!4 update to version 0.1.15

Merge pull request !4 from sherlock2010/master
2020-07-29 14:38:13 +08:00 · 2020-07-29 14:38:13 +08:00 · 41754db6f0
commit 41754db6f0
parent 5fb4bad6f4 43e0fd6d83
5 changed files with 13 additions and 199 deletions
--- a/CVE-2019-3817-Fix-UAF-in-comps_objmrtree_unite-function.patch
+++ b/CVE-2019-3817-Fix-UAF-in-comps_objmrtree_unite-function.patch
@ -1,91 +0,0 @@
-From e3a5d056633677959ad924a51758876d415e7046 Mon Sep 17 00:00:00 2001
-From: Riccardo Schirone <rschiron@redhat.com>
-Date: Mon, 21 Jan 2019 18:11:42 +0100
-Subject: [PATCH] Fix UAF in comps_objmrtree_unite function
-
-The added field is not used at all in many places and it is probably the
-left-over of some copy-paste.
-
-Signed-off-by: root <root@localhost.localdomain>
---
- libcomps/src/comps_mradix.c    | 2 --
- libcomps/src/comps_objmradix.c | 2 --
- libcomps/src/comps_objradix.c  | 2 --
- libcomps/src/comps_radix.c     | 1 -
- 4 files changed, 7 deletions(-)
-
-diff --git a/libcomps/src/comps_mradix.c b/libcomps/src/comps_mradix.c
-index 8ef9640..dfdee8e 100644
--- a/libcomps/src/comps_mradix.c
-+++ b/libcomps/src/comps_mradix.c
-@@ -177,7 +177,6 @@ void comps_mrtree_unite(COMPS_MRTree *rt1, COMPS_MRTree *rt2) {
-     struct Pair {
-         COMPS_HSList * subnodes;
-         char * key;
-        char added;
-     } *pair, *parent_pair;
- 
-     pair = malloc(sizeof(struct Pair));
-@@ -195,7 +194,6 @@ void comps_mrtree_unite(COMPS_MRTree *rt1, COMPS_MRTree *rt2) {
-         parent_pair = (struct Pair*) it->data;
-         free(it);
- 
-        pair->added = 0;
-         for (it = tmp_subnodes->first; it != NULL; it=it->next) {
-             pair = malloc(sizeof(struct Pair));
-             pair->subnodes = ((COMPS_MRTreeData*)it->data)->subnodes;
-diff --git a/libcomps/src/comps_objmradix.c b/libcomps/src/comps_objmradix.c
-index 9a2038b..22ad262 100644
--- a/libcomps/src/comps_objmradix.c
-+++ b/libcomps/src/comps_objmradix.c
-@@ -285,7 +285,6 @@ void comps_objmrtree_unite(COMPS_ObjMRTree *rt1, COMPS_ObjMRTree *rt2) {
-     struct Pair {
-         COMPS_HSList * subnodes;
-         char * key;
-        char added;
-     } *pair, *parent_pair;
- 
-     pair = malloc(sizeof(struct Pair));
-@@ -303,7 +302,6 @@ void comps_objmrtree_unite(COMPS_ObjMRTree *rt1, COMPS_ObjMRTree *rt2) {
-         parent_pair = (struct Pair*) it->data;
-         free(it);
- 
-        pair->added = 0;
-         for (it = tmp_subnodes->first; it != NULL; it=it->next) {
-             pair = malloc(sizeof(struct Pair));
-             pair->subnodes = ((COMPS_ObjMRTreeData*)it->data)->subnodes;
-diff --git a/libcomps/src/comps_objradix.c b/libcomps/src/comps_objradix.c
-index c657b75..840592a 100644
--- a/libcomps/src/comps_objradix.c
-+++ b/libcomps/src/comps_objradix.c
-@@ -692,7 +692,6 @@ void comps_objrtree_unite(COMPS_ObjRTree *rt1, COMPS_ObjRTree *rt2) {
-     struct Pair {
-         COMPS_HSList * subnodes;
-         char * key;
-        char added;
-     } *pair, *parent_pair;
- 
-     pair = malloc(sizeof(struct Pair));
-@@ -711,7 +711,6 @@ void comps_objrtree_unite(COMPS_ObjRTree *rt1, COMPS_ObjRTree *rt2) {
-         //printf("key-part:%s\n", parent_pair->key);
-         free(it);
- 
-        //pair->added = 0;
-         for (it = tmp_subnodes->first; it != NULL; it=it->next) {
-             pair = malloc(sizeof(struct Pair));
-             pair->subnodes = ((COMPS_ObjRTreeData*)it->data)->subnodes;
-diff --git a/libcomps/src/comps_radix.c b/libcomps/src/comps_radix.c
-index ada4fda..05dcaf2 100644
--- a/libcomps/src/comps_radix.c
-+++ b/libcomps/src/comps_radix.c
-@@ -529,7 +529,6 @@ void comps_rtree_unite(COMPS_RTree *rt1, COMPS_RTree *rt2) {
-     struct Pair {
-         COMPS_HSList * subnodes;
-         char * key;
-        char added;
-     } *pair, *parent_pair;
- 
-     pair = malloc(sizeof(struct Pair));
-- 
-2.19.1
-
--- a/Fix-Python-method-descriptors-for-Python-3.8.patch
+++ b/Fix-Python-method-descriptors-for-Python-3.8.patch
@ -1,53 +0,0 @@
-From dce9d5d3c1dce16efc223e5a55cec7122fb25276 Mon Sep 17 00:00:00 2001
-From: Victor Stinner <vstinner@redhat.com>
-Date: Wed, 31 Jul 2019 15:03:36 +0200
-Subject: [PATCH] Fix Python method descriptors for Python 3.8
-
-The Python binding cannot be loaded in Python 3.8: import libcomps
-fails with:
-
-    Traceback (most recent call last):
-      File "src/python/src/python3/libcomps/__init__.py", line 1, in <module>
-        from ._libpycomps import *
-    SystemError: bad call flags
-
-Fedora bug report: https://bugzilla.redhat.com/show_bug.cgi?id=1734777
-
-The problem are the following method descriptors of
-libcomps/src/python/src/pycomps.c:
-
-    {"categories_match", (PyCFunction)PyCOMPS_categories_match, METH_KEYWORDS,
-     PyCOMPS_validate__doc__},
-    {"environments_match", (PyCFunction)PyCOMPS_envs_match, METH_KEYWORDS,
-     PyCOMPS_validate__doc__},
-
-In Python 3.7, import didn't check descriptor flags (METH_KEYWORDS):
-these flags were only checked when the methods were called.
-
-In Python 3.8, the flags are checked at soon as the module is
-imported, which prevents the module to be imported.
-
-This change fix the two method descriptors.
---
- libcomps/src/python/src/pycomps.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/libcomps/src/python/src/pycomps.c b/libcomps/src/python/src/pycomps.c
-index b34685c..293a338 100644
--- a/libcomps/src/python/src/pycomps.c
-+++ b/libcomps/src/python/src/pycomps.c
-@@ -766,9 +766,9 @@ PyDoc_STRVAR(PyCOMPS_arch_filter__doc__,
- static PyMethodDef PyCOMPS_methods[] = {
-     {"groups_match", (PyCFunction)PyCOMPS_groups_match, METH_VARARGS | METH_KEYWORDS,
-     PyCOMPS_validate__doc__},
-    {"categories_match", (PyCFunction)PyCOMPS_categories_match, METH_KEYWORDS,
-+    {"categories_match", (PyCFunction)PyCOMPS_categories_match, METH_VARARGS | METH_KEYWORDS,
-     PyCOMPS_validate__doc__},
-    {"environments_match", (PyCFunction)PyCOMPS_envs_match, METH_KEYWORDS,
-+    {"environments_match", (PyCFunction)PyCOMPS_envs_match, METH_VARARGS | METH_KEYWORDS,
-     PyCOMPS_validate__doc__},
-     {"validate", (PyCFunction)PyCOMPS_validate, METH_NOARGS,
-     PyCOMPS_validate__doc__},
-- 
-1.8.3.1
-
--- a/libcomps-0.1.15.tar.gz
+++ b/libcomps-0.1.15.tar.gz
--- a/libcomps-0.1.8.tar.gz
+++ b/libcomps-0.1.8.tar.gz
--- a/libcomps.spec
+++ b/libcomps.spec
@ -1,18 +1,12 @@
-%define with_python2 1
-%define with_python3 1
-
 Name:           libcomps
-Version:        0.1.8
-Release:        21
+Version:        0.1.15
+Release:        1
 Summary:        Comps XML file manipulation library
 License:        GPLv2+
 URL:            https://github.com/rpm-software-management/libcomps
 Source0:        %{url}/archive/%{name}-%{version}/%{name}-%{version}.tar.gz

-Patch0000:      CVE-2019-3817-Fix-UAF-in-comps_objmrtree_unite-function.patch
-Patch0001:      Fix-Python-method-descriptors-for-Python-3.8.patch
-
-BuildRequires:  gcc cmake zlib-devel libxml2-devel check-devel expat-devel
+BuildRequires:  gcc gcc-c++ cmake zlib-devel libxml2-devel check-devel expat-devel

 %description
 Libcomps is library for structure-like manipulation with content of
@ -30,21 +24,12 @@ Requires:       %{name} = %{version}-%{release}
 BuildArch:      noarch
 BuildRequires:  python3-sphinx
 BuildRequires:  doxygen
+Provides:       %{name}-doc = %{version}-%{release} python-%{name}-doc = %{version}-%{release}
+Obsoletes:      %{name}-doc < %{version}-%{release} python-%{name}-doc < %{version}-%{release}

 %description    help
 Documentation files for libcomps library and python bindings libcomps library.

-%if %{with_python2}
-%package -n     python2-%{name}
-Summary:        Python 2 bindings for libcomps library
-%{?python_provide:%python_provide python2-%{name}}
-BuildRequires:  python2-devel
-Requires:       %{name} = %{version}-%{release}
-%description -n python2-%{name}
-Python 2 bindings for libcomps library.
-%endif
-
-%if %{with_python3}
 %package -n     python3-%{name}
 Summary:        Python 3 bindings for libcomps library
 BuildRequires:  python3-devel
@ -53,27 +38,16 @@ Requires:       %{name} = %{version}-%{release}
 Obsoletes:      platform-python-%{name} < %{version}-%{release}
 %description -n python3-%{name}
 Python3 bindings for libcomps library.
-%endif

 %prep
 %autosetup -n %{name}-%{name}-%{version} -p1

 %build
-%if %{with_python2}
-mkdir build-py2
-pushd build-py2
-%cmake ../libcomps/ -DPYTHON_DESIRED:STRING=2
-%make_build
-popd
-%endif
-
-%if %{with_python2}
 mkdir build-py3
 pushd build-py3
 %cmake ../libcomps/ -DPYTHON_DESIRED:STRING=3
 %make_build
 popd
-%endif

 mkdir build-doc
 pushd build-doc
@ -83,32 +57,15 @@ make %{?_smp_mflags} pydocs
 popd

 %install
-%if %{with_python2}
-pushd build-py2
-%make_install
-popd
-%endif
-
-%if %{with_python3}
 pushd build-py3
 %make_install
 popd
-%endif

 %check
-%if %{with_python2}
-pushd build-py2
-make test
-make pytest
-popd
-%endif
-
-%if %{with_python3}
 pushd build-py3
 make test
 make pytest
 popd
-%endif

 %post -p /sbin/ldconfig
 %postun -p /sbin/ldconfig
@ -120,23 +77,24 @@ popd

 %files devel
 %{_libdir}/%{name}.so
+%{_libdir}/pkgconfig/%{name}.pc
 %{_includedir}/%{name}/

 %files help
 %doc build-doc/docs/libcomps-doc/html
 %doc build-doc/src/python/docs/html

-%if %{with_python2}
-%files -n python2-%{name}
-%{python2_sitearch}/%{name}/
-%endif
-
-%if %{with_python3}
 %files -n python3-%{name}
 %{python3_sitearch}/%{name}/
-%endif
+%{python3_sitearch}/%{name}-%{version}-py%{python3_version}.egg-info

 %changelog
+* Tue Apr 28 2020 zhouyihang <zhouyihang3@huawei.com> - 0.1.15-1
+- Type:requirement
+- ID:NA
+- SUG:NA
+- DESC:update libcomps version to 0.1.15
+
 * Mon Jun 22 2020 chenditang<chenditang1@huawei.com> - 0.1.8-21
 - Type:enhancement
 - ID:NA