!8 fix stack overflow in print_usage

From: @geruijun Reviewed-by: @wubo009 Signed-off-by: @wubo009
2021-09-10 08:17:42 +00:00 · 2021-09-10 08:17:42 +00:00 · 693047383b
commit 693047383b
parent 261ebb8cca 5752692b7c
2 changed files with 37 additions and 4 deletions
--- a/0000-fix-gdbm_dump-usage-stack-overflow.patch
+++ b/0000-fix-gdbm_dump-usage-stack-overflow.patch
@ -0,0 +1,28 @@
+From 48e22dd008138bb97d2a673af9da5b1b3457c86f Thu Sep 9 08:15:07 2021
+From: Sergey Poznyakoff <gray@gnu.org>
+Date: Thu, 9 Sep 2021 15:04:27 +0800
+Subject: [PATCH] Fix stack overflow in print_usage
+
+src/parseopt.c (print_usage): Fix length calculation for long
+options.
+
+Conflict:NA
+Reference:https://git.gnu.org.ua/gdbm.git/commit/?id=48e22dd008138bb97d2a673af9da5b1b3457c86f
+
+---
+ src/parseopt.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/parseopt.c b/src/parseopt.c
+index bc47597..efa12c8 100644
+--- a/src/parseopt.c
+++ b/src/parseopt.c
+@@ -495,7 +495,7 @@ print_usage (void)
+ 	{
+ 	  struct gdbm_option *opt = option_tab + idxbuf[i];
+ 	  const char *arg = opt->opt_arg ? gettext (opt->opt_arg) : NULL;
+-	  size_t len = 3 + strlen (opt->opt_long)
+	  size_t len = 5 + strlen (opt->opt_long)
+ 	                 + (arg ? 1 + strlen (arg) : 0);
+ 	  if (n + len > RMARGIN) FLUSH;
+ 	  buf[n++] = ' ';
--- a/gdbm.spec
+++ b/gdbm.spec
@ -1,17 +1,19 @@
 Name:       gdbm
 Version:    1.20
-Release:    2
+Release:    3
 Epoch:      1
 Summary:    A library of database functions that work similar to the standard UNIX dbm
 License:    GPLv3+
 URL:        http://www.gnu.org/software/gdbm/
 Source0:    http://ftp.gnu.org/gnu/gdbm/gdbm-%{version}.tar.gz

+Patch0:     0000-fix-gdbm_dump-usage-stack-overflow.patch
+
 BuildRequires:  gcc libtool gettext readline-devel 

 Provides:   %{name}-libs
 Provides:   %{name}-libs%{?_isa}
-Obsoletes:  %{name}-libs
+Obsoletes:  %{name}-libs <= %{version}

 %description
 GNU dbm (or GDBM, for short) is a library of database functions that
@ -24,7 +26,7 @@ Summary:            Header files and libraries for development
 Requires:           %{name} = %{epoch}:%{version}-%{release}
 Requires(post):     info
 Requires(preun):    info
-Obsoletes:          %{name}-libs
+Obsoletes:          %{name}-libs <= %{version}

 %description        devel
 Gdbm-devel contains the header files and libraries for development.
@ -96,10 +98,13 @@ fi
 %{_infodir}/*.info*

 %changelog
+* Fri Sep 10 2021 geruijun <geruijun@huawei.com> - 1.20-3
+- DESC: fix stack overflow in print_usage
+
 * Fri Jul 30 2021 chenyanpanHW <chenyanpan@huawei.com> - 1.20-2
 - DESC: delete -S git from %autosetup, and delete BuildRequires git

-* Fri Jul 20 2021 yanglongkang <yanglongkang@huawei.com> - 1.20-1
+* Tue Jul 20 2021 yanglongkang <yanglongkang@huawei.com> - 1.20-1
 - upgrade package to 1.20

 * Sat Jul 18 2020 Wangjun <wangjun196@huawei.com> - 1.18.1-1