From 77b6fcf87ec0246a86522c4eeba813d534a86a84 Mon Sep 17 00:00:00 2001
From: Sahana Prasad <sahana@redhat.com>
Date: Mar 31 2020 14:16:30 +0000
Subject: Adds coverity patch


---

diff --git a/stunnel-5.56-coverity.patch b/stunnel-5.56-coverity.patch
new file mode 100644
index 0000000..526f7f0
--- /dev/null
+++ b/stunnel-5.56-coverity.patch
@@ -0,0 +1,22 @@
+diff -up stunnel-5.48/src/str.c.coverity stunnel-5.48/src/str.c
+--- stunnel-5.48/src/str.c.coverity	2018-07-02 23:30:10.000000000 +0200
++++ stunnel-5.48/src/str.c	2018-09-04 17:24:08.949928906 +0200
+@@ -165,6 +165,7 @@ char *str_vprintf(const char *format, va
+     for(;;) {
+         va_copy(ap, start_ap);
+         n=vsnprintf(p, size, format, ap);
++        va_end(ap);
+         if(n>-1 && n<(int)size)
+             return p;
+         if(n>-1)                /* glibc 2.1 */
+diff -up stunnel-5.48/src/stunnel.c.coverity stunnel-5.48/src/stunnel.c
+--- stunnel-5.48/src/stunnel.c.coverity	2018-07-02 23:30:10.000000000 +0200
++++ stunnel-5.48/src/stunnel.c	2018-09-04 17:24:08.949928906 +0200
+@@ -364,7 +364,6 @@ NOEXPORT int accept_connection(SERVICE_O
+ #endif
+     if(create_client(fd, s, alloc_client_session(opt, s, s))) {
+         s_log(LOG_ERR, "Connection rejected: create_client failed");
+-        closesocket(s);
+ #ifndef USE_FORK
+         service_free(opt);
+ #endif
diff --git a/stunnel.spec b/stunnel.spec
index 0598f70..fd65171 100644
--- a/stunnel.spec
+++ b/stunnel.spec
@@ -10,7 +10,7 @@
 Summary: A TLS-encrypting socket wrapper
 Name: stunnel
 Version: 5.56
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: GPLv2
 URL: http://www.stunnel.org/
 Source0: https://www.stunnel.org/downloads/stunnel-%{version}.tar.gz
@@ -24,6 +24,7 @@ Source7: stunnel@.service
 Patch0: stunnel-5.50-authpriv.patch
 Patch1: stunnel-5.50-systemd-service.patch
 Patch3: stunnel-5.56-system-ciphers.patch
+Patch4: stunnel-5.56-coverity.patch
 # util-linux is needed for rename
 BuildRequires: gcc
 BuildRequires: openssl-devel, pkgconfig, util-linux
@@ -49,6 +50,7 @@ conjunction with imapd to create a TLS secure IMAP server.
 %patch0 -p1 -b .authpriv
 %patch1 -p1 -b .systemd-service
 %patch3 -p1 -b .system-ciphers
+%patch4 -p1 -b .coverity
 
 # Fix the configure script output for FIPS mode and stack protector flag
 sed -i '/yes).*result: no/,+1{s/result: no/result: yes/;s/as_echo "no"/as_echo "yes"/};s/-fstack-protector/-fstack-protector-strong/' configure
@@ -134,6 +136,9 @@ make test || (for i in tests/logs/*.log ; do echo "$i": ; cat "$i" ; done)
 %systemd_postun_with_restart %{name}.service
 
 %changelog
+* Tue Mar 31 2020 Sahana Prasad <sahana@redhat.com> - 5.56-3
+- Adds coverity patch
+
 * Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 5.56-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild