Hello community, here is the log from the commit of package libeconf for openSUSE:Factory checked in at 2020-02-15 22:21:33 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libeconf (Old) and /work/SRC/openSUSE:Factory/.libeconf.new.26092 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libeconf" Sat Feb 15 22:21:33 2020 rev:6 rq:769722 version:0.3.5+git20200203.3144b69 Changes: -------- --- /work/SRC/openSUSE:Factory/libeconf/libeconf.changes 2019-11-01 15:12:53.616657679 +0100 +++ /work/SRC/openSUSE:Factory/.libeconf.new.26092/libeconf.changes 2020-02-15 22:21:33.783184593 +0100 @@ -1,0 +2,19 @@ +Mon Feb 03 16:21:51 UTC 2020 - rbr...@suse.com + +- Update to version 0.3.5+git20200203.3144b69: + * Release version 0.3.5 + * Use float.h instead of obsolete gnuism values.h + * Remove gnuism (strdupa) + * Check for empty value (NULL pointer) before calling strdup. + +------------------------------------------------------------------- +Tue Jan 21 14:53:44 UTC 2020 - rbr...@suse.com + +- Update to version 0.3.4+git20200121.febebf2: + * Release version 0.3.4 + * Fix buffer overflow in econf_readDirs + * Fix parsing of quoted strings, and values starting with delimiters + * tests: add test for quoted strings + * tests: tst-configdirs5: fix config dir paths + +------------------------------------------------------------------- Old: ---- libeconf-0.3.3+git20191028.3ac14ce.tar.xz New: ---- libeconf-0.3.5+git20200203.3144b69.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libeconf.spec ++++++ --- /var/tmp/diff_new_pack.XArnl8/_old 2020-02-15 22:21:34.259184850 +0100 +++ /var/tmp/diff_new_pack.XArnl8/_new 2020-02-15 22:21:34.259184850 +0100 @@ -1,7 +1,7 @@ # # spec file for package libeconf # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,12 +18,12 @@ %define lname libeconf0 Name: libeconf -Version: 0.3.3+git20191028.3ac14ce +Version: 0.3.5+git20200203.3144b69 Release: 0 Summary: Enhanced config file parser ala systemd License: LGPL-2.1-or-later Group: Development/Libraries/C and C++ -Url: https://github.com/openSUSE/libeconf +URL: https://github.com/openSUSE/libeconf Source: libeconf-%{version}.tar.xz Source2: baselibs.conf BuildRequires: autoconf ++++++ _service ++++++ --- /var/tmp/diff_new_pack.XArnl8/_old 2020-02-15 22:21:34.295184869 +0100 +++ /var/tmp/diff_new_pack.XArnl8/_new 2020-02-15 22:21:34.295184869 +0100 @@ -1,7 +1,7 @@ <services> <service name="tar_scm" mode="disabled"> - <param name="version">0.3.3</param> - <param name="versionformat">0.3.3+git%cd.%h</param> + <param name="version">0.3.5</param> + <param name="versionformat">0.3.5+git%cd.%h</param> <param name="url">git://github.com/openSUSE/libeconf.git</param> <param name="scm">git</param> <param name="changesgenerate">enable</param> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.XArnl8/_old 2020-02-15 22:21:34.311184878 +0100 +++ /var/tmp/diff_new_pack.XArnl8/_new 2020-02-15 22:21:34.311184878 +0100 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">git://github.com/openSUSE/libeconf.git</param> - <param name="changesrevision">3ac14cec7a092f33c8ff138c00da331455d7b81e</param> + <param name="changesrevision">3144b69a1876296f5e6d1c2e6be24cd149561ddf</param> </service> </servicedata> \ No newline at end of file ++++++ libeconf-0.3.3+git20191028.3ac14ce.tar.xz -> libeconf-0.3.5+git20200203.3144b69.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libeconf-0.3.3+git20191028.3ac14ce/NEWS new/libeconf-0.3.5+git20200203.3144b69/NEWS --- old/libeconf-0.3.3+git20191028.3ac14ce/NEWS 2019-10-28 13:03:06.000000000 +0100 +++ new/libeconf-0.3.5+git20200203.3144b69/NEWS 2020-02-03 17:16:31.000000000 +0100 @@ -1,3 +1,11 @@ +Version 0.3.5 +* Initial Haiku Port +* Bugfix: helpers.c - Check for empty value (NULL pointer) before calling strdup. + +Version 0.3.4 +* Fix parsing of quoted strings, and values starting with delimiters +* Fix buffer overflow in econf_readDirs + Version 0.3.3 * Reset *key_file to NULL after free diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libeconf-0.3.3+git20191028.3ac14ce/configure.ac new/libeconf-0.3.5+git20200203.3144b69/configure.ac --- old/libeconf-0.3.3+git20191028.3ac14ce/configure.ac 2019-10-28 13:03:06.000000000 +0100 +++ new/libeconf-0.3.5+git20200203.3144b69/configure.ac 2020-02-03 17:16:31.000000000 +0100 @@ -1,4 +1,4 @@ -AC_INIT([libeconf], [0.3.3]) +AC_INIT([libeconf], [0.3.5]) AC_SUBST(PACKAGE) AC_SUBST(VERSION) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libeconf-0.3.3+git20191028.3ac14ce/lib/getfilecontents.c new/libeconf-0.3.5+git20200203.3144b69/lib/getfilecontents.c --- old/libeconf-0.3.3+git20191028.3ac14ce/lib/getfilecontents.c 2019-10-28 13:03:06.000000000 +0100 +++ new/libeconf-0.3.5+git20200203.3144b69/lib/getfilecontents.c 2020-02-03 17:16:31.000000000 +0100 @@ -67,6 +67,22 @@ return ECONF_SUCCESS; } +static void +check_delim(const char *str, bool *has_wsp, bool *has_nonwsp) +{ + const char *p; + *has_wsp = *has_nonwsp = false; + + if (str == NULL) + return; + for (p = str; *p && !(*has_wsp && *has_nonwsp); p++) { + if (isspace((unsigned)*p)) + *has_wsp = true; + else + *has_nonwsp = true; + } +} + /* Read the file line by line and parse for comments, keys and values */ econf_err read_file(econf_file *ef, const char *file, @@ -76,12 +92,14 @@ char *current_group = NULL; econf_err retval = ECONF_SUCCESS; uint64_t line = 0; - + bool has_wsp, has_nonwsp; FILE *kf = fopen(file, "rbe"); if (kf == NULL) return ECONF_NOFILE; + check_delim(delim, &has_wsp, &has_nonwsp); + ef->path = strdup (file); if (ef->path == NULL) { fclose (kf); @@ -91,6 +109,7 @@ while (fgets(buf, sizeof(buf), kf)) { char *p, *name, *data = NULL; + bool quote_seen = false, delim_seen = false; line++; @@ -139,8 +158,19 @@ while (*data && !(isspace((unsigned)*data) || strchr(delim, *data) != NULL)) data++; - if (data > name && *data) + if (data > name && *data) { + if (has_wsp && has_nonwsp) + /* + * delim contains both whitespace and non-whitespace characters. + * In this case delim_seen has the special meaning "non-whitespace + * delim seen". See comment below. + */ + delim_seen = !isspace((unsigned)*data) && + strchr(delim, *data) != NULL; + else + delim_seen = strchr(delim, *data) != NULL; *data++ = '\0'; + } if (!*name || data == name) continue; @@ -151,17 +181,59 @@ data = NULL; else { /* go to the begin of the value */ - while (*data - && (isspace((unsigned)*data) || strchr(delim, *data) != NULL - || *data == '"')) + while (*data && isspace((unsigned)*data)) data++; + if (!has_wsp && !delim_seen) { + /* + * If delim consists only of non-whitespace characters, + * require at least one delimiter, and skip more whitespace + * after it. + */ + if (!*data || strchr(delim, *data) == NULL) { + retval = ECONF_PARSE_ERROR; + goto out; + } + data++; + while (*data && isspace((unsigned)*data)) + data++; + } else if (has_wsp && has_nonwsp && !delim_seen && + *data && strchr(delim, *data) != NULL) { + /* + * If delim contains both whitespace and non-whitespace characters, + * use any combination of one non-whitespace delimiter and + * many whitespace delimiters as separator, but not multiple + * non-whitespace delimiters. Example with delim = " =": + * key value -> "value" + * key=value -> "value" + * key = value -> "value" + * key= value -> "value" + * key == value -> "= value" + * key==value -> "=value" + */ + data++; + while (*data && isspace((unsigned)*data)) + data++; + } + if (*data == '"') { + quote_seen = true; + data++; + } /* remove space at the end of the value */ p = data + strlen(data); if (p > data) p--; - while (p > data && (isspace((unsigned)*p) || *p == '"')) - *p-- = '\0'; + while (p > data && (isspace((unsigned)*p))) + p--; + /* Strip double quotes only if both leading and trainling quote exist. */ + if (p > data && quote_seen) { + if (*p == '"') + p--; + else + data--; + } + if (*(p + 1) != '\0') + *(p + 1) = '\0'; } retval = store(ef, current_group, name, data, line); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libeconf-0.3.3+git20191028.3ac14ce/lib/helpers.c new/libeconf-0.3.5+git20200203.3144b69/lib/helpers.c --- old/libeconf-0.3.3+git20191028.3ac14ce/lib/helpers.c 2019-10-28 13:03:06.000000000 +0100 +++ new/libeconf-0.3.5+git20200203.3144b69/lib/helpers.c 2020-02-03 17:16:31.000000000 +0100 @@ -1,5 +1,5 @@ /* - Copyright (C) 2019 SUSE LLC + Copyright (C) 2019, 2020 SUSE LLC Author: Pascal Arlt <pa...@suse.com> Permission is hereby granted, free of charge, to any person obtaining a copy @@ -210,6 +210,9 @@ struct file_entry copied_fe; copied_fe.group = strdup(fe.group); copied_fe.key = strdup(fe.key); - copied_fe.value = strdup(fe.value); + if (fe.value) + copied_fe.value = strdup(fe.value); + else + copied_fe.value = NULL; return copied_fe; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libeconf-0.3.3+git20191028.3ac14ce/lib/keyfile.c new/libeconf-0.3.5+git20200203.3144b69/lib/keyfile.c --- old/libeconf-0.3.3+git20191028.3ac14ce/lib/keyfile.c 2019-10-28 13:03:06.000000000 +0100 +++ new/libeconf-0.3.5+git20200203.3144b69/lib/keyfile.c 2020-02-03 17:16:31.000000000 +0100 @@ -88,9 +88,10 @@ econf_err getBoolValueNum(econf_file key_file, size_t num, bool *result) { char *value, *tmp; - tmp = strdupa(key_file.file_entry[num].value); + tmp = strdup(key_file.file_entry[num].value); value = toLowerCase(tmp); size_t hash = hashstring(toLowerCase(key_file.file_entry[num].value)); + econf_err err = ECONF_SUCCESS; if ((*value == '1' && strlen(tmp) == 1) || hash == YES || hash == TRUE) *result = true; @@ -98,9 +99,10 @@ hash == NO || hash == FALSE) *result = false; else - return ECONF_PARSE_ERROR; + err = ECONF_PARSE_ERROR; - return ECONF_SUCCESS; + free(tmp); + return err; } /* --- SETTERS --- */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libeconf-0.3.3+git20191028.3ac14ce/lib/libeconf.c new/libeconf-0.3.5+git20200203.3144b69/lib/libeconf.c --- old/libeconf-0.3.3+git20191028.3ac14ce/lib/libeconf.c 2019-10-28 13:03:06.000000000 +0100 +++ new/libeconf-0.3.5+git20200203.3144b69/lib/libeconf.c 2020-02-03 17:16:31.000000000 +0100 @@ -167,7 +167,7 @@ suffix = config_suffix; else { - cp = alloca (strlen(config_suffix + 2)); + cp = alloca (strlen(config_suffix) + 2); cp[0] = '.'; strcpy(cp+1, config_suffix); suffix = cp; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libeconf-0.3.3+git20191028.3ac14ce/tests/Makefile.am new/libeconf-0.3.5+git20200203.3144b69/tests/Makefile.am --- old/libeconf-0.3.3+git20191028.3ac14ce/tests/Makefile.am 2019-10-28 13:03:06.000000000 +0100 +++ new/libeconf-0.3.5+git20200203.3144b69/tests/Makefile.am 2020-02-03 17:16:31.000000000 +0100 @@ -9,7 +9,8 @@ tst-merge5-data \ tst-getconfdirs1-data tst-getconfdirs3-data \ tst-getconfdirs4-data tst-getconfdirs5-data tst-getconfdirs6-data \ - tst-arguments5-data tst-groups3-data tst-parseconfig-data + tst-arguments5-data tst-groups3-data tst-parseconfig-data \ + tst-quote1-data TESTS = tst-filedoesnotexit1 tst-merge1 tst-merge2 tst-merge3 tst-merge4 \ tst-merge5 \ @@ -21,9 +22,10 @@ tst-econf_errstring1 \ tst-setgetvalues1 \ tst-groups1 tst-groups2 tst-groups3 tst-groups4 \ - tst-parseconfig1 + tst-parseconfig1 \ + tst-quote1 -XFAIL_TESTS = tst-getconfdirs5 +XFAIL_TESTS = check_PROGRAMS = ${TESTS} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libeconf-0.3.3+git20191028.3ac14ce/tests/tst-getconfdirs5-data/etc/sysctl.conf.d/getconfdir.conf new/libeconf-0.3.5+git20200203.3144b69/tests/tst-getconfdirs5-data/etc/sysctl.conf.d/getconfdir.conf --- old/libeconf-0.3.3+git20191028.3ac14ce/tests/tst-getconfdirs5-data/etc/sysctl.conf.d/getconfdir.conf 1970-01-01 01:00:00.000000000 +0100 +++ new/libeconf-0.3.5+git20200203.3144b69/tests/tst-getconfdirs5-data/etc/sysctl.conf.d/getconfdir.conf 2020-02-03 17:16:31.000000000 +0100 @@ -0,0 +1,2 @@ +KEY1=etc +ETC=true diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libeconf-0.3.3+git20191028.3ac14ce/tests/tst-getconfdirs5-data/etc/sysctl.d/getconfdir.conf new/libeconf-0.3.5+git20200203.3144b69/tests/tst-getconfdirs5-data/etc/sysctl.d/getconfdir.conf --- old/libeconf-0.3.3+git20191028.3ac14ce/tests/tst-getconfdirs5-data/etc/sysctl.d/getconfdir.conf 2019-10-28 13:03:06.000000000 +0100 +++ new/libeconf-0.3.5+git20200203.3144b69/tests/tst-getconfdirs5-data/etc/sysctl.d/getconfdir.conf 1970-01-01 01:00:00.000000000 +0100 @@ -1,2 +0,0 @@ -KEY1=etc -ETC=true diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libeconf-0.3.3+git20191028.3ac14ce/tests/tst-getconfdirs5-data/usr/etc/sysctl.conf.d/getconfdir.conf new/libeconf-0.3.5+git20200203.3144b69/tests/tst-getconfdirs5-data/usr/etc/sysctl.conf.d/getconfdir.conf --- old/libeconf-0.3.3+git20191028.3ac14ce/tests/tst-getconfdirs5-data/usr/etc/sysctl.conf.d/getconfdir.conf 1970-01-01 01:00:00.000000000 +0100 +++ new/libeconf-0.3.5+git20200203.3144b69/tests/tst-getconfdirs5-data/usr/etc/sysctl.conf.d/getconfdir.conf 2020-02-03 17:16:31.000000000 +0100 @@ -0,0 +1,2 @@ +KEY1=usretc +USRETC=true diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libeconf-0.3.3+git20191028.3ac14ce/tests/tst-getconfdirs5-data/usr/etc/sysctl.d/getconfdir.conf new/libeconf-0.3.5+git20200203.3144b69/tests/tst-getconfdirs5-data/usr/etc/sysctl.d/getconfdir.conf --- old/libeconf-0.3.3+git20191028.3ac14ce/tests/tst-getconfdirs5-data/usr/etc/sysctl.d/getconfdir.conf 2019-10-28 13:03:06.000000000 +0100 +++ new/libeconf-0.3.5+git20200203.3144b69/tests/tst-getconfdirs5-data/usr/etc/sysctl.d/getconfdir.conf 1970-01-01 01:00:00.000000000 +0100 @@ -1,2 +0,0 @@ -KEY1=usretc -USRETC=true diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libeconf-0.3.3+git20191028.3ac14ce/tests/tst-groups1.c new/libeconf-0.3.5+git20200203.3144b69/tests/tst-groups1.c --- old/libeconf-0.3.3+git20191028.3ac14ce/tests/tst-groups1.c 2019-10-28 13:03:06.000000000 +0100 +++ new/libeconf-0.3.5+git20200203.3144b69/tests/tst-groups1.c 2020-02-03 17:16:31.000000000 +0100 @@ -5,7 +5,7 @@ #include <stdio.h> #include <string.h> #include <stdint.h> -#include <values.h> +#include <float.h> #include "libeconf.h" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libeconf-0.3.3+git20191028.3ac14ce/tests/tst-quote1-data/quote.conf new/libeconf-0.3.5+git20200203.3144b69/tests/tst-quote1-data/quote.conf --- old/libeconf-0.3.3+git20191028.3ac14ce/tests/tst-quote1-data/quote.conf 1970-01-01 01:00:00.000000000 +0100 +++ new/libeconf-0.3.5+git20200203.3144b69/tests/tst-quote1-data/quote.conf 2020-02-03 17:16:31.000000000 +0100 @@ -0,0 +1,21 @@ +[quote] +unquoted = unquoted +spaces_1 = spaces 1 +spaces_2 = " spaces 2 " +begin_quote = ""begin_quote" +mid_quote = mid"quote +end_quote = "end quote"" +quoted_word = "a "quoted" word" +quoted_word1 = "a 'quoted' word" +quoted_string = ""a quoted string"" +quoted_string1 = "'a quoted string'" +unbal1 = "unbalanced +unbal2 = unbalanced" +unbal3 = "not "well" balanced +unbal4 = not "well" balanced" +quoted_delim = "a=b" +quoted_delim1 = "=>b" +unquoted_delim = a=b +unquoted_delim1 = =>b +unquoted_delim2=a=b +unquoted_delim3==>b diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libeconf-0.3.3+git20191028.3ac14ce/tests/tst-quote1.c new/libeconf-0.3.5+git20200203.3144b69/tests/tst-quote1.c --- old/libeconf-0.3.3+git20191028.3ac14ce/tests/tst-quote1.c 1970-01-01 01:00:00.000000000 +0100 +++ new/libeconf-0.3.5+git20200203.3144b69/tests/tst-quote1.c 2020-02-03 17:16:31.000000000 +0100 @@ -0,0 +1,96 @@ +#ifdef HAVE_CONFIG_H +# include <config.h> +#endif + +#include <stdio.h> +#include <string.h> + +#include "libeconf.h" + +/* Test case: + Read quoted strings from conf file +*/ + +static int +print_error_get (const char *getgroup, const char *key, econf_err error) +{ + fprintf (stderr, "ERROR: tried to get '%s' from '%s': %s\n", + key, getgroup, econf_errString(error)); + return 1; +} + +static bool +check_String (econf_file *key_file, const char *group, + const char *key, const char *value) +{ + econf_err error; + char *val_String; + + if ((error = econf_getStringValue(key_file, group, key, &val_String))) + { + print_error_get (group, key, error); + return false; + } + + if ((value == NULL && val_String != NULL) || + (value != NULL && val_String == NULL) || + strcmp(val_String, value)) + { + fprintf (stderr, "ERROR: Expected String: '%s', Got: '%s'\n", + value, val_String); + return false; + } + free(val_String); + return true; +} + + +int +main(void) +{ + econf_file *key_file = NULL; + const char *group="quote"; + econf_err error; + int retval = 0; + static const struct { + const char *const key; + const char *const val; + } tests[] = { + { "unquoted", "unquoted" }, + { "spaces_1", "spaces 1" }, + { "spaces_2", " spaces 2 " }, + { "mid_quote", "mid\"quote" }, + { "begin_quote", "\"begin_quote" }, + { "end_quote", "end quote\"", }, + { "quoted_word", "a \"quoted\" word", }, + { "quoted_word1", "a 'quoted' word", }, + { "quoted_string", "\"a quoted string\"", }, + { "quoted_string1", "'a quoted string'", }, + { "unbal1", "\"unbalanced", }, + { "unbal2", "unbalanced\"", }, + { "unbal3", "\"not \"well\" balanced", }, + { "unbal4", "not \"well\" balanced\"", }, + { "quoted_delim", "a=b", }, + { "quoted_delim1", "=>b", }, + { "unquoted_delim", "a=b", }, + { "unquoted_delim1", "=>b", }, + { "unquoted_delim2", "a=b", }, + { "unquoted_delim3", "=>b", }, + }; + unsigned int i; + + if ((error = econf_readFile (&key_file, TESTSDIR"tst-quote1-data/quote.conf", "=", "#"))) + { + fprintf (stderr, "ERROR: couldn't read configuration file: %s\n", econf_errString(error)); + return 1; + } + + for (i = 0; i < sizeof(tests)/sizeof(*tests); i++) + { + if (!check_String(key_file, group, tests[i].key, tests[i].val)) + retval = 1; + } + + econf_free(key_file); + return retval; +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libeconf-0.3.3+git20191028.3ac14ce/tests/tst-setgetvalues1.c new/libeconf-0.3.5+git20200203.3144b69/tests/tst-setgetvalues1.c --- old/libeconf-0.3.3+git20191028.3ac14ce/tests/tst-setgetvalues1.c 2019-10-28 13:03:06.000000000 +0100 +++ new/libeconf-0.3.5+git20200203.3144b69/tests/tst-setgetvalues1.c 2020-02-03 17:16:31.000000000 +0100 @@ -5,7 +5,7 @@ #include <stdio.h> #include <string.h> #include <stdint.h> -#include <values.h> +#include <float.h> #include <inttypes.h> #include "libeconf.h"