dbf->lock_type         = new_dbf->lock_type;
+   dbf->desc              = new_dbf->desc;
+   dbf->header            = new_dbf->header;
+diff -ur -x 'cscope.*' -x '*.swp' gdbm-1.23/tools/gdbmshell.c gdbm_patched/tools/gdbmshell.c
+--- gdbm-1.23/tools/gdbmshell.c	2022-01-09 21:29:55.000000000 +0100
++++ gdbm_patched/tools/gdbmshell.c	2024-07-22 13:51:23.000000000 +0200
+@@ -1197,6 +1197,10 @@
+ 	      else
+ 		/* TRANSLATORS: Stands for "Not Available". */
+ 		fprintf (fp, " %s", _("N/A"));
++
++	      // SAST patch
++	      // database file dbf has never been closed
++	      gdbm_close(dbf);
+ 	    }
+ 	  else if (gdbm_check_syserr (gdbm_errno))
+ 	    {
+@@ -1312,8 +1316,22 @@
+   else
+     {
+       terror (_("unexpected error code: %d"), rc);
++      // SAST patch
++      // sa and sb variable are not properly deallocated
++      // since tildexpand function and it's underlying functions calls
++      // ealloc leading to exit after unsuccessful malloc, then it not
++      // necessary to control sa and sb for NULL
++      free (sa);
++      free (sb);
+       return GDBMSHELL_ERR;
+     }
++  // SAST patch
++  // sa and sb variable are not properly deallocated
++  // since tildexpand function and it's underlying functions calls
++  // ealloc leading to exit after unsuccessful malloc, then it not
++  // necessary to control sa and sb for NULL
++  free (sa);
++  free (sb);
+   return GDBMSHELL_OK;
+ }
+ 

SPECS/gdbm.spec

@@ -2,14 +2,16 @@
 
 Summary: A GNU set of database routines which use extensible hashing
 Name: gdbm
-Version: 1.19
-Release: 4%{?dist}
+Version: 1.23
+Release: 9%{?dist}
 Epoch: 1
-License: GPLv3+
+License: GPL-3.0-or-later
 URL: http://www.gnu.org/software/gdbm/
 
 Source: http://ftp.gnu.org/gnu/gdbm/gdbm-%{version}.tar.gz
 
+Patch0: SAST.patch
+
 BuildRequires: gcc
 BuildRequires: libtool
 BuildRequires: gettext
@@ -57,6 +59,8 @@ gdbm database library.  You'll also need to install the gdbm package.
 %prep
 %setup -q
 
+%patch -P0 -p1
+
 %build
 %configure \
     --disable-static \
@@ -112,12 +116,45 @@ make check
 %{_mandir}/man3/*
 
 %changelog
-* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1:1.19-4
-- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
-  Related: rhbz#1991688
+* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1:1.23-9
+- Bump release for October 2024 mass rebuild:
+  Resolves: RHEL-64018
+
+* Thu Jul 25 2024 Filip Janus <fjanus@redhat.com> - 1:1.23-8
+- Address issues from static analysis
+
+* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1:1.23-7
+- Bump release for June 2024 mass rebuild
+
+* Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.23-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.23-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.23-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.23-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
+* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.23-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
+
+* Mon May 16 2022 Ondrej Sloup <osloup@redhat.com> - 1:1.23-1
+- Rebase to the latest upstream version
+
+* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.22-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
+
+* Wed Oct 20 2021 Marek Kulik <mkulik@redhat.com> 1.22-1
+- Update to 1.22
+
+* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.20-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
 
-* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 1:1.19-3
-- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+* Thu Jun 17 2021 Filip Januš <fjanus@redhat.com> 1.20-1
+- Update to 1.20
 
 * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.19-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild