Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package tdb for openSUSE:Factory checked in at 2026-05-29 18:04:17 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tdb (Old) and /work/SRC/openSUSE:Factory/.tdb.new.1937 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tdb" Fri May 29 18:04:17 2026 rev:48 rq:1355630 version:1.4.15 Changes: -------- --- /work/SRC/openSUSE:Factory/tdb/tdb.changes 2025-12-17 17:34:46.259621506 +0100 +++ /work/SRC/openSUSE:Factory/.tdb.new.1937/tdb.changes 2026-05-29 18:04:33.644038186 +0200 @@ -1,0 +2,8 @@ +Sat Mar 28 20:11:15 UTC 2026 - Noel Power <[email protected]> + +- Update to 1.4.15 + * Fix parse_hex during `tdbtool storehex` + * Remove obsolete web page + * tdbtorture: Fix CID 1034816: proper calloc usage + +------------------------------------------------------------------- Old: ---- tdb-1.4.14.tar.asc tdb-1.4.14.tar.gz New: ---- tdb-1.4.15.tar.asc tdb-1.4.15.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tdb.spec ++++++ --- /var/tmp/diff_new_pack.3nloD4/_old 2026-05-29 18:04:35.308107013 +0200 +++ /var/tmp/diff_new_pack.3nloD4/_new 2026-05-29 18:04:35.308107013 +0200 @@ -1,7 +1,7 @@ # # spec file for package tdb # -# Copyright (c) 2025 SUSE LLC +# Copyright (c) 2026 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,7 +19,7 @@ %{!?python_sitearch: %global python_sitearch %(python -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")} %{!?py3_soflags: %global py3_soflags cpython-%{python3_version_nodots}m} Name: tdb -Version: 1.4.14 +Version: 1.4.15 Release: 0 Summary: Samba Trivial Database License: LGPL-3.0-or-later ++++++ tdb-1.4.14.tar.gz -> tdb-1.4.15.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tdb-1.4.14/ABI/tdb-1.4.15.sigs new/tdb-1.4.15/ABI/tdb-1.4.15.sigs --- old/tdb-1.4.14/ABI/tdb-1.4.15.sigs 1970-01-01 01:00:00.000000000 +0100 +++ new/tdb-1.4.15/ABI/tdb-1.4.15.sigs 2026-01-20 17:01:32.109574800 +0100 @@ -0,0 +1,73 @@ +tdb_add_flags: void (struct tdb_context *, unsigned int) +tdb_append: int (struct tdb_context *, TDB_DATA, TDB_DATA) +tdb_chainlock: int (struct tdb_context *, TDB_DATA) +tdb_chainlock_mark: int (struct tdb_context *, TDB_DATA) +tdb_chainlock_nonblock: int (struct tdb_context *, TDB_DATA) +tdb_chainlock_read: int (struct tdb_context *, TDB_DATA) +tdb_chainlock_read_nonblock: int (struct tdb_context *, TDB_DATA) +tdb_chainlock_unmark: int (struct tdb_context *, TDB_DATA) +tdb_chainunlock: int (struct tdb_context *, TDB_DATA) +tdb_chainunlock_read: int (struct tdb_context *, TDB_DATA) +tdb_check: int (struct tdb_context *, int (*)(TDB_DATA, TDB_DATA, void *), void *) +tdb_close: int (struct tdb_context *) +tdb_delete: int (struct tdb_context *, TDB_DATA) +tdb_dump_all: void (struct tdb_context *) +tdb_enable_seqnum: void (struct tdb_context *) +tdb_error: enum TDB_ERROR (struct tdb_context *) +tdb_errorstr: const char *(struct tdb_context *) +tdb_exists: int (struct tdb_context *, TDB_DATA) +tdb_fd: int (struct tdb_context *) +tdb_fetch: TDB_DATA (struct tdb_context *, TDB_DATA) +tdb_firstkey: TDB_DATA (struct tdb_context *) +tdb_freelist_size: int (struct tdb_context *) +tdb_get_flags: int (struct tdb_context *) +tdb_get_logging_private: void *(struct tdb_context *) +tdb_get_seqnum: int (struct tdb_context *) +tdb_hash_size: int (struct tdb_context *) +tdb_increment_seqnum_nonblock: void (struct tdb_context *) +tdb_jenkins_hash: unsigned int (TDB_DATA *) +tdb_lock_nonblock: int (struct tdb_context *, int, int) +tdb_lockall: int (struct tdb_context *) +tdb_lockall_mark: int (struct tdb_context *) +tdb_lockall_nonblock: int (struct tdb_context *) +tdb_lockall_read: int (struct tdb_context *) +tdb_lockall_read_nonblock: int (struct tdb_context *) +tdb_lockall_unmark: int (struct tdb_context *) +tdb_log_fn: tdb_log_func (struct tdb_context *) +tdb_map_size: size_t (struct tdb_context *) +tdb_name: const char *(struct tdb_context *) +tdb_nextkey: TDB_DATA (struct tdb_context *, TDB_DATA) +tdb_null: dptr = 0xXXXX, dsize = 0 +tdb_open: struct tdb_context *(const char *, int, int, int, mode_t) +tdb_open_ex: struct tdb_context *(const char *, int, int, int, mode_t, const struct tdb_logging_context *, tdb_hash_func) +tdb_parse_record: int (struct tdb_context *, TDB_DATA, int (*)(TDB_DATA, TDB_DATA, void *), void *) +tdb_printfreelist: int (struct tdb_context *) +tdb_remove_flags: void (struct tdb_context *, unsigned int) +tdb_reopen: int (struct tdb_context *) +tdb_reopen_all: int (int) +tdb_repack: int (struct tdb_context *) +tdb_rescue: int (struct tdb_context *, void (*)(TDB_DATA, TDB_DATA, void *), void *) +tdb_runtime_check_for_robust_mutexes: bool (void) +tdb_set_logging_function: void (struct tdb_context *, const struct tdb_logging_context *) +tdb_set_max_dead: void (struct tdb_context *, int) +tdb_setalarm_sigptr: void (struct tdb_context *, volatile sig_atomic_t *) +tdb_store: int (struct tdb_context *, TDB_DATA, TDB_DATA, int) +tdb_storev: int (struct tdb_context *, TDB_DATA, const TDB_DATA *, int, int) +tdb_summary: char *(struct tdb_context *) +tdb_transaction_active: bool (struct tdb_context *) +tdb_transaction_cancel: int (struct tdb_context *) +tdb_transaction_commit: int (struct tdb_context *) +tdb_transaction_prepare_commit: int (struct tdb_context *) +tdb_transaction_start: int (struct tdb_context *) +tdb_transaction_start_nonblock: int (struct tdb_context *) +tdb_transaction_write_lock_mark: int (struct tdb_context *) +tdb_transaction_write_lock_unmark: int (struct tdb_context *) +tdb_traverse: int (struct tdb_context *, tdb_traverse_func, void *) +tdb_traverse_chain: int (struct tdb_context *, unsigned int, tdb_traverse_func, void *) +tdb_traverse_key_chain: int (struct tdb_context *, TDB_DATA, tdb_traverse_func, void *) +tdb_traverse_read: int (struct tdb_context *, tdb_traverse_func, void *) +tdb_unlock: int (struct tdb_context *, int, int) +tdb_unlockall: int (struct tdb_context *) +tdb_unlockall_read: int (struct tdb_context *) +tdb_validate_freelist: int (struct tdb_context *, int *) +tdb_wipe_all: int (struct tdb_context *) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tdb-1.4.14/buildtools/wafsamba/samba_third_party.py new/tdb-1.4.15/buildtools/wafsamba/samba_third_party.py --- old/tdb-1.4.14/buildtools/wafsamba/samba_third_party.py 2025-07-31 13:01:43.540139000 +0200 +++ new/tdb-1.4.15/buildtools/wafsamba/samba_third_party.py 2026-01-20 17:01:32.089574600 +0100 @@ -18,13 +18,13 @@ @conf def CHECK_CMOCKA(conf): - return conf.CHECK_BUNDLED_SYSTEM_PKG('cmocka', minversion='1.1.3') + return conf.CHECK_BUNDLED_SYSTEM_PKG('cmocka', minversion='1.1.8') Build.BuildContext.CHECK_CMOCKA = CHECK_CMOCKA @conf def CHECK_SOCKET_WRAPPER(conf): - return conf.CHECK_BUNDLED_SYSTEM_PKG('socket_wrapper', minversion='1.5.0') + return conf.CHECK_BUNDLED_SYSTEM_PKG('socket_wrapper', minversion='1.5.2') Build.BuildContext.CHECK_SOCKET_WRAPPER = CHECK_SOCKET_WRAPPER @conf diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tdb-1.4.14/buildtools/wafsamba/samba_utils.py new/tdb-1.4.15/buildtools/wafsamba/samba_utils.py --- old/tdb-1.4.14/buildtools/wafsamba/samba_utils.py 2025-06-02 14:52:41.816634000 +0200 +++ new/tdb-1.4.15/buildtools/wafsamba/samba_utils.py 2026-01-20 17:01:32.089574600 +0100 @@ -360,43 +360,6 @@ return result -# make sure we have md5. some systems don't have it -try: - from hashlib import md5 - # Even if hashlib.md5 exists, it may be unusable. - # Try to use MD5 function. In FIPS mode this will cause an exception - # and we'll get to the replacement code - foo = md5(b'abcd') -except: - try: - import md5 - # repeat the same check here, mere success of import is not enough. - # Try to use MD5 function. In FIPS mode this will cause an exception - foo = md5.md5(b'abcd') - except: - Context.SIG_NIL = hash('abcd') - class replace_md5(object): - def __init__(self): - self.val = None - def update(self, val): - self.val = hash((self.val, val)) - def digest(self): - return str(self.val) - def hexdigest(self): - return self.digest().encode('hex') - def replace_h_file(filename): - f = open(filename, 'rb') - m = replace_md5() - while (filename): - filename = f.read(100000) - m.update(filename) - f.close() - return m.digest() - Utils.md5 = replace_md5 - Task.md5 = replace_md5 - Utils.h_file = replace_h_file - - def LOAD_ENVIRONMENT(): '''load the configuration environment, allowing access to env vars from new commands''' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tdb-1.4.14/lib/replace/README new/tdb-1.4.15/lib/replace/README --- old/tdb-1.4.14/lib/replace/README 2025-01-09 09:52:30.294728300 +0100 +++ new/tdb-1.4.15/lib/replace/README 2026-01-20 17:01:32.105574600 +0100 @@ -1,7 +1,7 @@ -This subsystem ensures that we can always use a certain core set of -functions and types, that are either provided by the OS or by replacement -functions / definitions in this subsystem. The aim is to try to stick -to POSIX functions in here as much as possible. Convenience functions +This subsystem ensures that we can always use a certain core set of +functions and types, that are either provided by the OS or by replacement +functions / definitions in this subsystem. The aim is to try to stick +to POSIX functions in here as much as possible. Convenience functions that are available on no platform at all belong in other subsystems (such as LIBUTIL). @@ -72,7 +72,7 @@ realpath poll setproctitle -memset_s +memset_explicit Types: bool diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tdb-1.4.14/lib/replace/replace.c new/tdb-1.4.15/lib/replace/replace.c --- old/tdb-1.4.14/lib/replace/replace.c 2024-12-18 10:06:06.096104000 +0100 +++ new/tdb-1.4.15/lib/replace/replace.c 2026-01-20 17:01:32.109574800 +0100 @@ -1,4 +1,4 @@ -/* +/* Unix SMB/CIFS implementation. replacement routines for broken systems Copyright (C) Andrew Tridgell 1992-1998 @@ -8,7 +8,7 @@ ** NOTE! The following LGPL license applies to the replace ** library. This does NOT imply that all of Samba is released ** under the LGPL - + This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either @@ -37,6 +37,10 @@ #include <sys/syscall.h> #endif +#ifdef HAVE_SYS_PRCTL_H +#include <sys/prctl.h> +#endif + #ifdef _WIN32 #define mkdir(d,m) _mkdir(d) #endif @@ -91,7 +95,7 @@ #endif #ifndef HAVE_STRLCAT -/* like strncat but does not 0 fill the buffer and always null +/* like strncat but does not 0 fill the buffer and always null terminates. bufsize is the length of the buffer, which should be one more than the maximum resulting string length */ size_t rep_strlcat(char *d, const char *s, size_t bufsize) @@ -116,7 +120,7 @@ #ifndef HAVE_MKTIME /******************************************************************* -a mktime() replacement for those who don't have it - contributed by +a mktime() replacement for those who don't have it - contributed by C.A. Lademann <[email protected]> Corrections by [email protected] ********************************************************************/ @@ -137,7 +141,7 @@ return((time_t)-1); n = t->tm_year + 1900 - 1; - epoch = (t->tm_year - 70) * YEAR + + epoch = (t->tm_year - 70) * YEAR + ((n / 4 - n / 100 + n / 400) - (1969 / 4 - 1969 / 100 + 1969 / 400)) * DAY; y = t->tm_year + 1900; @@ -147,7 +151,7 @@ epoch += mon [m] * DAY; if(m == 1 && y % 4 == 0 && (y % 100 != 0 || y % 400 == 0)) epoch += DAY; - + if(++m > 11) { m = 0; y++; @@ -156,7 +160,7 @@ epoch += (t->tm_mday - 1) * DAY; epoch += t->tm_hour * HOUR + t->tm_min * MINUTE + t->tm_sec; - + if((u = localtime(&epoch)) != NULL) { t->tm_sec = u->tm_sec; t->tm_min = u->tm_min; @@ -176,7 +180,7 @@ #ifndef HAVE_INITGROUPS /**************************************************************************** - some systems don't have an initgroups call + some systems don't have an initgroups call ****************************************************************************/ int rep_initgroups(char *name, gid_t id) { @@ -194,7 +198,7 @@ int i,j; struct group *g; char *gr; - + if((grouplst = malloc(sizeof(gid_t) * max_gr)) == NULL) { errno = ENOMEM; return -1; @@ -250,9 +254,9 @@ if (d < s) { /* we can forward copy */ - if (s-d >= sizeof(int) && - !(s%sizeof(int)) && - !(d%sizeof(int)) && + if (s-d >= sizeof(int) && + !(s%sizeof(int)) && + !(d%sizeof(int)) && !(size%sizeof(int))) { /* do it all as words */ int *idest = (int *)dest; @@ -267,9 +271,9 @@ } } else { /* must backward copy */ - if (d-s >= sizeof(int) && - !(s%sizeof(int)) && - !(d%sizeof(int)) && + if (d-s >= sizeof(int) && + !(s%sizeof(int)) && + !(d%sizeof(int)) && !(size%sizeof(int))) { /* do it all as words */ int *idest = (int *)dest; @@ -281,7 +285,7 @@ char *cdest = (char *)dest; char *csrc = (char *)src; for (i=size-1;i>=0;i--) cdest[i] = csrc[i]; - } + } } return(dest); } @@ -334,16 +338,16 @@ size_t rep_strnlen(const char *s, size_t max) { size_t len; - + for (len = 0; len < max; len++) { if (s[len] == '\0') { break; } } - return len; + return len; } #endif - + #ifndef HAVE_STRNDUP /** Some platforms don't have strndup. @@ -351,7 +355,7 @@ char *rep_strndup(const char *s, size_t n) { char *ret; - + n = strnlen(s, n); ret = malloc(n+1); if (!ret) @@ -407,7 +411,7 @@ /***************************************************************** Possibly replace mkstemp if it is broken. -*****************************************************************/ +*****************************************************************/ #ifndef HAVE_SECURE_MKSTEMP int rep_mkstemp(char *template) @@ -425,7 +429,7 @@ char *rep_mkdtemp(char *template) { char *dname; - + if ((dname = mktemp(template))) { if (mkdir(dname, 0700) >= 0) { return dname; @@ -532,7 +536,7 @@ { #ifdef HAVE_STRTOQ return strtoq(str, endptr, base); -#elif defined(HAVE___STRTOLL) +#elif defined(HAVE___STRTOLL) return __strtoll(str, endptr, base); #elif SIZEOF_LONG == SIZEOF_LONG_LONG return (long long int) strtol(str, endptr, base); @@ -568,7 +572,7 @@ { #ifdef HAVE_STRTOUQ return strtouq(str, endptr, base); -#elif defined(HAVE___STRTOULL) +#elif defined(HAVE___STRTOULL) return __strtoull(str, endptr, base); #elif SIZEOF_LONG == SIZEOF_LONG_LONG return (unsigned long long int) strtoul(str, endptr, base); @@ -599,7 +603,7 @@ #endif /* HAVE_STRTOULL */ #ifndef HAVE_SETENV -int rep_setenv(const char *name, const char *value, int overwrite) +int rep_setenv(const char *name, const char *value, int overwrite) { char *p; size_t l1, l2; @@ -644,10 +648,10 @@ for (i=0;environ[i];i++) /* noop */ ; count=i; - + for (i=0;i<count;) { if (strncmp(environ[i], name, len) == 0 && environ[i][len] == '=') { - /* note: we do _not_ free the old variable here. It is unsafe to + /* note: we do _not_ free the old variable here. It is unsafe to do so, as the pointer may not have come from malloc */ memmove(&environ[i], &environ[i+1], (count-i)*sizeof(char *)); count--; @@ -688,7 +692,7 @@ #endif #ifndef HAVE_DUP2 -int rep_dup2(int oldfd, int newfd) +int rep_dup2(int oldfd, int newfd) { errno = ENOSYS; return -1; @@ -944,44 +948,201 @@ #ifndef HAVE_SETPROCTITLE void rep_setproctitle(const char *fmt, ...) { +#if defined(HAVE_PRCTL) && defined(PR_SET_MM_MAP) && defined(__NR_brk) + /* + * Implementation based on setproctitle from lcx under LGPL-2.1+ + * https://github.com/lxc/lxc/ + * + * Using PR_SET_MM_MAP requires CAP_SYS_RESOURCE. + */ + static char *proctitle = NULL; + char *tmp_proctitle = NULL; + char buf[2048] = {0}; + char title[2048] = {0}; + va_list ap; + char *ptr = NULL; + FILE *f = NULL; + size_t title_len; + int ret = 0; + struct prctl_mm_map prctl_map = { + .exe_fd = -1, + }; + long brk_val = 0; + /* See `man proc_pid_stat.5` */ + unsigned long start_code = 0; // 26 + unsigned long end_code = 0; // 27 + unsigned long start_stack = 0; // 28 + + unsigned long start_data = 0; // 45 + unsigned long end_data = 0; // 46 + unsigned long start_brk = 0; // 47 + unsigned long arg_start = 0; // 48 + unsigned long arg_end = 0; // 49 + unsigned long env_start = 0; // 50 + unsigned long env_end = 0; // 51 + + f = fopen("/proc/self/stat", "r"); + if (f == NULL) { + return; + } + + ptr = fgets(buf, sizeof(buf), f); + fclose(f); + if (ptr == NULL) { + return; + } + + /* + * Find the last ')' to skip the comm field which can contain spaces and + * maybe ')'. + */ + ptr = strrchr(buf, ')'); + if (ptr == NULL || ptr[1] == '\0') { + return; + } + ptr += 2; // Skip ') ' + + /* See `man proc_pid_stat.5` */ + ret = sscanf( + ptr, + "%*c " // 3 (state) + "%*d " // 4 (ppid) + "%*d " // 5 (pgrp) + "%*d " // 6 (session) + "%*d " // 7 (tty_nr) + "%*d " // 8 (tpgid) + "%*u " // 9 (flags) + "%*u " // 10 (minflt) + "%*u " // 11 (cminflt) + "%*u " // 12 (majflt) + "%*u " // 13 (cmajflt) + "%*u " // 14 (utime) + "%*u " // 15 (stime) + "%*d " // 16 (cutime) + "%*d " // 17 (cstime) + "%*d " // 18 (priority) + "%*d " // 19 (nice) + "%*d " // 20 (num_threads) + "%*d " // 21 (itrealvalue) + "%*u " // 22 (starttime) + "%*u " // 23 (vsize) + "%*d " // 24 (rss) + "%*u " // 25 (rsslim) + "%lu " // 26 (start_code) + "%lu " // 27 (end_code) + "%lu " // 28 (start_stack) + "%*u " // 29 (kstkesp) + "%*u " // 30 (kstkeip) + "%*u " // 31 (signal) + "%*u " // 32 (blocked) + "%*u " // 33 (sigignore) + "%*u " // 34 (sigcatch) + "%*u " // 35 (wchan) + "%*u " // 36 (nswap) + "%*u " // 37 (cnswap) + "%*d " // 38 (exit_signal) + "%*d " // 39 (processor) + "%*d " // 40 (rt_priority) + "%*u " // 41 (policy) + "%*u " // 42 (delayacct_blkio_ticks) + "%*u " // 43 (guest_time) + "%*d " // 44 (cguest_time) + "%lu " // 45 (start_data) + "%lu " // 46 (end_data) + "%lu " // 47 (start_brk) + "%lu " // 48 (arg_start) + "%lu " // 49 (arg_end) + "%lu " // 50 (env_start) + "%lu", // 51 (env_end) + &start_code, // 26 + &end_code, // 27 + &start_stack, // 28 + &start_data, // 45 + &end_data, // 46 + &start_brk, // 47 + &arg_start, // 48 + &arg_end, // 49 + &env_start, // 50 + &env_end // 51 + ); + if (ret != 10) { + return; + } + + va_start(ap, fmt); + ret = vsnprintf(title, sizeof(title), fmt, ap); + va_end(ap); + if (ret <= 0) { + return; + } + /* + * Include the null byte here, because in the calculations below + * we want to have room for it. + */ + title_len = ret + 1; + + /* This will leak memory */ + tmp_proctitle = realloc(proctitle, title_len); + if (tmp_proctitle == NULL) { + return; + } + proctitle = tmp_proctitle; + + arg_start = (uint64_t)proctitle; + arg_end = arg_start + title_len; + + brk_val = syscall(__NR_brk, 0); + if (brk_val < 0) { + return; + } + + prctl_map = (struct prctl_mm_map) { + .start_code = start_code, + .end_code = end_code, + .start_stack = start_stack, + .start_data = start_data, + .end_data = end_data, + .start_brk = start_brk, + .brk = brk_val, + .arg_start = arg_start, + .arg_end = arg_end, + .env_start = env_start, + .env_end = env_end, + .auxv = NULL, + .auxv_size = 0, + .exe_fd = -1, + }; + + ret = prctl(PR_SET_MM, + PR_SET_MM_MAP, + (long)&prctl_map, + sizeof(prctl_map), + 0); + if (ret == 0) { + strlcpy((char *)arg_start, title, title_len); + } +#endif /* HAVE_PRCTL */ } #endif + #ifndef HAVE_SETPROCTITLE_INIT void rep_setproctitle_init(int argc, char *argv[], char *envp[]) { } #endif -#ifndef HAVE_MEMSET_S -# ifndef RSIZE_MAX -# define RSIZE_MAX (SIZE_MAX >> 1) -# endif - -int rep_memset_s(void *dest, size_t destsz, int ch, size_t count) +#ifndef HAVE_MEMSET_EXPLICIT +void *rep_memset_explicit(void *block, int c, size_t size) { - if (dest == NULL) { - return EINVAL; - } - - if (destsz > RSIZE_MAX || - count > RSIZE_MAX || - count > destsz) { - return ERANGE; - } - -#if defined(HAVE_MEMSET_EXPLICIT) - memset_explicit(dest, ch, count); -#else /* HAVE_MEMSET_EXPLICIT */ - memset(dest, ch, count); -# if defined(HAVE_GCC_VOLATILE_MEMORY_PROTECTION) + void *ptr = memset(block, c, size); +#ifdef HAVE_GCC_VOLATILE_MEMORY_PROTECTION /* See http://llvm.org/bugs/show_bug.cgi?id=15495 */ - __asm__ volatile("" : : "g"(dest) : "memory"); -# endif /* HAVE_GCC_VOLATILE_MEMORY_PROTECTION */ -#endif /* HAVE_MEMSET_EXPLICIT */ + __asm__ volatile("" : : "g"(block) : "memory"); +#endif /* HAVE_GCC_VOLATILE_MEMORY_PROTECTION */ - return 0; + return ptr; } -#endif /* HAVE_MEMSET_S */ +#endif #ifndef HAVE_GETPROGNAME # ifndef HAVE_PROGRAM_INVOCATION_SHORT_NAME diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tdb-1.4.14/lib/replace/replace.h new/tdb-1.4.15/lib/replace/replace.h --- old/tdb-1.4.14/lib/replace/replace.h 2025-01-09 09:52:30.294728300 +0100 +++ new/tdb-1.4.15/lib/replace/replace.h 2026-01-20 17:01:32.109574800 +0100 @@ -811,50 +811,50 @@ /** * Zero a structure. */ -#define ZERO_STRUCT(x) memset_s((char *)&(x), sizeof(x), 0, sizeof(x)) +#define ZERO_STRUCT(x) memset_explicit((char *)&(x), 0, sizeof(x)) /** * Zero a structure given a pointer to the structure. */ #define ZERO_STRUCTP(x) do { \ if ((x) != NULL) { \ - memset_s((char *)(x), sizeof(*(x)), 0, sizeof(*(x))); \ + memset_explicit((char *)(x), 0, sizeof(*(x))); \ } \ } while(0) /** * Zero a structure given a pointer to the structure - no zero check */ -#define ZERO_STRUCTPN(x) memset_s((char *)(x), sizeof(*(x)), 0, sizeof(*(x))) +#define ZERO_STRUCTPN(x) memset_explicit((char *)(x), 0, sizeof(*(x))) /** * Zero an array - note that sizeof(array) must work - ie. it must not be a * pointer */ -#define ZERO_ARRAY(x) memset_s((char *)(x), sizeof(x), 0, sizeof(x)) +#define ZERO_ARRAY(x) memset_explicit((char *)(x), 0, sizeof(x)) /** * Zero a given len of an array */ -#define ZERO_ARRAY_LEN(x, l) memset_s((char *)(x), (l), 0, (l)) +#define ZERO_ARRAY_LEN(x, l) memset_explicit((char *)(x), 0, (l)) /** * Explicitly zero data from memory. This is guaranteed to be not optimized * away. */ -#define BURN_DATA(x) memset_s((char *)&(x), sizeof(x), 0, sizeof(x)) +#define BURN_DATA(x) memset_explicit((char *)&(x), 0, sizeof(x)) /** * Explicitly zero data from memory. This is guaranteed to be not optimized * away. */ -#define BURN_DATA_SIZE(x, s) memset_s((char *)&(x), (s), 0, (s)) +#define BURN_DATA_SIZE(x, s) memset_explicit((char *)&(x), 0, (s)) /** * Explicitly zero data from memory. This is guaranteed to be not optimized * away. */ -#define BURN_PTR_SIZE(x, s) memset_s((x), (s), 0, (s)) +#define BURN_PTR_SIZE(x, s) memset_explicit((x), 0, (s)) /** * Explicitly zero data in string. This is guaranteed to be not optimized @@ -863,7 +863,7 @@ #define BURN_STR(x) do { \ if ((x) != NULL) { \ size_t s = strlen(x); \ - memset_s((x), s, 0, s); \ + memset_explicit((x), 0, s); \ } \ } while(0) @@ -990,9 +990,9 @@ void rep_setproctitle_init(int argc, char *argv[], char *envp[]); #endif -#ifndef HAVE_MEMSET_S -#define memset_s rep_memset_s -int rep_memset_s(void *dest, size_t destsz, int ch, size_t count); +#ifndef HAVE_MEMSET_EXPLICIT +#define memset_explicit rep_memset_explicit +void *rep_memset_explicit(void *block, int c, size_t size); #endif #ifndef HAVE_GETPROGNAME diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tdb-1.4.14/lib/replace/tests/test_memset_explicit.c new/tdb-1.4.15/lib/replace/tests/test_memset_explicit.c --- old/tdb-1.4.14/lib/replace/tests/test_memset_explicit.c 1970-01-01 01:00:00.000000000 +0100 +++ new/tdb-1.4.15/lib/replace/tests/test_memset_explicit.c 2026-01-20 17:01:32.109574800 +0100 @@ -0,0 +1,99 @@ +#include <stdarg.h> +#include <stddef.h> +#include <stdint.h> +#include <setjmp.h> +#include <cmocka.h> + +#include "lib/replace/replace.h" + + +/* + * To check that a memset_explicit string is being memset when it + * appears unused, we meed to be sneaky in our check -- otherwise the + * check counts as a use. + * + * We are sneaky by using a function that seens to take an int + * argument which is really a pointer, and we hide that it is a + * pointer by masking it. + * + * For these tests we don't use talloc because the talloc magic gets + * in the way a little bit. + */ + +#define MASK 0x12345678 + +__attribute__((noinline)) +static void check_memset_explicit(intmax_t p, const char *expected, size_t len) +{ + size_t i; + char *secret = (char *) (p ^ MASK); + for (i = 0; i < len; i++) { + assert_int_equal(secret[i], expected[i]); + } +} + + +__attribute__((noinline)) +static char *get_secret(off_t offset) +{ + char * secret = malloc(7 + offset); + memset(secret, 0, 7 + offset); + memcpy(secret + offset, "secret", 7); + /* avoiding *this* being elided */ + print_message("secret is '%s'\n", secret); + asm(""); + return secret; +} + + +static void test_memset_explicit(void ** state) +{ + uintptr_t p; + char zeros[7] = {0}; + char *secret = get_secret(0); + p = ((uintptr_t)secret) ^ MASK; + memset_explicit(secret, 'o', 3); + check_memset_explicit(p, "oooret", 7); + memset_explicit(secret, 0, 7); + check_memset_explicit(p, zeros, 7); + free(secret); +} + +static void test_memset_explicit_double_alloc(void ** state) +{ + size_t i, found; + uintptr_t p, q; + char *secret = get_secret(20); + p = (uintptr_t)secret ^ MASK; + memset_explicit(secret, 'x', 23); + free(secret); + /* + * Now we malloc the same size again, and hope we got the + * block we just freed. + */ + found = 0; + for (i = 0; i < 1000; i++) { + secret = malloc(27); + q = (uintptr_t)secret ^ MASK; + if (q == p) { + q = (uintptr_t)(secret + 20) ^ MASK; + check_memset_explicit(q, "xxxret", 7); + found ++; + } + free(secret); + } + print_message("found freed pointer %zu/1000 times \n", + found); +} + +int main(void) +{ + const struct CMUnitTest tests[] = { + cmocka_unit_test(test_memset_explicit), + cmocka_unit_test(test_memset_explicit_double_alloc), + }; + if (! isatty(1)) { + cmocka_set_message_output(CM_OUTPUT_SUBUNIT); + } + return cmocka_run_group_tests(tests, NULL, NULL); +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tdb-1.4.14/lib/replace/wscript new/tdb-1.4.15/lib/replace/wscript --- old/tdb-1.4.14/lib/replace/wscript 2025-01-09 09:52:30.298728500 +0100 +++ new/tdb-1.4.15/lib/replace/wscript 2026-01-20 17:01:32.109574800 +0100 @@ -439,7 +439,7 @@ msg='Checking for posix_fallocate-capable libc'): conf.CHECK_FUNCS('posix_fallocate') - conf.CHECK_FUNCS('prctl dirname basename') + conf.CHECK_FUNCS('dirname basename') strlcpy_in_bsd = False @@ -890,7 +890,7 @@ 'utime', 'utimes', 'dup2', 'chown', 'link', 'readlink', 'symlink', 'lchown', 'realpath', 'memmem', 'vdprintf', 'dprintf', 'get_current_dir_name', 'copy_file_range', - 'strerror_r', 'clock_gettime', 'memset_s'], + 'strerror_r', 'clock_gettime', 'memset_explicit'], 'timegm.c': ['timegm'], # Note: C99_VSNPRINTF is not a function, but a special condition # for replacement @@ -973,6 +973,11 @@ deps='replace replace-test', install=False) + bld.SAMBA_BINARY('test_memset_explicit', + source='tests/test_memset_explicit.c', + deps='cmocka replace', + for_selftest=True) + # build replacements for stdint.h and stdbool.h if needed bld.SAMBA_GENERATOR('replace_stdint_h', rule='cp ${SRC} ${TGT}', diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tdb-1.4.14/tools/tdbtool.c new/tdb-1.4.15/tools/tdbtool.c --- old/tdb-1.4.14/tools/tdbtool.c 2025-08-07 10:10:12.491994000 +0200 +++ new/tdb-1.4.15/tools/tdbtool.c 2026-01-20 17:01:32.109574800 +0100 @@ -363,13 +363,13 @@ static bool parse_hex(const char *src, size_t srclen, uint8_t *dst) { - size_t i=0; + const char *end = src + srclen; if ((srclen % 2) != 0) { return false; } - while (i<srclen) { + while (src < end) { bool ok = hex_byte(src, dst); if (!ok) { return false; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tdb-1.4.14/tools/tdbtorture.c new/tdb-1.4.15/tools/tdbtorture.c --- old/tdb-1.4.14/tools/tdbtorture.c 2022-03-02 12:26:09.156422900 +0100 +++ new/tdb-1.4.15/tools/tdbtorture.c 2026-01-20 17:01:32.109574800 +0100 @@ -314,7 +314,7 @@ { int i, seed = -1; int num_loops = 5000; - int num_procs = 3; + unsigned num_procs = 3; int c, pfds[2]; extern char *optarg; pid_t *pids; @@ -327,7 +327,7 @@ while ((c = getopt(argc, argv, "n:l:s:H:thkm")) != -1) { switch (c) { case 'n': - num_procs = strtol(optarg, NULL, 0); + num_procs = strtoul(optarg, NULL, 0); break; case 'l': num_loops = strtol(optarg, NULL, 0); @@ -364,7 +364,7 @@ seed = (getpid() + time(NULL)) & 0x7FFFFFFF; } - printf("Testing with %d processes, %d loops, %d hash_size, seed=%d%s\n", + printf("Testing with %u processes, %d loops, %d hash_size, seed=%d%s\n", num_procs, num_loops, hash_size, seed, (always_transaction ? " (all within transactions)" : "")); @@ -374,12 +374,12 @@ goto done; } - pids = (pid_t *)calloc(sizeof(pid_t), num_procs); + pids = (pid_t *)calloc(num_procs, sizeof(pid_t)); if (pids == NULL) { perror("Unable to allocate memory for pids"); exit(1); } - done = (int *)calloc(sizeof(int), num_procs); + done = (int *)calloc(num_procs, sizeof(int)); if (done == NULL) { perror("Unable to allocate memory for done"); exit(1); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tdb-1.4.14/web/index.html new/tdb-1.4.15/web/index.html --- old/tdb-1.4.14/web/index.html 2022-03-02 12:26:09.156422900 +0100 +++ new/tdb-1.4.15/web/index.html 1970-01-01 01:00:00.000000000 +0100 @@ -1,48 +0,0 @@ -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> -<HTML> -<HEAD> -<TITLE>ldb</TITLE> -</HEAD> -<BODY BGCOLOR="#ffffff" TEXT="#000000" VLINK="#292555" LINK="#292555" ALINK="#cc0033"> - -<h1>tdb</h1> - -TDB is a Trivial Database. In concept, it is very much like GDBM, and BSD's DB -except that it allows multiple simultaneous writers and uses locking -internally to keep writers from trampling on each other. TDB is also extremely -small. - -<h2>Download</h2> -You can download the latest releases of tdb from the <a -href="http://samba.org/ftp/tdb";>tdb directory</a> on the samba public -source archive. - - -<h2>Discussion and bug reports</h2> - -tdb does not currently have its own mailing list or bug tracking -system. For now, please use the <a -href="https://lists.samba.org/mailman/listinfo/samba-technical";>samba-technical</a> -mailing list, and the <a href="http://bugzilla.samba.org/";>Samba -bugzilla</a> bug tracking system. - -<h2>Download</h2> - -You can download the latest code either via git or rsync.<br> -<br> -To fetch via git see the following guide:<br> -<a href="http://wiki.samba.org/index.php/Using_Git_for_Samba_Development";>Using Git for Samba Development</a><br> -Once you have cloned the tree switch to the master branch and cd into the source/lib/tdb directory.<br> -<br> -To fetch via rsync use these commands: - -<pre> - rsync -Pavz samba.org::ftp/unpacked/standalone_projects/lib/tdb . - rsync -Pavz samba.org::ftp/unpacked/standalone_projects/lib/replace . -</pre> - -and build in tdb. It will find the replace library in the directory -above automatically. - -</BODY> -</HTML> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tdb-1.4.14/wscript new/tdb-1.4.15/wscript --- old/tdb-1.4.14/wscript 2025-08-07 17:06:32.345894000 +0200 +++ new/tdb-1.4.15/wscript 2026-01-20 17:01:32.109574800 +0100 @@ -1,7 +1,7 @@ #!/usr/bin/env python APPNAME = 'tdb' -VERSION = '1.4.14' +VERSION = '1.4.15' import sys, os
