[konkretcmpi] Set format(printf) attribute to __KReturn2 function
Radek Novacek
rnovacek at fedoraproject.org
Mon Aug 26 14:12:22 UTC 2013
commit 06eef26fe51275f918ca97dfc9e732b87f24ccda
Author: Radek Novacek <rnovacek at redhat.com>
Date: Mon Aug 26 16:12:10 2013 +0200
Set format(printf) attribute to __KReturn2 function
- Fix possible integer overflow
konkretcmpi-0.9.1-fix-integer-overflow.patch | 46 ++++++++++++++++++++
...retcmpi-0.9.1-set-format-printf-attribute.patch | 24 ++++++++++
konkretcmpi.spec | 14 ++++++-
3 files changed, 83 insertions(+), 1 deletions(-)
---
diff --git a/konkretcmpi-0.9.1-fix-integer-overflow.patch b/konkretcmpi-0.9.1-fix-integer-overflow.patch
new file mode 100644
index 0000000..49ebc0b
--- /dev/null
+++ b/konkretcmpi-0.9.1-fix-integer-overflow.patch
@@ -0,0 +1,46 @@
+commit 4ac996b1a0d907469a3294d356a49b633af64d58
+Author: Radek Novacek <rnovacek at redhat.com>
+Date: Mon Aug 26 14:28:59 2013 +0200
+
+ Fix possible integer overflow
+
+diff --git a/src/mof/MOF_Buffer.cpp b/src/mof/MOF_Buffer.cpp
+index ee78691..ab49473 100644
+--- a/src/mof/MOF_Buffer.cpp
++++ b/src/mof/MOF_Buffer.cpp
+@@ -26,10 +26,11 @@
+ */
+
+ #include "MOF_Buffer.h"
++#include "MOF_Error.h"
+
+-inline MOF_uint32 _next_pow_2(MOF_uint32 x)
++inline size_t _next_pow_2(size_t x)
+ {
+- MOF_uint32 r = 1;
++ size_t r = 1;
+
+ while (r < x)
+ r <<= 1;
+@@ -37,7 +38,7 @@ inline MOF_uint32 _next_pow_2(MOF_uint32 x)
+ return r;
+ }
+
+-inline MOF_uint32 _round_capacity(MOF_uint32 capacity)
++inline size_t _round_capacity(size_t capacity)
+ {
+ return capacity < 16 ? 16 : _next_pow_2(capacity);
+ }
+@@ -54,6 +55,12 @@ void MOF_Buffer::reserve(size_t capacity)
+
+ void MOF_Buffer::append(const char* data, size_t size)
+ {
++ if (_size + size < _size) {
++ // It would overflow, because both size and _size are unsigned
++ // and their sum can't be lower than any of them
++ MOF_error_printf("Integer overflow detected");
++ return;
++ }
+ reserve(_size + size);
+ memcpy(_data + _size, data, size);
+ _size += size;
diff --git a/konkretcmpi-0.9.1-set-format-printf-attribute.patch b/konkretcmpi-0.9.1-set-format-printf-attribute.patch
new file mode 100644
index 0000000..ec42912
--- /dev/null
+++ b/konkretcmpi-0.9.1-set-format-printf-attribute.patch
@@ -0,0 +1,24 @@
+commit 0495c3f18170f9690d32b5e0771232e4b92eb34f
+Author: Radek Novacek <rnovacek at redhat.com>
+Date: Mon Aug 26 14:59:25 2013 +0200
+
+ Set format(printf) attribute to __KReturn2 function
+
+ This way, users of this function will get notified when they use options
+ (like invalid number of formatted variables).
+
+diff --git a/src/konkret/konkret.h b/src/konkret/konkret.h
+index a9bb57d..40d66b3 100644
+--- a/src/konkret/konkret.h
++++ b/src/konkret/konkret.h
+@@ -205,8 +205,9 @@ KINLINE void KPutStatus(CMPIStatus* st)
+ fprintf(stderr, "CMPIStatus{%u, %s}\n", st->rc, KChars(st->msg));
+ }
+
++__attribute__((format(printf, 3, 4)))
+ KINLINE CMPIStatus __KReturn2(
+- const CMPIBroker* cb,
++ const CMPIBroker* cb,
+ CMPIrc rc,
+ const char* format,
+ ...)
diff --git a/konkretcmpi.spec b/konkretcmpi.spec
index 356b3e7..27eaa13 100644
--- a/konkretcmpi.spec
+++ b/konkretcmpi.spec
@@ -1,11 +1,13 @@
Name: konkretcmpi
Version: 0.9.1
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: Tool for rapid CMPI providers development
License: MIT
Source0: https://github.com/rnovacek/%{name}/archive/%{version}/%{name}-%{version}.tar.gz
Patch0: konkretcmpi-0.9.1-fix-instance-to-string.patch
+Patch1: konkretcmpi-0.9.1-fix-integer-overflow.patch
+Patch2: konkretcmpi-0.9.1-set-format-printf-attribute.patch
BuildRequires: sblim-cmpi-devel
BuildRequires: cmake
@@ -35,7 +37,13 @@ This package contains python binding for konkretcmpi.
%prep
%setup -q
+# Fix instance type to string conversion
%patch0 -p1
+# Fix possible integer overflow
+%patch1 -p1
+# Set format(printf) attribute to __KReturn2 function
+%patch2 -p1
+
%build
mkdir -p %{_target_platform}
@@ -75,6 +83,10 @@ rm -rf $RPM_BUILD_ROOT/usr/lib*/libkonkret.la
%changelog
+* Mon Aug 26 2013 Radek Novacek <rnovacek at redhat.com> 0.9.1-3
+- Set format(printf) attribute to __KReturn2 function
+- Fix possible integer overflow
+
* Wed Jul 31 2013 Radek Novacek <rnovacek at redhat.com> 0.9.1-2
- Fix instance to string
More information about the scm-commits
mailing list