diff --git a/backport-Add-missing-overflow-check-for-num_values-in-pytdb.c.patch b/backport-Add-missing-overflow-check-for-num_values-in-pytdb.c.patch deleted file mode 100644 index 9b58153587224cb4abdfdad9b0b10f26b18ee5fb..0000000000000000000000000000000000000000 --- a/backport-Add-missing-overflow-check-for-num_values-in-pytdb.c.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 82b07bd048e8039896be7edec6b83cbd6ff218d9 Mon Sep 17 00:00:00 2001 -From: Andreas Schneider -Date: Tue, 30 Apr 2024 14:16:33 +0200 -Subject: [PATCH] lib:tdb: Add missing overflow check for num_values in pytdb.c - -Reference:https://github.com/samba-team/samba/commit/82b07bd048e8039896be7edec6b83cbd6ff218d9 -Conflict:NA - -Error: INTEGER_OVERFLOW (CWE-190): -tdb-1.4.10/pytdb.c:401: cast_overflow: Truncation due to cast operation on "num_values" from 64 to 32 bits. -tdb-1.4.10/pytdb.c:401: overflow_sink: "num_values", which might have overflowed, is passed to "tdb_storev(self->ctx, key, values, num_values, flag)". - 399| } - 400| - 401|-> ret = tdb_storev(self->ctx, key, values, num_values, flag); - 402| free(values); - 403| PyErr_TDB_ERROR_IS_ERR_RAISE(ret, self->ctx); - -Signed-off-by: Andreas Schneider -Reviewed-by: Volker Lendecke ---- - pytdb.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/pytdb.c b/pytdb.c -index d47d933..4d0b9d4 100644 ---- a/pytdb.c -+++ b/pytdb.c -@@ -407,6 +407,10 @@ static PyObject *obj_storev(PyTdbObject *self, PyObject *args) - PyErr_SetFromErrno(PyExc_OverflowError); - return NULL; - } -+ if (num_values > INT_MAX) { -+ PyErr_SetFromErrno(PyExc_OverflowError); -+ return NULL; -+ } - values = malloc(sizeof(TDB_DATA) * num_values); - if (values == NULL) { - PyErr_NoMemory(); -@@ -422,7 +426,7 @@ static PyObject *obj_storev(PyTdbObject *self, PyObject *args) - values[i] = value; - } - -- ret = tdb_storev(self->ctx, key, values, num_values, flag); -+ ret = tdb_storev(self->ctx, key, values, (int)num_values, flag); - free(values); - PyErr_TDB_ERROR_IS_ERR_RAISE(ret, self->ctx); - Py_RETURN_NONE; --- -2.33.0 - - diff --git a/backport-tdb-Do-not-pass-non-null-terminated-strings-to-strcm.patch b/backport-tdb-Do-not-pass-non-null-terminated-strings-to-strcm.patch deleted file mode 100644 index a635c0533de96c53f5a250b8773072efbf87b95b..0000000000000000000000000000000000000000 --- a/backport-tdb-Do-not-pass-non-null-terminated-strings-to-strcm.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 757cd49b8445f22c2c19380e948e7aba5a76399a Mon Sep 17 00:00:00 2001 -From: Joseph Sutton -Date: Fri, 6 Oct 2023 13:54:02 +1300 -Subject: [PATCH] =?UTF-8?q?tdb:=20Do=20not=20pass=20non=E2=80=93null?= - =?UTF-8?q?=E2=80=90terminated=20strings=20to=20strcmp()=20(CID=201449485)?= -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Signed-off-by: Joseph Sutton -Reviewed-by: Andrew Bartlett - -Reference:https://github.com/samba-team/samba/commit/757cd49b8445f22c2c19380e948e7aba5a76399a -Conflict:NA ---- - common/open.c | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) - -diff --git a/common/open.c b/common/open.c -index f7f65b0..4e138c6 100644 ---- a/common/open.c -+++ b/common/open.c -@@ -513,7 +513,13 @@ _PUBLIC_ struct tdb_context *tdb_open_ex(const char *name, int hash_size, int td - - errno = 0; - if (read(tdb->fd, &header, sizeof(header)) != sizeof(header) -- || strcmp(header.magic_food, TDB_MAGIC_FOOD) != 0) { -+ /* -+ * Call strncmp() rather than strcmp() in case header.magic_food is -+ * not zero‐terminated. We’re still checking the full string for -+ * equality, as tdb_header::magic_food is larger than -+ * TDB_MAGIC_FOOD. -+ */ -+ || strncmp(header.magic_food, TDB_MAGIC_FOOD, sizeof(header.magic_food)) != 0) { - if (!(open_flags & O_CREAT) || - tdb_new_database(tdb, &header, hash_size) == -1) { - if (errno == 0) { --- -2.33.0 - diff --git a/libtdb.spec b/libtdb.spec index defd165ec288ececdebe4987738790d8c6e71eab..d0258b430aec4761255f4caeacdfbf34e1d2f279 100644 --- a/libtdb.spec +++ b/libtdb.spec @@ -1,13 +1,10 @@ Name: libtdb -Version: 1.4.9 -Release: 3 +Version: 1.4.12 +Release: 1 Summary: The Tdb library -License: LGPLv3+ -URL: http://tdb.samba.org/ -Source: http://samba.org/ftp/tdb/tdb-%{version}.tar.gz - -Patch6000: backport-tdb-Do-not-pass-non-null-terminated-strings-to-strcm.patch -Patch6001: backport-Add-missing-overflow-check-for-num_values-in-pytdb.c.patch +License: LGPL-3.0-or-later +URL: https://tdb.samba.org/ +Source: https://samba.org/ftp/tdb/tdb-%{version}.tar.gz BuildRequires: gcc libxslt docbook-style-xsl BuildRequires: python3-devel @@ -58,7 +55,7 @@ Document for the Tdb library %make_build %check -make %{?_smp_mflags} check +%make_build check %install %make_install @@ -87,9 +84,10 @@ make %{?_smp_mflags} check %{_mandir}/man8/tdbtool.8* %{_mandir}/man8/tdbrestore.8* -%ldconfig_scriptlets - %changelog +* Tue Jan 07 2025 Funda Wang - 1.4.12-1 +- update to 1.4.12 + * Tue Jun 11 2024 shixuantong - 1.4.9-3 - Type:bugfix - CVE:NA diff --git a/libtdb.yaml b/libtdb.yaml index 06c65b7992daa963ebd074921797a868098d4fd6..83a2d2968769e4e2f2fd7c3bb18221e0b9e645f1 100644 --- a/libtdb.yaml +++ b/libtdb.yaml @@ -1,4 +1,4 @@ version_control: github src_repo: samba-team/samba tag_prefix: ^tdb- -seperator: . +separator: . diff --git a/tdb-1.4.12.tar.gz b/tdb-1.4.12.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..b81bae8bed18c9a803ace26586aeefc0e651fa53 Binary files /dev/null and b/tdb-1.4.12.tar.gz differ diff --git a/tdb-1.4.9.tar.gz b/tdb-1.4.9.tar.gz deleted file mode 100644 index f158385efcb48af4e674fca52b94b3583e501ba0..0000000000000000000000000000000000000000 Binary files a/tdb-1.4.9.tar.gz and /dev/null differ