Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gptfdisk for openSUSE:Factory checked in at 2023-03-08 14:51:26 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gptfdisk (Old) and /work/SRC/openSUSE:Factory/.gptfdisk.new.31432 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gptfdisk" Wed Mar 8 14:51:26 2023 rev:25 rq:1069857 version:1.0.9 Changes: -------- --- /work/SRC/openSUSE:Factory/gptfdisk/gptfdisk.changes 2022-10-03 13:44:59.845380501 +0200 +++ /work/SRC/openSUSE:Factory/.gptfdisk.new.31432/gptfdisk.changes 2023-03-08 14:51:26.798308170 +0100 @@ -1,0 +2,7 @@ +Tue Mar 7 02:57:27 UTC 2023 - Alynx Zhou <[email protected]> + +- Add gptfdisk-fix-null-pointer-dereference.patch: Fix NULL pointer + dereference in pervious patch, poptGetArg can return NULL so we + should not pass it to strdup directly (bsc#1208877). + +------------------------------------------------------------------- New: ---- gptfdisk-fix-null-pointer-dereference.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gptfdisk.spec ++++++ --- /var/tmp/diff_new_pack.wIzd1i/_old 2023-03-08 14:51:27.230310523 +0100 +++ /var/tmp/diff_new_pack.wIzd1i/_new 2023-03-08 14:51:27.234310545 +0100 @@ -1,7 +1,7 @@ # # spec file for package gptfdisk # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -27,6 +27,8 @@ #Git-Web: https://sourceforge.net/p/gptfdisk/code/ci/master/tree/ Source: https://downloads.sf.net/%name/%name-%version.tar.gz Patch1: 0001-Fix-failure-crash-of-sgdisk-when-compiled-with-lates.patch +# PATCH-FIX-UPSTREAM gptfdisk-fix-null-pointer-dereference.patch bsc#1208877 [email protected] -- Fix NULL pointer dereference in previous patch +Patch2: gptfdisk-fix-null-pointer-dereference.patch BuildRequires: gcc-c++ BuildRequires: ncurses-devel BuildRequires: pkgconfig(popt) ++++++ gptfdisk-fix-null-pointer-dereference.patch ++++++ >From f5de3401b974ce103ffd93af8f9d43505a04aaf9 Mon Sep 17 00:00:00 2001 From: Damian Kurek <[email protected]> Date: Thu, 7 Jul 2022 03:39:16 +0000 Subject: [PATCH] Fix NULL dereference when duplicating string argument poptGetArg can return NULL if there are no additional arguments, which makes strdup dereference NULL on strlen --- gptcl.cc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/gptcl.cc b/gptcl.cc index 0d578eb..ab95239 100644 --- a/gptcl.cc +++ b/gptcl.cc @@ -155,10 +155,11 @@ int GPTDataCL::DoOptions(int argc, char* argv[]) { } // while // Assume first non-option argument is the device filename.... - device = strdup((char*) poptGetArg(poptCon)); - poptResetContext(poptCon); + device = (char*) poptGetArg(poptCon); if (device != NULL) { + device = strdup(device); + poptResetContext(poptCon); JustLooking(); // reset as necessary BeQuiet(); // Tell called functions to be less verbose & interactive if (LoadPartitions((string) device)) { @@ -498,6 +499,7 @@ int GPTDataCL::DoOptions(int argc, char* argv[]) { cerr << "Error encountered; not saving changes.\n"; retval = 4; } // if + free(device); } // if (device != NULL) poptFreeContext(poptCon); return retval;
