commit 619f48b9fa91945354e56aac140aa9a780127dd9 Author: overweight <5324761+overweight@user.noreply.gitee.com> Date: Mon Sep 30 10:55:55 2019 -0400 Package init diff --git a/0004-some-more-potential-overflow-fixes.patch b/0004-some-more-potential-overflow-fixes.patch new file mode 100644 index 0000000..a158ad9 --- /dev/null +++ b/0004-some-more-potential-overflow-fixes.patch @@ -0,0 +1,64 @@ +From 2c05cc55185e2497e0e47d32ff2aa4577e9e36e9 Mon Sep 17 00:00:00 2001 +From: Rainer Gerhards +Date: Wed, 28 May 2014 16:59:13 +0200 +Subject: [PATCH 04/30] some more potential overflow fixes + +--- + src/string.c | 19 ++++++++++++++++++- + 1 file changed, 18 insertions(+), 1 deletion(-) + +diff --git a/src/string.c b/src/string.c +index 2fa9a14..36256fd 100644 +--- a/src/string.c ++++ b/src/string.c +@@ -166,7 +166,15 @@ es_newStrFromNumber(long long num) + int i,j; + char minus = '\0'; + es_str_t *s; ++ long long upperBorder = -9223372036854775807LL; ++ --upperBorder; /* handle number in C90 and newer modes */ + ++ /* handle border case */ ++ if(num == upperBorder) { ++ s = es_newStrFromCStr("-9223372036854775808", 20); ++ goto done; ++ } ++ + if (num < 0) { + minus = '-'; + num = -num; +@@ -199,6 +207,10 @@ es_newStrFromSubStr(es_str_t *str, es_size_t start, es_size_t len) + { + es_str_t *s; + ++ if(start+len < start) { ++ s = NULL; ++ goto done; ++ } + if((s = es_newStr(len)) == NULL) goto done; + + if(start > es_strlen(str)) +@@ -461,6 +473,10 @@ es_addBuf(es_str_t **ps1, char *buf, es_size_t lenBuf) + } + + newlen = s1->lenStr + lenBuf; ++ if(newlen != (size_t) s1->lenStr + (size_t) lenBuf) { ++ r = ENOMEM; ++ goto done; ++ } + if(s1->lenBuf < newlen) { + /* we need to extend */ + if((r = es_extendBuf(ps1, newlen - s1->lenBuf)) != 0) goto done; +@@ -483,7 +499,8 @@ es_str2cstr(es_str_t *s, char *nulEsc) + char *cstr; + es_size_t lenEsc; + int nbrNUL; +- es_size_t i, iDst; ++ es_size_t i; ++ size_t iDst; + unsigned char *c; + + /* detect number of NULs inside string */ +-- +1.8.3.1 + diff --git a/0005-fix-problems-with-trailing-incomplete-hex-sequence.patch b/0005-fix-problems-with-trailing-incomplete-hex-sequence.patch new file mode 100644 index 0000000..e169db6 --- /dev/null +++ b/0005-fix-problems-with-trailing-incomplete-hex-sequence.patch @@ -0,0 +1,46 @@ +From 4faba3de2ad22c84608a1e1d13d2578d7f0faee9 Mon Sep 17 00:00:00 2001 +From: Rainer Gerhards +Date: Wed, 28 May 2014 17:19:28 +0200 +Subject: [PATCH 05/30] fix problems with trailing incomplete hex sequence + +--- + src/string.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/src/string.c b/src/string.c +index 36256fd..f1fb6b1 100644 +--- a/src/string.c ++++ b/src/string.c +@@ -1,3 +1,4 @@ ++#include + /** + * @file string.c + * Implements string handling +@@ -696,10 +697,16 @@ doUnescape(unsigned char *c, es_size_t lenStr, es_size_t *iSrc, es_size_t iDst) + c[iDst] = '\\'; + break; + case 'x': ++ if((*iSrc)+1 == lenStr) { ++ /* just end run, leave as is */ ++ *iSrc += 1; ++ goto done; ++ } + if( (*iSrc)+2 == lenStr + || !isxdigit(c[(*iSrc)+1]) + || !isxdigit(c[(*iSrc)+2])) { + /* error, incomplete escape, use as is */ ++ printf("error: incomplete 2 x escape\n"); + c[iDst] = '\\'; + --(*iSrc); + } +@@ -720,6 +727,7 @@ doUnescape(unsigned char *c, es_size_t lenStr, es_size_t *iSrc, es_size_t iDst) + /* regular character */ + c[iDst] = c[*iSrc]; + } ++done: return; + } + + void +-- +1.8.3.1 + diff --git a/0006-fix-str2num-did-not-convert-hex-values-correctly.patch b/0006-fix-str2num-did-not-convert-hex-values-correctly.patch new file mode 100644 index 0000000..747e5a0 --- /dev/null +++ b/0006-fix-str2num-did-not-convert-hex-values-correctly.patch @@ -0,0 +1,25 @@ +From 6baa02aa3739779b1833d986a590f7ab094817cb Mon Sep 17 00:00:00 2001 +From: Rainer Gerhards +Date: Wed, 28 May 2014 17:23:06 +0200 +Subject: [PATCH 06/30] fix: str2num did not convert hex values correctly + +--- + src/string.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/string.c b/src/string.c +index f1fb6b1..256bc62 100644 +--- a/src/string.c ++++ b/src/string.c +@@ -589,7 +589,7 @@ es_str2num_hex(es_str_t *s, int *bSuccess) + + i = 0; + num = 0; +- c = es_getBufAddr(s); ++ c = es_getBufAddr(s) + 2; + while(i < s->lenStr && isxdigit(c[i])) { + if(isdigit(c[i])) + num = num * 16 + c[i] - '0'; +-- +1.8.3.1 + diff --git a/0009-Don-t-pass-NULL-to-memcpy.patch b/0009-Don-t-pass-NULL-to-memcpy.patch new file mode 100644 index 0000000..fdd8383 --- /dev/null +++ b/0009-Don-t-pass-NULL-to-memcpy.patch @@ -0,0 +1,26 @@ +From 587ff26d15e807c3a50c5c83e0b8a4bb0f9e5e51 Mon Sep 17 00:00:00 2001 +From: Tomas Heinrich +Date: Fri, 30 May 2014 12:10:36 +0200 +Subject: [PATCH 09/30] Don't pass NULL to memcpy + +This was benign as NULL ptr implied 0 length. +--- + src/string.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/string.c b/src/string.c +index 2930868..8934553 100644 +--- a/src/string.c ++++ b/src/string.c +@@ -528,7 +528,7 @@ es_str2cstr(es_str_t *s, char *nulEsc) + if(c[i] == 0x00) { + if(lenEsc == 1) { + cstr[iDst++] = *nulEsc; +- } else { ++ } else if(lenEsc > 1) { + memcpy(cstr + iDst, nulEsc, lenEsc); + iDst += lenEsc; + } +-- +1.8.3.1 + diff --git a/0021-bugfix-es_str2num-mishandling-empty-strings.patch b/0021-bugfix-es_str2num-mishandling-empty-strings.patch new file mode 100644 index 0000000..3a5d6ee --- /dev/null +++ b/0021-bugfix-es_str2num-mishandling-empty-strings.patch @@ -0,0 +1,33 @@ +From a5729d4f286ebb1344c97b8c768d728392801f44 Mon Sep 17 00:00:00 2001 +From: Jan Gerhards +Date: Mon, 13 Feb 2017 12:20:19 +0100 +Subject: [PATCH 21/30] bugfix: es_str2num mishandling empty strings + +If es_str2num() receives an empty string, misadressing happens. +Under extreme conditions, this theoretically can lead to a segfault. + +closes https://github.com/rsyslog/libestr/issues/10 +--- + src/string.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/string.c b/src/string.c +index f703925..6d06713 100644 +--- a/src/string.c ++++ b/src/string.c +@@ -607,10 +607,10 @@ es_str2num(es_str_t *s, int *bSuccess) + { + long long num; + unsigned char *c; +- + if(s->lenStr == 0) { + num = 0; +- *bSuccess = 0; ++ if(bSuccess != NULL) ++ *bSuccess = 0; + goto done; + } + +-- +1.8.3.1 + diff --git a/libestr-0.1.9.tar.gz b/libestr-0.1.9.tar.gz new file mode 100644 index 0000000..a020809 Binary files /dev/null and b/libestr-0.1.9.tar.gz differ diff --git a/libestr.spec b/libestr.spec new file mode 100755 index 0000000..e4715fb --- /dev/null +++ b/libestr.spec @@ -0,0 +1,61 @@ +Name: libestr +Version: 0.1.9 +Release: 12 +Summary: String handling essentials library + +License: LGPLv2+ +URL: http://libestr.adiscon.com/ +Source0: http://libestr.adiscon.com/files/download/libestr-%{version}.tar.gz + +Patch0: 0004-some-more-potential-overflow-fixes.patch +Patch1: 0005-fix-problems-with-trailing-incomplete-hex-sequence.patch +Patch2: 0006-fix-str2num-did-not-convert-hex-values-correctly.patch +Patch3: 0009-Don-t-pass-NULL-to-memcpy.patch +Patch4: 0021-bugfix-es_str2num-mishandling-empty-strings.patch + +BuildRequires: gcc + +%description +libestr is a library for some string essentials. This package compiles the string handling essentials library +used by the Rsyslog daemon. + +%package devel +Summary: Development files for %{name} +Requires: %{name} = %{version}-%{release} + +%description devel +The %{name}-devel package contains libraries and header files for +developing applications that use %{name}. + +%prep +%autosetup -n %{name}-%{version} -p1 + +%build +%configure --disable-static --with-pic + +%make_build + +%install +%make_install +rm -f %{buildroot}/%{_libdir}/*.{a,la} + +%post +/sbin/ldconfig + +%postun +/sbin/ldconfig + +%files +%license COPYING +%doc README AUTHORS ChangeLog +%{_libdir}/lib*.so.* + +%files devel +%{_includedir}/libestr.h +%{_libdir}/*.so +%{_libdir}/pkgconfig/libestr.pc + +%changelog +* Thu Aug 29 2019 openEuler Buildteam - 0.1.9-12 +- Package init +