rpms/mysqlclient10/devel mysql-buffer-warning.patch, NONE, 1.1 mysqlclient10.spec, 1.8, 1.9
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Thu Dec 15 03:02:53 UTC 2005
Author: tgl
Update of /cvs/dist/rpms/mysqlclient10/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv8443
Modified Files:
mysqlclient10.spec
Added Files:
mysql-buffer-warning.patch
Log Message:
Silence buildsystem security warning (which is about code we're not even
shipping, but apparently maintainers no longer have any say in the matter).
mysql-buffer-warning.patch:
isam/test3.c | 2 +-
myisam/mi_test3.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
--- NEW FILE mysql-buffer-warning.patch ---
This patch is fairly pointless since it fixes a one-byte overflow in test code
that no one will care about or execute in the real world, and in fact isn't
even shipped in mysqlclient10. But must fix to get past our buildsystem
security checker. Patch based on upstream fix; see versions of this patch
file in later mysql packages for more info.
diff -Naur mysql-3.23.58.orig/isam/test3.c mysql-3.23.58/isam/test3.c
--- mysql-3.23.58.orig/isam/test3.c 2003-09-11 07:49:21.000000000 -0400
+++ mysql-3.23.58/isam/test3.c 2005-12-14 21:53:59.000000000 -0500
@@ -357,7 +357,7 @@
}
sprintf(record.id,"%7d",getpid());
- strmov(record.text,"Testing...");
+ strnmov(record.text,"Testing...", sizeof(record.text));
tries=(uint) rnd(100)+10;
for (i=count=0 ; i < tries ; i++)
diff -Naur mysql-3.23.58.orig/myisam/mi_test3.c mysql-3.23.58/myisam/mi_test3.c
--- mysql-3.23.58.orig/myisam/mi_test3.c 2003-09-11 07:49:19.000000000 -0400
+++ mysql-3.23.58/myisam/mi_test3.c 2005-12-14 21:54:30.000000000 -0500
@@ -359,7 +359,7 @@
}
sprintf(record.id,"%7d",getpid());
- strmov(record.text,"Testing...");
+ strnmov(record.text,"Testing...", sizeof(record.text));
tries=(uint) rnd(100)+10;
for (i=count=0 ; i < tries ; i++)
Index: mysqlclient10.spec
===================================================================
RCS file: /cvs/dist/rpms/mysqlclient10/devel/mysqlclient10.spec,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- mysqlclient10.spec 15 Dec 2005 00:00:02 -0000 1.8
+++ mysqlclient10.spec 15 Dec 2005 03:02:46 -0000 1.9
@@ -15,6 +15,7 @@
Patch8: mysql-3.23.58-config.patch
Patch9: mysql-3.23.58-security.patch
Patch10: mysql-no-atomic.patch
+Patch11: mysql-buffer-warning.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-root
Prereq: /sbin/ldconfig, /sbin/install-info, grep, fileutils, chkconfig
BuildRequires: gperf, perl, readline-devel
@@ -56,6 +57,7 @@
%patch8 -p1
%patch9 -p1
%patch10 -p1
+%patch11 -p1
libtoolize --force
aclocal
@@ -154,6 +156,7 @@
put the original my_config.h into my_config_$ARCH.h
- Add license info (COPYING, COPYING.LIB) to the shipped documentation
- Add -fwrapv to CFLAGS so that gcc 4.1 doesn't break it
+- Add mysql-buffer-warning.patch to silence build system security warning
* Fri Apr 8 2005 Tom Lane <tgl at redhat.com> 3.23.58-6
- Avoid dependency on <asm/atomic.h>, cause it won't build anymore on ia64.
More information about the fedora-cvs-commits
mailing list