From b8464784074214fb4edd3d87a183f02249a8e54d Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Feb 04 2019 12:41:49 +0000 Subject: 4.1 --- diff --git a/0001-i2c-tools-i2cbusses-Avoid-buffer-overflows-in-sysfs-.patch b/0001-i2c-tools-i2cbusses-Avoid-buffer-overflows-in-sysfs-.patch deleted file mode 100644 index 043177e..0000000 --- a/0001-i2c-tools-i2cbusses-Avoid-buffer-overflows-in-sysfs-.patch +++ /dev/null @@ -1,66 +0,0 @@ -From def2845efacab3a3973fb0218ac5077a162f8f1e Mon Sep 17 00:00:00 2001 -From: Jean Delvare -Date: Thu, 2 Nov 2017 16:17:50 +0100 -Subject: [PATCH 1/3] i2c-tools: i2cbusses: Avoid buffer overflows in sysfs - paths - -sprintf isn't safe, use snprintf instead. ---- - CHANGES | 3 +++ - tools/i2cbusses.c | 10 +++++----- - 2 files changed, 8 insertions(+), 5 deletions(-) - -diff --git a/CHANGES b/CHANGES -index 15ff761..539adb0 100644 ---- a/CHANGES -+++ b/CHANGES -@@ -1,6 +1,9 @@ - i2c-tools CHANGES - ----------------- - -+master -+ tools: Fix potential buffer overflows in i2cbusses -+ - 4.0 (2017-10-30) - tools: Fix build with recent compilers (gcc 4.6+) - Add examples to the manual pages -diff --git a/tools/i2cbusses.c b/tools/i2cbusses.c -index dad22ea..cb78cc7 100644 ---- a/tools/i2cbusses.c -+++ b/tools/i2cbusses.c -@@ -220,18 +220,18 @@ struct i2c_adap *gather_i2c_busses(void) - - /* this should work for kernels 2.6.5 or higher and */ - /* is preferred because is unambiguous */ -- sprintf(n, "%s/%s/name", sysfs, de->d_name); -+ snprintf(n, NAME_MAX, "%s/%s/name", sysfs, de->d_name); - f = fopen(n, "r"); - /* this seems to work for ISA */ - if(f == NULL) { -- sprintf(n, "%s/%s/device/name", sysfs, de->d_name); -+ snprintf(n, NAME_MAX, "%s/%s/device/name", sysfs, de->d_name); - f = fopen(n, "r"); - } - /* non-ISA is much harder */ - /* and this won't find the correct bus name if a driver - has more than one bus */ - if(f == NULL) { -- sprintf(n, "%s/%s/device", sysfs, de->d_name); -+ snprintf(n, NAME_MAX, "%s/%s/device", sysfs, de->d_name); - if(!(ddir = opendir(n))) - continue; - while ((dde = readdir(ddir)) != NULL) { -@@ -240,8 +240,8 @@ struct i2c_adap *gather_i2c_busses(void) - if (!strcmp(dde->d_name, "..")) - continue; - if ((!strncmp(dde->d_name, "i2c-", 4))) { -- sprintf(n, "%s/%s/device/%s/name", -- sysfs, de->d_name, dde->d_name); -+ snprintf(n, NAME_MAX, "%s/%s/device/%s/name", -+ sysfs, de->d_name, dde->d_name); - if((f = fopen(n, "r"))) - goto found; - } --- -2.14.3 - diff --git a/0001-libi2c-Mention-the-correct-license-in-source-files.patch b/0001-libi2c-Mention-the-correct-license-in-source-files.patch deleted file mode 100644 index 967e789..0000000 --- a/0001-libi2c-Mention-the-correct-license-in-source-files.patch +++ /dev/null @@ -1,104 +0,0 @@ -From fbd988b4fa3d008c5fd210a66834d1305de41f6c Mon Sep 17 00:00:00 2001 -From: Jean Delvare -Date: Fri, 3 Aug 2018 13:54:26 +0200 -Subject: [PATCH] libi2c: Mention the correct license in source files - -The libi2c library is released under the LGPL, not GPL, as explained -in the README file and documented in lib/Module.mk. Thanks to -Aurelien Jarno for pointing out the inconsistency. - -A little bit of history: - -The code started its life two decades ago as part of the lm-sensors -project, which was released as a whole under the GPL originally, -including the library part (libsensors). - -In 2007, I decided to split the i2c tools, which are not specific -to sensor devices, to a separate package. - -In 2009, as I was working on lm-sensors v3, I contacted all the -original authors to get their approval to release the upcoming and all -future versions of libsensors as LGPL instead, to allow wider -adoption. The proposal was accepted by all original authors. - -In 2012, I decided to turn the inlined i2c_smbus_* helper functions -into a proper library, with the intent to release it under the LGPL, -as is the common practice for libraries. As the authors of this code -is a subset of the authors of libsensors, I assumed their agreement -for libsensors could be extended to libi2c as well. This is the -reason why LGPL is mentioned in README and lib/Module.mk. - -Unfortunately, when working on the library code itself, I forgot to -update the comments in the source files. Let's fix them now. - -Signed-off-by: Jean Delvare ---- - include/i2c/smbus.h | 21 ++++++--------------- - lib/smbus.c | 16 +++------------- - 2 files changed, 9 insertions(+), 28 deletions(-) - -diff --git a/include/i2c/smbus.h b/include/i2c/smbus.h -index 18a5305..3003ed7 100644 ---- a/include/i2c/smbus.h -+++ b/include/i2c/smbus.h -@@ -1,23 +1,14 @@ - /* - smbus.h - SMBus level access helper functions - -- Copyright (C) 1995-97 Simon G. Vogl -- Copyright (C) 1998-99 Frodo Looijaard -+ Copyright (C) 1995-1997 Simon G. Vogl -+ Copyright (C) 1998-1999 Frodo Looijaard -+ Copyright (C) 2012-2017 Jean Delvare - -- This program is free software; you can redistribute it and/or modify -- it under the terms of the GNU General Public License as published by -- the Free Software Foundation; either version 2 of the License, or -+ This library is free software; you can redistribute it and/or modify -+ it under the terms of the GNU Lesser General Public License as published -+ by the Free Software Foundation; either version 2.1 of the License, or - (at your option) any later version. -- -- This program is distributed in the hope that it will be useful, -- but WITHOUT ANY WARRANTY; without even the implied warranty of -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -- GNU General Public License for more details. -- -- You should have received a copy of the GNU General Public License -- along with this program; if not, write to the Free Software -- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, -- MA 02110-1301 USA. - */ - - #ifndef LIB_I2C_SMBUS_H -diff --git a/lib/smbus.c b/lib/smbus.c -index 3a2c45a..df5a5ad 100644 ---- a/lib/smbus.c -+++ b/lib/smbus.c -@@ -5,20 +5,10 @@ - Copyright (C) 1998-1999 Frodo Looijaard - Copyright (C) 2012-2013 Jean Delvare - -- This program is free software; you can redistribute it and/or modify -- it under the terms of the GNU General Public License as published by -- the Free Software Foundation; either version 2 of the License, or -+ This library is free software; you can redistribute it and/or modify -+ it under the terms of the GNU Lesser General Public License as published -+ by the Free Software Foundation; either version 2.1 of the License, or - (at your option) any later version. -- -- This program is distributed in the hope that it will be useful, -- but WITHOUT ANY WARRANTY; without even the implied warranty of -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -- GNU General Public License for more details. -- -- You should have received a copy of the GNU General Public License -- along with this program; if not, write to the Free Software -- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, -- MA 02110-1301 USA. - */ - - #include --- -2.14.4 - diff --git a/0002-tools-i2cbusses-Check-the-return-value-of-snprintf.patch b/0002-tools-i2cbusses-Check-the-return-value-of-snprintf.patch deleted file mode 100644 index b0c88de..0000000 --- a/0002-tools-i2cbusses-Check-the-return-value-of-snprintf.patch +++ /dev/null @@ -1,87 +0,0 @@ -From d062793e7aebde3ffee796dfd4180716632ae444 Mon Sep 17 00:00:00 2001 -From: Jean Delvare -Date: Wed, 8 Nov 2017 22:17:43 +0100 -Subject: [PATCH 2/3] tools: i2cbusses: Check the return value of snprintf -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -It's very unlikely that these paths will ever be truncated, but -better safe than sorry. - -Suggested by Uwe Kleine-König. ---- - tools/i2cbusses.c | 34 ++++++++++++++++++++++++++++------ - 1 file changed, 28 insertions(+), 6 deletions(-) - -diff --git a/tools/i2cbusses.c b/tools/i2cbusses.c -index cb78cc7..41f5b6b 100644 ---- a/tools/i2cbusses.c -+++ b/tools/i2cbusses.c -@@ -137,7 +137,7 @@ struct i2c_adap *gather_i2c_busses(void) - FILE *f; - char fstype[NAME_MAX], sysfs[NAME_MAX], n[NAME_MAX]; - int foundsysfs = 0; -- int count=0; -+ int len, count = 0; - struct i2c_adap *adapters; - - adapters = calloc(BUNCH, sizeof(struct i2c_adap)); -@@ -220,18 +220,32 @@ struct i2c_adap *gather_i2c_busses(void) - - /* this should work for kernels 2.6.5 or higher and */ - /* is preferred because is unambiguous */ -- snprintf(n, NAME_MAX, "%s/%s/name", sysfs, de->d_name); -+ len = snprintf(n, NAME_MAX, "%s/%s/name", sysfs, de->d_name); -+ if (len >= NAME_MAX) { -+ fprintf(stderr, "%s: path truncated\n", n); -+ continue; -+ } - f = fopen(n, "r"); - /* this seems to work for ISA */ - if(f == NULL) { -- snprintf(n, NAME_MAX, "%s/%s/device/name", sysfs, de->d_name); -+ len = snprintf(n, NAME_MAX, "%s/%s/device/name", sysfs, -+ de->d_name); -+ if (len >= NAME_MAX) { -+ fprintf(stderr, "%s: path truncated\n", n); -+ continue; -+ } - f = fopen(n, "r"); - } - /* non-ISA is much harder */ - /* and this won't find the correct bus name if a driver - has more than one bus */ - if(f == NULL) { -- snprintf(n, NAME_MAX, "%s/%s/device", sysfs, de->d_name); -+ len = snprintf(n, NAME_MAX, "%s/%s/device", sysfs, -+ de->d_name); -+ if (len >= NAME_MAX) { -+ fprintf(stderr, "%s: path truncated\n", n); -+ continue; -+ } - if(!(ddir = opendir(n))) - continue; - while ((dde = readdir(ddir)) != NULL) { -@@ -240,8 +254,16 @@ struct i2c_adap *gather_i2c_busses(void) - if (!strcmp(dde->d_name, "..")) - continue; - if ((!strncmp(dde->d_name, "i2c-", 4))) { -- snprintf(n, NAME_MAX, "%s/%s/device/%s/name", -- sysfs, de->d_name, dde->d_name); -+ len = snprintf(n, NAME_MAX, -+ "%s/%s/device/%s/name", -+ sysfs, de->d_name, -+ dde->d_name); -+ if (len >= NAME_MAX) { -+ fprintf(stderr, -+ "%s: path truncated\n", -+ n); -+ continue; -+ } - if((f = fopen(n, "r"))) - goto found; - } --- -2.14.3 - diff --git a/0003-py-smbus-Fix-FSF-address-in-smbusmodule.c.patch b/0003-py-smbus-Fix-FSF-address-in-smbusmodule.c.patch deleted file mode 100644 index 0dabed3..0000000 --- a/0003-py-smbus-Fix-FSF-address-in-smbusmodule.c.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 066cc543547c7675a67f24b1281954619d300652 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Fri, 24 Nov 2017 10:40:01 +0100 -Subject: [PATCH 3/3] py-smbus: Fix FSF address in smbusmodule.c -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The Free Software Foundation address was outdated. Discovered by -Fedora's rpmlint. The current address can be found at: -https://www.gnu.org/licenses/old-licenses/gpl-2.0.html#SEC4 - -Signed-off-by: Ondřej Lysoněk ---- - py-smbus/smbusmodule.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/py-smbus/smbusmodule.c b/py-smbus/smbusmodule.c -index 48a408b..b189106 100644 ---- a/py-smbus/smbusmodule.c -+++ b/py-smbus/smbusmodule.c -@@ -13,7 +13,8 @@ - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software -- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, -+ * MA 02110-1301, USA. - */ - - #include --- -2.14.3 - diff --git a/i2c-tools.spec b/i2c-tools.spec index c68ebcf..9c174d1 100644 --- a/i2c-tools.spec +++ b/i2c-tools.spec @@ -11,21 +11,13 @@ %endif Name: i2c-tools -Version: 4.0 -Release: 13%{?dist} +Version: 4.1 +Release: 1%{?dist} Summary: A heterogeneous set of I2C tools for Linux License: GPLv2+ URL: https://i2c.wiki.kernel.org/index.php/I2C_Tools Source0: https://www.kernel.org/pub/software/utils/i2c-tools/%{name}-%{version}.tar.xz -# Upstream patch -Patch0: 0001-i2c-tools-i2cbusses-Avoid-buffer-overflows-in-sysfs-.patch -# Upstream patch -Patch1: 0002-tools-i2cbusses-Check-the-return-value-of-snprintf.patch -# Upstream patch -Patch2: 0003-py-smbus-Fix-FSF-address-in-smbusmodule.c.patch -# Upstream patch fixing license headers of libi2c -Patch3: 0001-libi2c-Mention-the-correct-license-in-source-files.patch # for /etc/udev/makedev.d resp /usr/lib/modprobe.d ownership Requires: systemd-udev kmod @@ -115,11 +107,7 @@ Obsoletes: i2c-tools-devel < 4.0-1 %{summary}. %prep -%setup -q -%patch0 -p1 -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 +%autosetup -p1 %build make CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS" BUILD_STATIC_LIB=0 EXTRA=eeprog @@ -137,7 +125,7 @@ popd %install -make install DESTDIR=$RPM_BUILD_ROOT prefix=%{_prefix} BUILD_STATIC_LIB=0 \ +make install DESTDIR=$RPM_BUILD_ROOT PREFIX=%{_prefix} BUILD_STATIC_LIB=0 \ EXTRA=eeprog libdir=%{_libdir} install -m 755 eepromer/{eepromer,eeprom} \ $RPM_BUILD_ROOT%{_sbindir} @@ -225,8 +213,10 @@ exit 0 %{_includedir}/i2c/smbus.h %{_libdir}/libi2c.so - %changelog +* Mon Feb 4 2019 Peter Robinson 4.1-1 +- Version 4.1 + * Fri Feb 01 2019 Fedora Release Engineering - 4.0-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild diff --git a/sources b/sources index b2d92a9..29dda2c 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (i2c-tools-4.0.tar.xz) = ddf86c357c101388193581bc40285089e6ab5e8d870f8aa5d594acc7ecb8596fbd30501e147b88bdea0200b1be88bc0a374356c188d1bcb067bf8e254e3dc51e +SHA512 (i2c-tools-4.1.tar.xz) = 83262bcfd94c2adf74517cc50095dd78221fa4d16a62397245d4a538de7463272abf4f6727024be8ab1ca8ecbfe647af85ba2a553e5b5e68a53e50dfcad20248