Resolves: #1688740 - fix formatting of sha512sum(1) man page

sync: fix open() fallback bug
Detected by Coverity Analysis: Error: RESOURCE_LEAK (CWE-772): coreutils-8.30/src/sync.c:112: open_fn: Returning handle opened by "open". [Note: The source code implementation of the function has been overridden by a user model.] coreutils-8.30/src/sync.c:112: var_assign: Assigning: "fd" = handle returned from "open(file, 2049)". coreutils-8.30/src/sync.c:115: leaked_handle: Handle variable "fd" going out of scope leaks the handle. 113| if (fd < 0) 114| error (0, rd_errno, _("error opening %s"), quoteaf (file)); 115|-> return false; 116| } 117| Bug: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=33287
2019-05-03 16:39:00 +02:00 · 2018-11-07 16:08:33 +01:00 · 2018-11-07 16:08:03 +01:00
5 changed files with 137 additions and 19 deletions
--- a/coreutils-6.10-manpages.patch
+++ b/coreutils-6.10-manpages.patch
@ -1,14 +0,0 @@
-diff --git a/src/md5sum.c b/src/md5sum.c
-index 8e21609..a857d62 100644
--- a/src/md5sum.c
-+++ b/src/md5sum.c
-@@ -265,6 +265,9 @@ Print or check %s (%d-bit) checksums.\n\
-       else
-         fputs (_("\
-   -t, --text           read in text mode (default)\n\
-+"), stdout);
-+  fputs (_("\
-+  Note: There is no difference between binary and text mode option on GNU system.\n\
- "), stdout);
-       fputs (_("\
-   -z, --zero           end each output line with NUL, not newline,\n\
--- a/coreutils-8.30-fsync-fallback.patch
+++ b/coreutils-8.30-fsync-fallback.patch
@ -0,0 +1,77 @@
+From 2eabfbee57be82f755c74cbb05755dce1469ea7c Mon Sep 17 00:00:00 2001
+From: Paul Eggert <eggert@cs.ucla.edu>
+Date: Tue, 6 Nov 2018 10:35:16 -0800
+Subject: [PATCH 1/2] sync: fix open fallback bug
+
+Problem caught by Coverity Analysis
+and reported by Kamil Dudka (Bug#33287).
+* src/sync.c (sync_arg): Fix typo in fallback code.
+
+Upstream-commit: 94d364f157f007f2b23c70863ac8eefe9b21229d
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ src/sync.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/src/sync.c b/src/sync.c
+index bd3671a..607fa8f 100644
+--- a/src/sync.c
+++ b/src/sync.c
+@@ -111,8 +111,10 @@ sync_arg (enum sync_mode mode, char const *file)
+       if (open_flags != (O_WRONLY | O_NONBLOCK))
+         fd = open (file, O_WRONLY | O_NONBLOCK);
+       if (fd < 0)
+-        error (0, rd_errno, _("error opening %s"), quoteaf (file));
+-      return false;
+        {
+          error (0, rd_errno, _("error opening %s"), quoteaf (file));
+          return false;
+        }
+     }
+ 
+   /* We used O_NONBLOCK above to not hang with fifos,
+-- 
+2.17.2
+
+
+From e62ff3068f1f1b1e84d3319f54f1b869bb0bf6cc Mon Sep 17 00:00:00 2001
+From: Bernhard Voelker <mail@bernhard-voelker.de>
+Date: Wed, 7 Nov 2018 00:26:01 +0100
+Subject: [PATCH 2/2] sync: add test for the fix in the previous commit
+
+* tests/misc/sync.sh: Add a test with a write-only file for the fix.
+
+Upstream-commit: 4711c49312d54e84996c13c612f7081c95f821a6
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ tests/misc/sync.sh | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/tests/misc/sync.sh b/tests/misc/sync.sh
+index f60d28c..3bb6e17 100755
+--- a/tests/misc/sync.sh
+++ b/tests/misc/sync.sh
+@@ -19,7 +19,7 @@
+ . "${srcdir=.}/tests/init.sh"; path_prepend_ ./src
+ print_ver_ sync
+ 
+-touch file
+touch file || framework_failure_
+ 
+ # fdatasync+syncfs is nonsensical
+ returns_ 1 sync --data --file-system || fail=1
+@@ -30,6 +30,11 @@ returns_ 1 sync -d || fail=1
+ # Test syncing of file (fsync) (little side effects)
+ sync file || fail=1
+ 
+# Test syncing of write-only file - which failed since adding argument
+# support to sync in coreutils-8.24.
+chmod 0200 file || framework_failure_
+sync file || fail=1
+
+ # Ensure multiple args are processed and diagnosed
+ returns_ 1 sync file nofile || fail=1
+ 
+-- 
+2.17.2
+
--- a/coreutils-8.31-sums-man-pages.patch
+++ b/coreutils-8.31-sums-man-pages.patch
@ -0,0 +1,36 @@
+From ef6be60dcaf424bdb21392aff42331bd4dc272e0 Mon Sep 17 00:00:00 2001
+From: Kamil Dudka <kdudka@redhat.com>
+Date: Thu, 14 Mar 2019 13:48:01 +0100
+Subject: [PATCH] md5sum,b2sum,sha*sum: --help: add note about binary/text mode
+
+* src/md5sum.c (usage): Make it clear that there is no difference
+between binary mode and text mode on GNU systems.
+
+Bug: https://bugzilla.redhat.com/406981
+Bug: https://bugzilla.redhat.com/1688740
+
+Upstream-commit: ae61b1066351bb784b54fbfd7b52caf129ec286c
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ src/md5sum.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/md5sum.c b/src/md5sum.c
+index 3532f7b7a..f75b6de02 100644
+--- a/src/md5sum.c
+++ b/src/md5sum.c
+@@ -287,7 +287,10 @@ The following five options are useful only when verifying checksums:\n\
+ The sums are computed as described in %s.  When checking, the input\n\
+ should be a former output of this program.  The default mode is to print a\n\
+ line with checksum, a space, a character indicating input mode ('*' for binary,\
+-\n' ' for text or where binary is insignificant), and name for each FILE.\n"),
+\n' ' for text or where binary is insignificant), and name for each FILE.\n\
+\n\
+Note: There is no difference between binary mode and text mode on GNU systems.\
+\n"),
+               DIGEST_REFERENCE);
+       emit_ancillary_info (PROGRAM_NAME);
+     }
+-- 
+2.17.2
+
--- a/coreutils-getgrouplist.patch
+++ b/coreutils-getgrouplist.patch
@ -21,7 +21,15 @@ diff --git a/lib/mgetgroups.c b/lib/mgetgroups.c
 index 76474c2..0a9d221 100644
 --- a/lib/mgetgroups.c
 +++ b/lib/mgetgroups.c
-@@ -121,9 +121,17 @@ mgetgroups (char const *username, gid_t gid, gid_t **groups)
+@@ -31,6 +31,7 @@
+ #endif
+ 
+ #include "getugroups.h"
+#include "xalloc.h"
+ #include "xalloc-oversized.h"
+ 
+ /* Work around an incompatibility of OS X 10.11: getgrouplist
+@@ -121,9 +122,17 @@ mgetgroups (char const *username, gid_t gid, gid_t **groups)
   /* else no username, so fall through and use getgroups. */
 #endif
 
@ -42,7 +50,7 @@ index 76474c2..0a9d221 100644
 
   /* If we failed to count groups because there is no supplemental
      group support, then return an array containing just GID.
-@@ -145,10 +153,25 @@ mgetgroups (char const *username, gid_t gid, gid_t **groups)
+@@ -145,10 +154,25 @@ mgetgroups (char const *username, gid_t gid, gid_t **groups)
   if (g == NULL)
     return -1;
 
--- a/coreutils.spec
+++ b/coreutils.spec
@ -1,7 +1,7 @@
 Summary: A set of basic GNU tools commonly used in shell scripts
 Name:    coreutils
 Version: 8.30
-Release: 5%{?dist}
+Release: 7%{?dist}
 License: GPLv3+
 Group:   System Environment/Base
 Url:     https://www.gnu.org/software/coreutils/
@ -20,14 +20,18 @@ Patch1:   coreutils-8.30-renameatu.patch
 # fix heap-based buffer overflow in vasnprintf() (CVE-2018-17942)
 Patch2:   coreutils-8.30-CVE-2018-17942.patch

+# sync: fix open() fallback bug
+Patch3:   coreutils-8.30-fsync-fallback.patch
+
+# md5sum,b2sum,sha*sum: --help: add note about binary/text mode
+Patch4:   coreutils-8.31-sums-man-pages.patch
+
 # disable the test-lock gnulib test prone to deadlock
 Patch100: coreutils-8.26-test-lock.patch

 # require_selinux_(): use selinuxenabled(8) if available
 Patch105: coreutils-8.26-selinuxenable.patch

-#add note about no difference between binary/text mode on Linux - md5sum manpage
-Patch101: coreutils-6.10-manpages.patch
 # downstream changes to default DIR_COLORS
 Patch102: coreutils-8.25-DIR_COLORS.patch
 #do display processor type for uname -p/-i based on uname(2) syscall
@ -255,6 +259,13 @@ fi
 %license COPYING

 %changelog
+* Fri May 03 2019 Kamil Dudka <kdudka@redhat.com> - 8.30-7
+- fix formatting of sha512sum(1) man page (#1688740)
+
+* Wed Nov 07 2018 Kamil Dudka <kdudka@redhat.com> - 8.30-6
+- sync: fix open() fallback bug
+- fix implicit declaration warning in coreutils-getgrouplist.patch
+
 * Thu Oct 11 2018 Kamil Dudka <kdudka@redhat.com> - 8.30-5
 - fix heap-based buffer overflow in vasnprintf() (CVE-2018-17942)