Hello community, here is the log from the commit of package gnutls for openSUSE:Factory checked in at 2014-05-14 10:50:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gnutls (Old) and /work/SRC/openSUSE:Factory/.gnutls.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gnutls" Changes: -------- --- /work/SRC/openSUSE:Factory/gnutls/gnutls.changes 2014-04-12 21:39:24.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.gnutls.new/gnutls.changes 2014-05-14 10:50:30.000000000 +0200 @@ -1,0 +2,8 @@ +Fri Apr 25 14:08:46 UTC 2014 - [email protected] + +- Improvement after code audit (audit-improve.patch) + * Use unsigned type for encode() + * tolerate NULL in strdup() + Modify files: lib/gnutls_mem.c, lib/auth/srp_sb64.c + +------------------------------------------------------------------- New: ---- audit-improve.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gnutls.spec ++++++ --- /var/tmp/diff_new_pack.rL1NSS/_old 2014-05-14 10:50:32.000000000 +0200 +++ /var/tmp/diff_new_pack.rL1NSS/_new 2014-05-14 10:50:32.000000000 +0200 @@ -37,6 +37,7 @@ Patch3: gnutls-3.0.26-skip-test-fwrite.patch Patch6: gnutls-implement-trust-store-dir-3.2.8.diff +Patch7: audit-improve.patch BuildRequires: automake BuildRequires: gcc-c++ @@ -137,6 +138,7 @@ %setup -q %patch3 %patch6 -p1 +%patch7 -p1 %build autoreconf -if ++++++ audit-improve.patch ++++++ Index: gnutls-3.2.13/lib/gnutls_mem.c =================================================================== --- gnutls-3.2.13.orig/lib/gnutls_mem.c +++ gnutls-3.2.13/lib/gnutls_mem.c @@ -73,9 +73,14 @@ void *gnutls_realloc_fast(void *ptr, siz char *_gnutls_strdup(const char *str) { - size_t siz = strlen(str) + 1; + size_t siz; char *ret; + if(unlikely(!str)) + return NULL; + + siz = strlen(str) + 1; + ret = gnutls_malloc(siz); if (ret != NULL) memcpy(ret, str, siz); Index: gnutls-3.2.13/lib/auth/srp_sb64.c =================================================================== --- gnutls-3.2.13.orig/lib/auth/srp_sb64.c +++ gnutls-3.2.13/lib/auth/srp_sb64.c @@ -143,7 +143,7 @@ _gnutls_sbase64_encode(uint8_t * data, s unsigned i, j; int ret, tmp; uint8_t tmpres[4]; - int mod = data_size % 3; + unsigned int mod = data_size % 3; ret = mod; if (ret != 0) -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
