From 2763ad60872d956c4363f330af8d824129877855 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Fri, 7 Dec 2018 21:13:21 +0100 Subject: [PATCH] Fixed some issues found by coverity scan --- graphviz-2.40.1-coverity-scan-fixes.patch | 26 +++++++++++++++++++++++ graphviz.spec | 7 +++++- 2 files changed, 32 insertions(+), 1 deletion(-) create mode 100644 graphviz-2.40.1-coverity-scan-fixes.patch diff --git a/graphviz-2.40.1-coverity-scan-fixes.patch b/graphviz-2.40.1-coverity-scan-fixes.patch new file mode 100644 index 0000000..76f4e56 --- /dev/null +++ b/graphviz-2.40.1-coverity-scan-fixes.patch @@ -0,0 +1,26 @@ +diff --git a/cmd/lefty/dot2l/dotlex.c b/cmd/lefty/dot2l/dotlex.c +index cf738c0..65e17e2 100644 +--- a/cmd/lefty/dot2l/dotlex.c ++++ b/cmd/lefty/dot2l/dotlex.c +@@ -252,7 +252,7 @@ static char *scan_token (char *p) { + char *q; + + q = lexbuf; +- if (p == '\0') ++ if (!p || *p == '\0') + return NULL; + while (isalnum (*p) || (*p == '_') || (!isascii (*p))) + *q++ = *p++; +diff --git a/cmd/tools/gvgen.c b/cmd/tools/gvgen.c +index 662343e..2925d19 100644 +--- a/cmd/tools/gvgen.c ++++ b/cmd/tools/gvgen.c +@@ -458,6 +458,8 @@ closeOpen (void) + fprintf(opts.outfile, "}\ngraph {\n"); + } + ++extern void makeTetrix(int depth, edgefn ef); ++ + int main(int argc, char *argv[]) + { + GraphType graphType; diff --git a/graphviz.spec b/graphviz.spec index ab2a4a3..0261099 100644 --- a/graphviz.spec +++ b/graphviz.spec @@ -61,7 +61,7 @@ Name: graphviz Summary: Graph Visualization Tools Version: 2.40.1 -Release: 40%{?dist} +Release: 41%{?dist} License: EPL-1.0 URL: http://www.graphviz.org/ # A bit hacking needed due to: https://gitlab.com/graphviz/graphviz/issues/1371 @@ -72,6 +72,7 @@ Patch1: graphviz-2.40.1-python3.patch Patch2: graphviz-2.40.1-CVE-2018-10196.patch # rhbz#1505230 Patch3: graphviz-2.40.1-dotty-menu-fix.patch +Patch4: graphviz-2.40.1-coverity-scan-fixes.patch BuildRequires: zlib-devel, libpng-devel, libjpeg-devel, expat-devel, freetype-devel >= 2 BuildRequires: ksh, bison, m4, flex, tk-devel, tcl-devel >= 8.3, swig, sed BuildRequires: fontconfig-devel, libtool-ltdl-devel, ruby-devel, ruby, guile-devel @@ -287,6 +288,7 @@ Various tcl packages (extensions) for the graphviz tools. %patch1 -p1 -b .python3 %patch2 -p1 -b .CVE-2018-10196 %patch3 -p1 -b .dotty-menu-fix +%patch4 -p1 -b .coverity-scan-fixes # Attempt to fix rpmlint warnings about executable sources find -type f -regex '.*\.\(c\|h\)$' -exec chmod a-x {} ';' @@ -606,6 +608,9 @@ php --no-php-ini \ %{_mandir}/man3/*.3tcl* %changelog +* Fri Dec 7 2018 Jaroslav Škarvada - 2.40.1-41 +- Fixed some issues found by coverity scan + * Thu Oct 18 2018 Jaroslav Škarvada - 2.40.1-40 - Clarified license tag