From a6f38a9e3d68e089c61ffea3c3e8001e9b4facfe Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Mon, 5 Nov 2018 15:07:21 +0100 Subject: [PATCH] fix programming mistakes detected by static analysis --- findutils-4.6.0-covscan.patch | 116 ++++++++++++++++++++++++++++++++++ findutils.spec | 8 ++- 2 files changed, 123 insertions(+), 1 deletion(-) create mode 100644 findutils-4.6.0-covscan.patch diff --git a/findutils-4.6.0-covscan.patch b/findutils-4.6.0-covscan.patch new file mode 100644 index 0000000..1b07276 --- /dev/null +++ b/findutils-4.6.0-covscan.patch @@ -0,0 +1,116 @@ +From 6b041f2bd5d84003d3945fc9ae18329f024b8d2a Mon Sep 17 00:00:00 2001 +From: Bernhard Voelker +Date: Thu, 2 Feb 2017 00:17:20 +0100 +Subject: [PATCH 1/2] maint: avoid warnings from GCC 6.2.1 + +buildcmd.c: In function 'bc_push_arg': +buildcmd.c:362:11: error: this 'if' clause does not guard... [-Werror=misleading-indentation] + if (ctl->replace_pat + ^~ +buildcmd.c:366:13: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the 'if' + bc_do_exec (ctl, state); + ^~~~~~~~~~ +pred.c: In function 'print_optlist': +pred.c:1328:46: error: format '%ld' expects argument of type 'long int', but argument 3 has type 'long unsigned int' [-Werror=format=] + fprintf (fp, "[real success rate %ld/%ld", p->perf.successes, p->perf.visits); + ^ +pred.c:1328:50: error: format '%ld' expects argument of type 'long int', but argument 4 has type 'long unsigned int' [-Werror=format=] + fprintf (fp, "[real success rate %ld/%ld", p->perf.successes, p->perf.visits); + ^ +print.c: In function 'scan_for_digit_differences': +print.c:449:46: error: logical 'or' of equal expressions [-Werror=logical-op] + if (!isdigit ((unsigned char)q[i]) || !isdigit ((unsigned char)q[i])) + ^~ +cc1: all warnings being treated as errors + +* find/pred.c (print_optlist): Use %lu for unsigned long int. +* find/print.c (scan_for_digit_differences): Check p[i] too rather than +q[i] two times. +* lib/buildcmd.c (bc_push_arg): Fix indentation. +Use %lu format for unsigned long int. + +Upstream-commit: 4bbc9e7a4a46d83ac5316cc5a57ad7ec5e12f74c +Signed-off-by: Kamil Dudka +--- + find/pred.c | 2 +- + find/print.c | 2 +- + lib/buildcmd.c | 2 +- + 3 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/find/pred.c b/find/pred.c +index 32938fb..5c8086e 100644 +--- a/find/pred.c ++++ b/find/pred.c +@@ -1278,7 +1278,7 @@ print_optlist (FILE *fp, const struct predicate *p) + fprintf (fp, " [%g] ", p->est_success_rate); + if (options.debug_options & DebugSuccessRates) + { +- fprintf (fp, "[%ld/%ld", p->perf.successes, p->perf.visits); ++ fprintf (fp, "[%lu/%lu", p->perf.successes, p->perf.visits); + if (p->perf.visits) + { + double real_rate = (double)p->perf.successes / (double)p->perf.visits; +diff --git a/find/print.c b/find/print.c +index e4c28ad..17b9320 100644 +--- a/find/print.c ++++ b/find/print.c +@@ -451,7 +451,7 @@ scan_for_digit_differences (const char *p, const char *q, + { + if (p[i] != q[i]) + { +- if (!isdigit ((unsigned char)q[i]) || !isdigit ((unsigned char)q[i])) ++ if (!isdigit ((unsigned char)p[i]) || !isdigit ((unsigned char)q[i])) + return false; + + if (!seen) +diff --git a/lib/buildcmd.c b/lib/buildcmd.c +index a58f67e..016ab1d 100644 +--- a/lib/buildcmd.c ++++ b/lib/buildcmd.c +@@ -374,7 +374,7 @@ bc_push_arg (struct buildcmd_control *ctl, + || (ctl->exit_if_size_exceeded && + (ctl->lines_per_exec || ctl->args_per_exec))) + error (EXIT_FAILURE, 0, _("argument list too long")); +- bc_do_exec (ctl, state); ++ bc_do_exec (ctl, state); + } + if (bc_argc_limit_reached (initial_args, ctl, state)) + bc_do_exec (ctl, state); +-- +2.17.2 + + +From 55691f606c8aefa29a4b2f3061797e7f2b85981c Mon Sep 17 00:00:00 2001 +From: Bernhard Voelker +Date: Sun, 4 Feb 2018 18:20:25 +0100 +Subject: [PATCH 2/2] maint: add missing va_end + +'va_start' must have a corresponding 'va_end'. Depending on the +implementation, the consequence of a missing 'va_end' may be a +corrupted stack. + +* find/print.c (checked_fprintf): Add va_end. + +Spotted by coverity analysis. + +Upstream-commit: 76d7e2dcb45a3a558033209982772d21f68a6ea4 +Signed-off-by: Kamil Dudka +--- + find/print.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/find/print.c b/find/print.c +index 17b9320..ab1afc1 100644 +--- a/find/print.c ++++ b/find/print.c +@@ -810,6 +810,7 @@ checked_fprintf (struct format_val *dest, const char *fmt, ...) + + va_start (ap, fmt); + rv = vfprintf (dest->stream, fmt, ap); ++ va_end (ap); + if (rv < 0) + nonfatal_nontarget_file_error (errno, dest->filename); + } +-- +2.17.2 + diff --git a/findutils.spec b/findutils.spec index 6ff97ee..cc3e2a1 100644 --- a/findutils.spec +++ b/findutils.spec @@ -1,7 +1,7 @@ Summary: The GNU versions of find utilities (find and xargs) Name: findutils Version: 4.6.0 -Release: 20%{?dist} +Release: 21%{?dist} Epoch: 1 License: GPLv3+ Group: Applications/File @@ -46,6 +46,9 @@ Patch11: findutils-4.6.0-fts-update.patch # implement the -noleaf option of find (#1252549) Patch12: findutils-4.6.0-leaf-opt.patch +# fix programming mistakes detected by static analysis +Patch13: findutils-4.6.0-covscan.patch + Requires(post): /sbin/install-info Requires(preun): /sbin/install-info Conflicts: filesystem < 3 @@ -147,6 +150,9 @@ fi %{_infodir}/find-maint.info.gz %changelog +* Mon Nov 05 2018 Kamil Dudka - 1:4.6.0-21 +- fix programming mistakes detected by static analysis + * Fri Jul 13 2018 Fedora Release Engineering - 1:4.6.0-20 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild