rpms/clamav/devel clamav-0.88.1-strncpy.patch, NONE, 1.1 clamav-0.88.1-guys, please-read-the-compiler-warnings-before-doing-a-release.patch, NONE, 1.1 clamav.spec, 1.33, 1.34
Enrico Scholz (ensc)
fedora-extras-commits at redhat.com
Mon Apr 24 22:05:45 UTC 2006
- Previous message (by thread): rpms/worminator/FC-5 worminator-3.0R2.1-speed.patch, NONE, 1.1 worminator.spec, 1.2, 1.3
- Next message (by thread): rpms/smb4k/devel .cvsignore, 1.6, 1.7 smb4k.spec, 1.9, 1.10 sources, 1.6, 1.7
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: ensc
Update of /cvs/extras/rpms/clamav/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv26208/devel
Modified Files:
clamav.spec
Added Files:
clamav-0.88.1-strncpy.patch
clamav-0.88.1-guys,please-read-the-compiler-warnings-before-doing-a-release.patch
Log Message:
- added patch which fixes some classes of compiler warnings; at least
the using of implicitly declared functions was reported to cause
segfaults on AMD64 (brought to my attention by Marc Perkel)
- added patch which fixes wrong usage of strncpy(3) in unrarlib.c
clamav-0.88.1-strncpy.patch:
--- NEW FILE clamav-0.88.1-strncpy.patch ---
2006-04-24 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de>
* libclamav/unrarlib.c/stricomp(): terminate the string copied
with strncpy() explicitly with '\0'. Does not seem to be
exploitable at the moment due to deeply buried constraints
(function will be called for buffers with a static size of
260 only).
But it is better to fix it now than to run into problems
when function is used for other purposes.
--- clamav-0.88.1/libclamav/unrarlib.c.strncpy 2005-06-23 22:03:12.000000000 +0200
+++ clamav-0.88.1/libclamav/unrarlib.c 2006-04-24 23:10:07.000000000 +0200
@@ -1180,8 +1180,10 @@ int stricomp(char *Str1,char *Str2)
char S1[512],S2[512];
char *chptr;
- strncpy(S1,Str1,sizeof(S1));
- strncpy(S2,Str2,sizeof(S2));
+ strncpy(S1,Str1,sizeof(S1));
+ strncpy(S2,Str2,sizeof(S2));
+ S1[sizeof(S1)-1] = '\0';
+ S2[sizeof(S2)-1] = '\0';
while((chptr = strchr(S1, '\\')) != NULL) /* ignore backslash */
{
***** Not enough context to create diffstat for file: clamav-0.88.1-guys,please-read-the-compiler-warnings-before-doing-a-release.patch,NONE,1.1
***** Not enough context to create diff for file: clamav-0.88.1-guys,please-read-the-compiler-warnings-before-doing-a-release.patch,NONE,1.1
Index: clamav.spec
===================================================================
RCS file: /cvs/extras/rpms/clamav/devel/clamav.spec,v
retrieving revision 1.33
retrieving revision 1.34
diff -u -r1.33 -r1.34
--- clamav.spec 6 Apr 2006 16:50:58 -0000 1.33
+++ clamav.spec 24 Apr 2006 22:05:44 -0000 1.34
@@ -22,7 +22,7 @@
Summary: End-user tools for the Clam Antivirus scanner
Name: clamav
Version: 0.88.1
-Release: %release_func 1
+Release: %release_func 2
License: GPL
Group: Applications/File
@@ -36,6 +36,8 @@
Source6: clamav-update.logrotate
Source7: clamd.SERVICE.init
Source8: clamav-notify-servers
+Patch0: clamav-0.88.1-guys,please-read-the-compiler-warnings-before-doing-a-release.patch
+Patch1: clamav-0.88.1-strncpy.patch
Patch20: clamav-0.70-user.patch
Patch21: clamav-0.70-path.patch
Patch22: clamav-0.80-initoff.patch
@@ -162,6 +164,9 @@
%prep
%setup -q
+%patch0 -p1 -b '.guys,please-read-the-compiler-warnings-before-doing-a-release.patch'
+%patch1 -p1 -b .strncpy
+
%patch20 -p1 -b .user
%patch21 -p1 -b .path
%patch22 -p1 -b .initoff
@@ -186,6 +191,7 @@
## See https://bugzilla.redhat.com/beta/show_bug.cgi?id=131385 and
## http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0797
## also
+CFLAGS="$RPM_OPT_FLAGS -Wall -W -W -Wmissing-prototypes -Wmissing-declarations -std=gnu99"
%configure --disable-clamav --with-dbdir=/var/lib/clamav \
--disable-zlib-vcheck \
%{!?_without_milter:--enable-milter}
@@ -426,6 +432,12 @@
%endif # _without_milter
%changelog
+* Mon Apr 24 2006 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.88.1-2
+- added patch which fixes some classes of compiler warnings; at least
+ the using of implicitly declared functions was reported to cause
+ segfaults on AMD64 (brought to my attention by Marc Perkel)
+- added patch which fixes wrong usage of strncpy(3) in unrarlib.c
+
* Thu Apr 06 2006 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.88.1-1
- updated to 0.88.1 (SECURITY)
- Previous message (by thread): rpms/worminator/FC-5 worminator-3.0R2.1-speed.patch, NONE, 1.1 worminator.spec, 1.2, 1.3
- Next message (by thread): rpms/smb4k/devel .cvsignore, 1.6, 1.7 smb4k.spec, 1.9, 1.10 sources, 1.6, 1.7
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list