Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package cpulimit for openSUSE:Factory checked in at 2021-12-23 17:53:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cpulimit (Old) and /work/SRC/openSUSE:Factory/.cpulimit.new.2520 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cpulimit" Thu Dec 23 17:53:42 2021 rev:4 rq:942150 version:2.7 Changes: -------- --- /work/SRC/openSUSE:Factory/cpulimit/cpulimit.changes 2020-09-01 20:10:41.972685891 +0200 +++ /work/SRC/openSUSE:Factory/.cpulimit.new.2520/cpulimit.changes 2021-12-23 17:53:56.611726333 +0100 @@ -1,0 +2,6 @@ +Mon Dec 20 22:44:03 UTC 2021 - Dirk M??ller <[email protected]> + +- update to 2.7: + * Fixed compiler warnings regarding string lengths. + +------------------------------------------------------------------- Old: ---- cpulimit-2.6.tar.gz New: ---- cpulimit-2.7.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cpulimit.spec ++++++ --- /var/tmp/diff_new_pack.XyO7bz/_old 2021-12-23 17:53:57.059726611 +0100 +++ /var/tmp/diff_new_pack.XyO7bz/_new 2021-12-23 17:53:57.067726616 +0100 @@ -2,7 +2,7 @@ # # spec file for package cpulimit # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,13 +18,13 @@ Name: cpulimit -Version: 2.6 +Version: 2.7 Release: 0 Summary: Limit the CPU Usage of a Process License: GPL-2.0-or-later Group: System/Monitoring URL: http://limitcpu.sourceforge.net/ -Source0: http://prdownloads.sourceforge.net/limitcpu/%{name}-%{version}.tar.gz +Source0: https://downloads.sourceforge.net/limitcpu/%{name}-%{version}.tar.gz Patch0: %{name}-2.2-do_not_forget_version.patch BuildRequires: gcc BuildRequires: glibc-devel ++++++ cpulimit-2.6.tar.gz -> cpulimit-2.7.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cpulimit-2.6/CHANGELOG new/cpulimit-2.7/CHANGELOG --- old/cpulimit-2.6/CHANGELOG 2019-04-07 23:26:53.000000000 +0200 +++ new/cpulimit-2.7/CHANGELOG 2021-05-05 22:01:10.000000000 +0200 @@ -1,4 +1,11 @@ -========== Changes in 2.6 (unreleased) ==== +========== Changes in 2.7 ================ + +* Fixed compiler warnings regarding string lengths. + Avoid potential buffer overflow when /proc includes + process IDs that are very long. + + +========== Changes in 2.6 ================ * Fixed indentation to avoid compiler warnings. No functional change. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cpulimit-2.6/Makefile new/cpulimit-2.7/Makefile --- old/cpulimit-2.6/Makefile 2019-04-07 23:53:59.000000000 +0200 +++ new/cpulimit-2.7/Makefile 2021-05-05 22:00:00.000000000 +0200 @@ -1,4 +1,4 @@ -VERSION?=2.6 +VERSION?=2.7 PREFIX?=/usr CFLAGS?=-Wall -O2 -DVERSION=$(VERSION) CC?=gcc diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cpulimit-2.6/cpulimit.c new/cpulimit-2.7/cpulimit.c --- old/cpulimit-2.6/cpulimit.c 2019-04-07 23:19:25.000000000 +0200 +++ new/cpulimit-2.7/cpulimit.c 2021-05-05 21:57:54.000000000 +0200 @@ -58,7 +58,7 @@ #ifdef LINUX #include <dirent.h> -#define PROC_FILENAME 64 +#define PROC_FILENAME 512 #define LINE_LENGTH 256 #endif @@ -74,6 +74,9 @@ #ifndef PATH_MAX #define PATH_MAX 4096 #endif +#ifndef EXEC_PATH +#define EXEC_PATH 32 +#endif #define BEST_PRIORITY -10 @@ -261,7 +264,7 @@ printf("Warning: cannot renice\n"); } */ - char exelink[20]; + char exelink[EXEC_PATH + 1]; char exepath[PATH_MAX+1]; int pid=0; int i=0; @@ -282,7 +285,7 @@ //get pid pid=atoi(dit->d_name); if (pid>0) { - sprintf(exelink,"/proc/%d/exe",pid); + snprintf(exelink, EXEC_PATH, "/proc/%d/exe",pid); int size=readlink(exelink,exepath,sizeof(exepath)); if (size>0) { int found=0; @@ -661,7 +664,7 @@ int found = FALSE; DIR *proc; struct dirent *proc_entry; - char filename[PROC_FILENAME]; + char filename[PROC_FILENAME + 1]; FILE *status_file; char *reading_file; char line[256]; @@ -733,7 +736,7 @@ // we can remote its node. if (current->child) { - char filename[PROC_FILENAME]; + char filename[PROC_FILENAME + 1]; DIR *child_directory; snprintf(filename, PROC_FILENAME, "/proc/%d", current->child); child_directory = opendir(filename);
