Hello community, here is the log from the commit of package i2c-tools for openSUSE:Factory checked in at 2017-11-14 12:38:52 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/i2c-tools (Old) and /work/SRC/openSUSE:Factory/.i2c-tools.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "i2c-tools" Tue Nov 14 12:38:52 2017 rev:33 rq:539806 version:4.0 Changes: -------- --- /work/SRC/openSUSE:Factory/i2c-tools/i2c-tools.changes 2017-07-19 12:22:06.083110854 +0200 +++ /work/SRC/openSUSE:Factory/.i2c-tools.new/i2c-tools.changes 2017-11-14 12:39:06.738693062 +0100 @@ -1,0 +2,20 @@ +Mon Oct 30 15:57:32 CET 2017 - [email protected] + +- i2cbusses-path-overflows.patch: Prevent buffer overflow of + sysfs paths. + +------------------------------------------------------------------- +Mon Oct 30 11:45:40 CET 2017 - [email protected] + +- Update to version 4.0: + * New library libi2c + * Many fixes and improvements to decode-dimms + * New manual pages and examples added to existing manual pages + * New tool i2ctransfer +- Removed obsolete decode-dimms-correctly-check-for-out-of-bounds-vendor-id.patch, + i2c-tools-hackweek-9-dependencies.diff, + i2c-tools-hackweek-9-improve-DDR3-support.diff, + i2c-tools-r6048-Move-SMBus-helper-functions.patch, + i2c-tools-r6053-Add-smbus-header.patch (upstream) + +------------------------------------------------------------------- Old: ---- decode-dimms-correctly-check-for-out-of-bounds-vendor-id.patch i2c-tools-3.1.2.tar.sign i2c-tools-3.1.2.tar.xz i2c-tools-hackweek-9-dependencies.diff i2c-tools-hackweek-9-improve-DDR3-support.diff i2c-tools-r6048-Move-SMBus-helper-functions.patch i2c-tools-r6053-Add-smbus-header.patch New: ---- i2c-tools-4.0.tar.sign i2c-tools-4.0.tar.xz i2cbusses-path-overflows.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ i2c-tools.spec ++++++ --- /var/tmp/diff_new_pack.SUd70u/_old 2017-11-14 12:39:08.018646287 +0100 +++ /var/tmp/diff_new_pack.SUd70u/_new 2017-11-14 12:39:08.022646141 +0100 @@ -17,7 +17,7 @@ Name: i2c-tools -Version: 3.1.2 +Version: 4.0 Release: 0 Summary: A heterogeneous set of I2C tools for Linux License: GPL-2.0+ @@ -27,11 +27,7 @@ Url: https://i2c.wiki.kernel.org/index.php/I2C_Tools Source0: https://www.kernel.org/pub/software/utils/i2c-tools/%{name}-%{version}.tar.xz Source1: https://www.kernel.org/pub/software/utils/i2c-tools/%{name}-%{version}.tar.sign -Patch90: i2c-tools-hackweek-9-dependencies.diff -Patch91: i2c-tools-hackweek-9-improve-DDR3-support.diff -Patch92: i2c-tools-r6053-Add-smbus-header.patch -Patch93: i2c-tools-r6048-Move-SMBus-helper-functions.patch -Patch94: decode-dimms-correctly-check-for-out-of-bounds-vendor-id.patch +Patch1: i2cbusses-path-overflows.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build ExcludeArch: s390 s390x @@ -40,29 +36,56 @@ probing tool, a chip dumper, register-level access helpers, EEPROM decoding scripts, and more. +%package -n libi2c0 +Summary: I2C/SMBus bus access library +License: LGPL-2.1+ +Group: System/Libraries + +%description -n libi2c0 +libi2c offers a way for applications to interact with the devices +connected to the I2C or SMBus buses of the system. + +%package -n libi2c0-devel +Summary: I2C/SMBus bus access library +License: LGPL-2.1+ +Group: Development/Libraries/C and C++ +Requires: glibc-devel +Requires: libi2c0 = %{version} +Provides: /usr/include/i2c/smbus.h + +%description -n libi2c0-devel +libi2c offers a way for applications to interact with the devices +connected to the I2C or SMBus buses of the system. + %prep %setup -q -%patch90 -p1 -%patch91 -p1 -%patch92 -p1 -%patch93 -p1 -%patch94 -p1 +%patch1 -p1 %build -make %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS" CC="%{__cc}" +make %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS" CC="%{__cc}" BUILD_STATIC_LIB:=0 %install -make install DESTDIR=$RPM_BUILD_ROOT prefix=/usr +make install DESTDIR=$RPM_BUILD_ROOT prefix=/usr libdir=%{_libdir} BUILD_STATIC_LIB:=0 # cleanup rm -f $RPM_BUILD_ROOT/usr/bin/decode-edid +%post -n libi2c0 -p /sbin/ldconfig + +%postun -n libi2c0 -p /sbin/ldconfig + %files %defattr(-,root,root) /usr/bin/* /usr/sbin/* -%dir /usr/include/i2c -/usr/include/i2c/smbus.h %doc /usr/share/man/man1/*.1.gz %doc /usr/share/man/man8/*.8.gz +%files -n libi2c0 +%{_libdir}/libi2c.so.0* + +%files -n libi2c0-devel +%{_libdir}/libi2c.so +%dir /usr/include/i2c +/usr/include/i2c/smbus.h + %changelog ++++++ i2c-tools-3.1.2.tar.xz -> i2c-tools-4.0.tar.xz ++++++ ++++ 5187 lines of diff (skipped) ++++++ i2cbusses-path-overflows.patch ++++++ From: Jean Delvare <[email protected]> Subject: i2c-tools: i2cbusses: Avoid buffer overflows in sysfs paths Patch-mainline: yes Git-commit: def2845efacab3a3973fb0218ac5077a162f8f1e sprintf isn't safe, use snprintf instead. --- tools/i2cbusses.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) --- a/tools/i2cbusses.c +++ b/tools/i2cbusses.c @@ -220,18 +220,18 @@ struct i2c_adap *gather_i2c_busses(void) /* this should work for kernels 2.6.5 or higher and */ /* is preferred because is unambiguous */ - sprintf(n, "%s/%s/name", sysfs, de->d_name); + snprintf(n, NAME_MAX, "%s/%s/name", sysfs, de->d_name); f = fopen(n, "r"); /* this seems to work for ISA */ if(f == NULL) { - sprintf(n, "%s/%s/device/name", sysfs, de->d_name); + snprintf(n, NAME_MAX, "%s/%s/device/name", sysfs, de->d_name); f = fopen(n, "r"); } /* non-ISA is much harder */ /* and this won't find the correct bus name if a driver has more than one bus */ if(f == NULL) { - sprintf(n, "%s/%s/device", sysfs, de->d_name); + snprintf(n, NAME_MAX, "%s/%s/device", sysfs, de->d_name); if(!(ddir = opendir(n))) continue; while ((dde = readdir(ddir)) != NULL) { @@ -240,8 +240,8 @@ struct i2c_adap *gather_i2c_busses(void) if (!strcmp(dde->d_name, "..")) continue; if ((!strncmp(dde->d_name, "i2c-", 4))) { - sprintf(n, "%s/%s/device/%s/name", - sysfs, de->d_name, dde->d_name); + snprintf(n, NAME_MAX, "%s/%s/device/%s/name", + sysfs, de->d_name, dde->d_name); if((f = fopen(n, "r"))) goto found; }
