5 changed files with 1 additions and 116 deletions
--- a/backport-Add-missing-overflow-check-for-num_values-in-pytdb.c.patch
+++ b/backport-Add-missing-overflow-check-for-num_values-in-pytdb.c.patch
@ -1,51 +0,0 @@
-From 82b07bd048e8039896be7edec6b83cbd6ff218d9 Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn@samba.org>
-Date: Tue, 30 Apr 2024 14:16:33 +0200
-Subject: [PATCH] lib:tdb: Add missing overflow check for num_values in pytdb.c
-
-Reference:https://github.com/samba-team/samba/commit/82b07bd048e8039896be7edec6b83cbd6ff218d9
-Conflict:NA
-
-Error: INTEGER_OVERFLOW (CWE-190):
-tdb-1.4.10/pytdb.c:401: cast_overflow: Truncation due to cast operation on "num_values" from 64 to 32 bits.
-tdb-1.4.10/pytdb.c:401: overflow_sink: "num_values", which might have overflowed, is passed to "tdb_storev(self->ctx, key, values, num_values, flag)".
-  399|           }
-  400|
-  401|->         ret = tdb_storev(self->ctx, key, values, num_values, flag);
-  402|           free(values);
-  403|           PyErr_TDB_ERROR_IS_ERR_RAISE(ret, self->ctx);
-
-Signed-off-by: Andreas Schneider <asn@samba.org>
-Reviewed-by: Volker Lendecke <vl@samba.org>
---
- pytdb.c | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/pytdb.c b/pytdb.c
-index d47d933..4d0b9d4 100644
--- a/pytdb.c
-+++ b/pytdb.c
-@@ -407,6 +407,10 @@ static PyObject *obj_storev(PyTdbObject *self, PyObject *args)
- 		PyErr_SetFromErrno(PyExc_OverflowError);
- 		return NULL;
- 	}
-+	if (num_values > INT_MAX) {
-+		PyErr_SetFromErrno(PyExc_OverflowError);
-+		return NULL;
-+	}
- 	values = malloc(sizeof(TDB_DATA) * num_values);
- 	if (values == NULL) {
- 		PyErr_NoMemory();
-@@ -422,7 +426,7 @@ static PyObject *obj_storev(PyTdbObject *self, PyObject *args)
- 		values[i] = value;
- 	}
- 
-	ret = tdb_storev(self->ctx, key, values, num_values, flag);
-+	ret = tdb_storev(self->ctx, key, values, (int)num_values, flag);
- 	free(values);
- 	PyErr_TDB_ERROR_IS_ERR_RAISE(ret, self->ctx);
- 	Py_RETURN_NONE;
-- 
-2.33.0
-
-
--- a/backport-tdb-Do-not-pass-non-null-terminated-strings-to-strcm.patch
+++ b/backport-tdb-Do-not-pass-non-null-terminated-strings-to-strcm.patch
@ -1,40 +0,0 @@
-From 757cd49b8445f22c2c19380e948e7aba5a76399a Mon Sep 17 00:00:00 2001
-From: Joseph Sutton <josephsutton@catalyst.net.nz>
-Date: Fri, 6 Oct 2023 13:54:02 +1300
-Subject: [PATCH] =?UTF-8?q?tdb:=20Do=20not=20pass=20non=E2=80=93null?=
- =?UTF-8?q?=E2=80=90terminated=20strings=20to=20strcmp()=20(CID=201449485)?=
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
-Reviewed-by: Andrew Bartlett <abartlet@samba.org>
-
-Reference:https://github.com/samba-team/samba/commit/757cd49b8445f22c2c19380e948e7aba5a76399a
-Conflict:NA
---
- common/open.c | 8 +++++++-
- 1 file changed, 7 insertions(+), 1 deletion(-)
-
-diff --git a/common/open.c b/common/open.c
-index f7f65b0..4e138c6 100644
--- a/common/open.c
-+++ b/common/open.c
-@@ -513,7 +513,13 @@ _PUBLIC_ struct tdb_context *tdb_open_ex(const char *name, int hash_size, int td
- 
- 	errno = 0;
- 	if (read(tdb->fd, &header, sizeof(header)) != sizeof(header)
-	    || strcmp(header.magic_food, TDB_MAGIC_FOOD) != 0) {
-+	    /*
-+	     * Call strncmp() rather than strcmp() in case header.magic_food is
-+	     * not zero‐terminated. We’re still checking the full string for
-+	     * equality, as tdb_header::magic_food is larger than
-+	     * TDB_MAGIC_FOOD.
-+	     */
-+	    || strncmp(header.magic_food, TDB_MAGIC_FOOD, sizeof(header.magic_food)) != 0) {
- 		if (!(open_flags & O_CREAT) ||
- 		    tdb_new_database(tdb, &header, hash_size) == -1) {
- 			if (errno == 0) {
-- 
-2.33.0
-
--- a/libtdb.spec
+++ b/libtdb.spec
@ -1,14 +1,11 @@
 Name: libtdb
-Version: 1.4.9
+Version: 1.4.5
 Release: 3
 Summary: The Tdb library
 License: LGPLv3+
 URL: http://tdb.samba.org/
 Source: http://samba.org/ftp/tdb/tdb-%{version}.tar.gz

-Patch6000:  backport-tdb-Do-not-pass-non-null-terminated-strings-to-strcm.patch
-Patch6001:  backport-Add-missing-overflow-check-for-num_values-in-pytdb.c.patch
-
 BuildRequires: gcc libxslt docbook-style-xsl
 BuildRequires: python3-devel
 Provides: bundled(libreplace)
@ -90,27 +87,6 @@ make %{?_smp_mflags} check
 %ldconfig_scriptlets

 %changelog
-* Tue Jun 11 2024 shixuantong <shixuantong1@huawei.com> - 1.4.9-3
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:Add missing overflow check for num_values in pytdb.c
-
-* Wed May 08 2024 wangjiang <wangjiang37@h-partners.com> - 1.4.9-2
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:tdb: Do not pass non–null‐terminated strings to strcmp()
-
-* Thu Aug 17 2023 dillon chen <dillon.chen@gmail.com> - 1.4.9-1
- upgrade version to 1.4.9
-
-* Fri Jul 14 2023 niuyaru <niuyaru@kylinos.cn> - 1.4.8-1
- upgrade version to 1.4.8
-
-* Sat Nov 05 2022 shixuantong<shixuantong1@huawei.com> - 1.4.7-1
- upgrade version to 1.4.7
-
 * Tue May 10 2022 mylee <liweiganga@uniontech.com> - 1.4.5-3
 - fix spec changelog date

--- a/tdb-1.4.5.tar.gz
+++ b/tdb-1.4.5.tar.gz
--- a/tdb-1.4.9.tar.gz
+++ b/tdb-1.4.9.tar.gz