Backport upstream patch

2025-03-13 15:03:51 +08:00 · 2025-03-13 15:03:51 +08:00 · 6bb00198fd
commit 6bb00198fd
parent 23e666cccc
2 changed files with 35 additions and 1 deletions
--- a/backport-Address-some-static-analysis-observations.patch
+++ b/backport-Address-some-static-analysis-observations.patch
@ -0,0 +1,30 @@
+From a044d8b496ef598c61f0634172c742bd52ccf776 Mon Sep 17 00:00:00 2001
+From: "Andrew G. Morgan" <morgan@kernel.org>
+Date: Fri, 15 Nov 2024 07:26:42 -0800
+Subject: [PATCH] Address some static analysis observations.
+
+These were reported by Carlos Rodriguez-Fernandez with respect
+to some analysis performed on the Fedora libcap-2.71 package.
+
+Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
+---
+ pam_cap/pam_cap.c | 3 +++++-
+ 1 files changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/pam_cap/pam_cap.c b/pam_cap/pam_cap.c
+index 3fe3b8c..24de329 100644
+--- a/pam_cap/pam_cap.c
+++ b/pam_cap/pam_cap.c
+@@ -170,7 +170,8 @@ static char *read_capabilities_for_user(const char *user, const char *source)
+ 
+ 	    int i;
+ 	    for (i=0; i < groups_n; i++) {
+-		if (!strcmp(groups[i], line+1)) {
+		const char *g = groups[i];
+		if (g != NULL && !strcmp(g, line+1)) {
+ 		    D(("user group matched [%s]", line));
+ 		    found_one = 1;
+ 		    break;
+-- 
+2.33.0
+
--- a/libcap.spec
+++ b/libcap.spec
@ -1,6 +1,6 @@
 Name:     libcap
 Version:  2.32
-Release:  8
+Release:  9
 Summary:  A library for getting and setting POSIX.1e draft 15 capabilities        
 License:  GPLv2
 URL:      https://sites.google.com/site/fullycapable
@ -16,6 +16,7 @@ Patch6:   backport-getpcaps-catch-PID-parsing-errors.patch
 Patch7:   backport-Large-strings-can-confuse-libcap-s-internal-strdup-c.patch
 Patch8:   backport-libcap-Ensure-the-XATTR_NAME_CAPS-is-define.patch
 Patch9:   backport-CVE-2025-1390-pam_cap-Fix-potential-configuration-parsing-error.patch
+Patch10:  backport-Address-some-static-analysis-observations.patch

 BuildRequires: libattr-devel pam-devel perl-interpreter gcc

@ -76,6 +77,9 @@ chmod +x %{buildroot}/%{_libdir}/*.so.*
 %{_mandir}/man8/*.gz

 %changelog
+* Thu Mar 13 2025 yixiangzhike <yixiangzhike007@163.com> - 2.32-9
+- backport upstream patch to address some static analysis observations
+
 * Tue Mar 04 2025 Linux_zhang <zhangruifang@h-partners.com> - 2.32-8
 - fix CVE-2025-1390