Hello community,
here is the log from the commit of package libcacard for openSUSE:Factory checked in at 2017-05-06 18:26:02
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libcacard (Old)
and /work/SRC/openSUSE:Factory/.libcacard.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libcacard"
Sat May 6 18:26:02 2017 rev:2 rq:492704 version:2.5.3
Changes:
--------
--- /work/SRC/openSUSE:Factory/libcacard/libcacard.changes 2016-06-09 16:14:36.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.libcacard.new/libcacard.changes 2017-05-06 18:26:05.529361413 +0200
@@ -1,0 +2,7 @@
+Wed May 3 16:48:14 UTC 2017 - brogers@suse.com
+
+- Update to v2.5.3
+* Includes fix for host memory leakage while creating new APDU
+ (CVE-2017-6414 boo#1027514)
+
+-------------------------------------------------------------------
Old:
----
libcacard-2.5.2.tar.xz
New:
----
libcacard-2.5.3.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libcacard.spec ++++++
--- /var/tmp/diff_new_pack.O5gvhQ/_old 2017-05-06 18:26:06.429234437 +0200
+++ /var/tmp/diff_new_pack.O5gvhQ/_new 2017-05-06 18:26:06.433233873 +0200
@@ -1,7 +1,7 @@
#
# spec file for package libcacard
#
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -21,7 +21,7 @@
Summary: Common Access Card (CAC) emulation
License: LGPL-2.1+
Group: System/Emulators/PC
-Version: 2.5.2
+Version: 2.5.3
Release: 0
Source: http://www.spice-space.org/download/libcacard/libcacard-%{version}.tar.xz
BuildRoot: %{_tmppath}/%{name}-%{version}-build
++++++ libcacard-2.5.2.tar.xz -> libcacard-2.5.3.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libcacard-2.5.2/.tarball-version new/libcacard-2.5.3/.tarball-version
--- old/libcacard-2.5.2/.tarball-version 2015-12-08 15:52:06.000000000 +0100
+++ new/libcacard-2.5.3/.tarball-version 2017-03-01 16:35:38.000000000 +0100
@@ -1 +1 @@
-2.5.2
+2.5.3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libcacard-2.5.2/ChangeLog new/libcacard-2.5.3/ChangeLog
--- old/libcacard-2.5.2/ChangeLog 2015-12-08 15:52:06.000000000 +0100
+++ new/libcacard-2.5.3/ChangeLog 2017-03-01 16:35:38.000000000 +0100
@@ -1,3 +1,86 @@
+commit aaa5251791bf0b1640afcba77a7d79ea23c42d53
+Author: Marc-André Lureau
+Date: Wed Mar 1 16:44:18 2017 +0400
+
+ Update NEWS for v2.5.3
+
+ Signed-off-by: Marc-André Lureau
+ Acked-by: Victor Toso
+
+ NEWS | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+commit 9113dc6a303604a2d9812ac70c17d076ef11886c
+Author: Li Qiang
+Date: Tue Feb 21 22:34:20 2017 -0800
+
+ smartcard: fix memory leak in vcard_apdu_new
+
+ In the error path, 'new_apdu->a_data' is not freed.
+ This can be triggered by the guest continuely.
+
+ Signed-off-by: Li Qiang
+ Reviewed-by: Marc-André Lureau
+
+ src/card_7816.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+commit ad591057c301d3120c3f7e5a5826342c8bf523bc
+Author: Jakub Jelen
+Date: Fri Aug 12 11:31:37 2016 +0200
+
+ Do not fail, if the caller didn't pick up response from previous call
+
+ During our testing of a new CAC driver in OpenSC, with this library, we
+ encountered a problem with |libcacard| failing and the driver returning
+ only a fraction of the requested objects.
+
+ The problem is that the Emulator wants to return the data (properly
+ signalized by 61 (RESPONSE BYTES) in SW1), but this is ignored for some
+ reason in some of our calls from OpenSC. The Emulator should not fail
+ hard for the next independent request, rather silently drop the buffer
+ and serve the ongoing APDU request (I would left for consideration to
+ somehow log such problem).
+
+ Patch was successfully tested on Fedora 24 host and solves our problem
+ (though we worked around the problem already in the driver too).
+
+ Reviewed-by: Marc-André Lureau
+
+ src/card_7816.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+commit fede413532c8c786e507388eddb78530473814f6
+Author: Marc-André Lureau
+Date: Thu Mar 3 01:55:57 2016 +0100
+
+ vscclient: help scan-build
+
+ scan-build gives a false-positive error because it gets confused that
+ optarg may be NULL. Help him by adding an assert.
+
+ Signed-off-by: Marc-André Lureau
+ Reported-by: Miroslav Rezanina
+
+ src/vscclient.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+commit de542d9d0ac43e0dcb74ce8625fa717e3d093c1a
+Author: Marc-André Lureau
+Date: Thu Mar 3 01:54:10 2016 +0100
+
+ nss: report error on invalid db= argument
+
+ The db argument must end with " or \n.
+
+ Found thanks to clang scan-build.
+
+ Signed-off-by: Marc-André Lureau
+ Reported-by: Miroslav Rezanina
+
+ src/vcard_emul_nss.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
commit 998db1e88eb8219264476c022d1446f3cb4330e8
Author: Marc-André Lureau
Date: Thu Dec 3 15:29:50 2015 +0100
@@ -657,61 +740,34 @@
Signed-off-by: Marc-André Lureau
- include/glib-compat.h | 168 ------
- libcacard.pc.in | 13 +
- libcacard/Makefile | 45 --
- libcacard/cac.c | 414 --------------
- libcacard/cac.h | 31 --
- libcacard/card_7816.c | 757 -------------------------
- libcacard/card_7816.h | 62 ---
- libcacard/card_7816t.h | 165 ------
- libcacard/event.c | 103 ----
- libcacard/eventt.h | 29 -
- libcacard/libcacard.pc.in | 13 -
- libcacard/libcacard.syms | 77 ---
- libcacard/link_test.c | 22 -
- libcacard/vcard.c | 325 -----------
- libcacard/vcard.h | 86 ---
- libcacard/vcard_emul.h | 66 ---
- libcacard/vcard_emul_nss.c | 1274 -------------------------------------------
- libcacard/vcard_emul_type.c | 57 --
- libcacard/vcard_emul_type.h | 32 --
- libcacard/vcardt.c | 40 --
- libcacard/vcardt.h | 59 --
- libcacard/vcardt_internal.h | 6 -
- libcacard/vevent.h | 27 -
- libcacard/vreader.c | 578 --------------------
- libcacard/vreader.h | 55 --
- libcacard/vreadert.h | 24 -
- libcacard/vscard_common.h | 178 ------
- libcacard/vscclient.c | 785 --------------------------
- src/Makefile | 45 ++
- src/cac.c | 414 ++++++++++++++
- src/cac.h | 31 ++
- src/card_7816.c | 757 +++++++++++++++++++++++++
- src/card_7816.h | 62 +++
- src/card_7816t.h | 165 ++++++
- src/event.c | 103 ++++
- src/eventt.h | 29 +
- src/glib-compat.h | 168 ++++++
- src/libcacard.syms | 77 +++
- src/link_test.c | 22 +
- src/vcard.c | 325 +++++++++++
- src/vcard.h | 86 +++
- src/vcard_emul.h | 66 +++
- src/vcard_emul_nss.c | 1274 +++++++++++++++++++++++++++++++++++++++++++
- src/vcard_emul_type.c | 57 ++
- src/vcard_emul_type.h | 32 ++
- src/vcardt.c | 40 ++
- src/vcardt.h | 59 ++
- src/vcardt_internal.h | 6 +
- src/vevent.h | 27 +
- src/vreader.c | 578 ++++++++++++++++++++
- src/vreader.h | 55 ++
- src/vreadert.h | 24 +
- src/vscard_common.h | 178 ++++++
- src/vscclient.c | 785 ++++++++++++++++++++++++++
- 54 files changed, 5478 insertions(+), 5478 deletions(-)
+ libcacard/libcacard.pc.in => libcacard.pc.in | 0
+ {libcacard => src}/Makefile | 0
+ {libcacard => src}/cac.c | 0
+ {libcacard => src}/cac.h | 0
+ {libcacard => src}/card_7816.c | 0
+ {libcacard => src}/card_7816.h | 0
+ {libcacard => src}/card_7816t.h | 0
+ {libcacard => src}/event.c | 0
+ {libcacard => src}/eventt.h | 0
+ {include => src}/glib-compat.h | 0
+ {libcacard => src}/libcacard.syms | 0
+ {libcacard => src}/link_test.c | 0
+ {libcacard => src}/vcard.c | 0
+ {libcacard => src}/vcard.h | 0
+ {libcacard => src}/vcard_emul.h | 0
+ {libcacard => src}/vcard_emul_nss.c | 0
+ {libcacard => src}/vcard_emul_type.c | 0
+ {libcacard => src}/vcard_emul_type.h | 0
+ {libcacard => src}/vcardt.c | 0
+ {libcacard => src}/vcardt.h | 0
+ {libcacard => src}/vcardt_internal.h | 0
+ {libcacard => src}/vevent.h | 0
+ {libcacard => src}/vreader.c | 0
+ {libcacard => src}/vreader.h | 0
+ {libcacard => src}/vreadert.h | 0
+ {libcacard => src}/vscard_common.h | 0
+ {libcacard => src}/vscclient.c | 0
+ 27 files changed, 0 insertions(+), 0 deletions(-)
commit 53f38f8f294369c0b6361782f3c8accc562292d4
Author: Veres Lajos
@@ -864,110 +920,110 @@
Building QEMU results in a libcacard.so that links against
practically the entire world
- linux-vdso.so.1 => (0x00007fff71e99000)
- libssl3.so => /usr/lib64/libssl3.so (0x00007f49f94b6000)
- libsmime3.so => /usr/lib64/libsmime3.so (0x00007f49f928e000)
- libnss3.so => /usr/lib64/libnss3.so (0x00007f49f8f67000)
- libnssutil3.so => /usr/lib64/libnssutil3.so (0x00007f49f8d3b000)
- libplds4.so => /usr/lib64/libplds4.so (0x00007f49f8b36000)
- libplc4.so => /usr/lib64/libplc4.so (0x00007f49f8931000)
- libnspr4.so => /usr/lib64/libnspr4.so (0x00007f49f86f2000)
- libdl.so.2 => /usr/lib64/libdl.so.2 (0x00007f49f84ed000)
- libm.so.6 => /usr/lib64/libm.so.6 (0x00007f49f81e5000)
- libgthread-2.0.so.0 => /usr/lib64/libgthread-2.0.so.0 (0x00007f49f7fe3000)
- librt.so.1 => /usr/lib64/librt.so.1 (0x00007f49f7dda000)
- libz.so.1 => /usr/lib64/libz.so.1 (0x00007f49f7bc4000)
- libcap-ng.so.0 => /usr/lib64/libcap-ng.so.0 (0x00007f49f79be000)
- libuuid.so.1 => /usr/lib64/libuuid.so.1 (0x00007f49f77b8000)
- libgnutls.so.28 => /usr/lib64/libgnutls.so.28 (0x00007f49f749a000)
- libSDL-1.2.so.0 => /usr/lib64/libSDL-1.2.so.0 (0x00007f49f71fd000)
- libpthread.so.0 => /usr/lib64/libpthread.so.0 (0x00007f49f6fe0000)
- libvte.so.9 => /usr/lib64/libvte.so.9 (0x00007f49f6d3f000)
- libXext.so.6 => /usr/lib64/libXext.so.6 (0x00007f49f6b2d000)
- libgtk-x11-2.0.so.0 => /usr/lib64/libgtk-x11-2.0.so.0 (0x00007f49f64a0000)
- libgdk-x11-2.0.so.0 => /usr/lib64/libgdk-x11-2.0.so.0 (0x00007f49f61de000)
- libpangocairo-1.0.so.0 => /usr/lib64/libpangocairo-1.0.so.0 (0x00007f49f5fd1000)
- libatk-1.0.so.0 => /usr/lib64/libatk-1.0.so.0 (0x00007f49f5daa000)
- libcairo.so.2 => /usr/lib64/libcairo.so.2 (0x00007f49f5a9d000)
- libgdk_pixbuf-2.0.so.0 => /usr/lib64/libgdk_pixbuf-2.0.so.0 (0x00007f49f5878000)
- libgio-2.0.so.0 => /usr/lib64/libgio-2.0.so.0 (0x00007f49f5500000)
- libpangoft2-1.0.so.0 => /usr/lib64/libpangoft2-1.0.so.0 (0x00007f49f52eb000)
- libpango-1.0.so.0 => /usr/lib64/libpango-1.0.so.0 (0x00007f49f50a0000)
- libgobject-2.0.so.0 => /usr/lib64/libgobject-2.0.so.0 (0x00007f49f4e4e000)
- libglib-2.0.so.0 => /usr/lib64/libglib-2.0.so.0 (0x00007f49f4b15000)
- libfontconfig.so.1 => /usr/lib64/libfontconfig.so.1 (0x00007f49f48d6000)
- libfreetype.so.6 => /usr/lib64/libfreetype.so.6 (0x00007f49f462b000)
- libX11.so.6 => /usr/lib64/libX11.so.6 (0x00007f49f42e8000)
- libxenstore.so.3.0 => /usr/lib64/libxenstore.so.3.0 (0x00007f49f40de000)
- libxenctrl.so.4.4 => /usr/lib64/libxenctrl.so.4.4 (0x00007f49f3eb6000)
- libxenguest.so.4.4 => /usr/lib64/libxenguest.so.4.4 (0x00007f49f3c8b000)
- libseccomp.so.2 => /usr/lib64/libseccomp.so.2 (0x00007f49f3a74000)
- librdmacm.so.1 => /usr/lib64/librdmacm.so.1 (0x00007f49f385d000)
- libibverbs.so.1 => /usr/lib64/libibverbs.so.1 (0x00007f49f364a000)
- libutil.so.1 => /usr/lib64/libutil.so.1 (0x00007f49f3447000)
- libc.so.6 => /usr/lib64/libc.so.6 (0x00007f49f3089000)
- /lib64/ld-linux-x86-64.so.2 (0x00007f49f9902000)
- libp11-kit.so.0 => /usr/lib64/libp11-kit.so.0 (0x00007f49f2e23000)
- libtspi.so.1 => /usr/lib64/libtspi.so.1 (0x00007f49f2bb2000)
- libtasn1.so.6 => /usr/lib64/libtasn1.so.6 (0x00007f49f299f000)
- libnettle.so.4 => /usr/lib64/libnettle.so.4 (0x00007f49f276d000)
- libhogweed.so.2 => /usr/lib64/libhogweed.so.2 (0x00007f49f2545000)
- libgmp.so.10 => /usr/lib64/libgmp.so.10 (0x00007f49f22cd000)
- libncurses.so.5 => /usr/lib64/libncurses.so.5 (0x00007f49f20a5000)
- libtinfo.so.5 => /usr/lib64/libtinfo.so.5 (0x00007f49f1e7a000)
- libgmodule-2.0.so.0 => /usr/lib64/libgmodule-2.0.so.0 (0x00007f49f1c76000)
- libXfixes.so.3 => /usr/lib64/libXfixes.so.3 (0x00007f49f1a6f000)
- libXrender.so.1 => /usr/lib64/libXrender.so.1 (0x00007f49f1865000)
- libXinerama.so.1 => /usr/lib64/libXinerama.so.1 (0x00007f49f1662000)
- libXi.so.6 => /usr/lib64/libXi.so.6 (0x00007f49f1452000)
- libXrandr.so.2 => /usr/lib64/libXrandr.so.2 (0x00007f49f1247000)
- libXcursor.so.1 => /usr/lib64/libXcursor.so.1 (0x00007f49f103c000)
- libXcomposite.so.1 => /usr/lib64/libXcomposite.so.1 (0x00007f49f0e39000)
- libXdamage.so.1 => /usr/lib64/libXdamage.so.1 (0x00007f49f0c35000)
- libharfbuzz.so.0 => /usr/lib64/libharfbuzz.so.0 (0x00007f49f09dd000)
- libpixman-1.so.0 => /usr/lib64/libpixman-1.so.0 (0x00007f49f072f000)
- libEGL.so.1 => /usr/lib64/libEGL.so.1 (0x00007f49f0505000)
- libpng16.so.16 => /usr/lib64/libpng16.so.16 (0x00007f49f02d2000)
- libxcb-shm.so.0 => /usr/lib64/libxcb-shm.so.0 (0x00007f49f00cd000)
- libxcb-render.so.0 => /usr/lib64/libxcb-render.so.0 (0x00007f49efec3000)
- libxcb.so.1 => /usr/lib64/libxcb.so.1 (0x00007f49efca1000)
- libGL.so.1 => /usr/lib64/libGL.so.1 (0x00007f49efa06000)
- libffi.so.6 => /usr/lib64/libffi.so.6 (0x00007f49ef7fe000)
- libselinux.so.1 => /usr/lib64/libselinux.so.1 (0x00007f49ef5d8000)
- libresolv.so.2 => /usr/lib64/libresolv.so.2 (0x00007f49ef3be000)
- libexpat.so.1 => /usr/lib64/libexpat.so.1 (0x00007f49ef193000)
- libbz2.so.1 => /usr/lib64/libbz2.so.1 (0x00007f49eef83000)
- libgcc_s.so.1 => /usr/lib64/libgcc_s.so.1 (0x00007f49eed6c000)
- liblzma.so.5 => /usr/lib64/liblzma.so.5 (0x00007f49eeb46000)
- libnl-route-3.so.200 => /usr/lib64/libnl-route-3.so.200 (0x00007f49ee8e2000)
- libnl-3.so.200 => /usr/lib64/libnl-3.so.200 (0x00007f49ee6c4000)
- libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007f49ee2d6000)
- libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007f49ee067000)
- libgraphite2.so.3 => /usr/lib64/libgraphite2.so.3 (0x00007f49ede48000)
- libX11-xcb.so.1 => /usr/lib64/libX11-xcb.so.1 (0x00007f49edc46000)
- libxcb-dri2.so.0 => /usr/lib64/libxcb-dri2.so.0 (0x00007f49eda41000)
- libxcb-xfixes.so.0 => /usr/lib64/libxcb-xfixes.so.0 (0x00007f49ed838000)
- libxcb-shape.so.0 => /usr/lib64/libxcb-shape.so.0 (0x00007f49ed634000)
- libgbm.so.1 => /usr/lib64/libgbm.so.1 (0x00007f49ed426000)
- libwayland-client.so.0 => /usr/lib64/libwayland-client.so.0 (0x00007f49ed217000)
- libwayland-server.so.0 => /usr/lib64/libwayland-server.so.0 (0x00007f49ed005000)
- libglapi.so.0 => /usr/lib64/libglapi.so.0 (0x00007f49ecddb000)
- libdrm.so.2 => /usr/lib64/libdrm.so.2 (0x00007f49ecbce000)
- libXau.so.6 => /usr/lib64/libXau.so.6 (0x00007f49ec9ca000)
- libxcb-glx.so.0 => /usr/lib64/libxcb-glx.so.0 (0x00007f49ec7b0000)
- libxcb-dri3.so.0 => /usr/lib64/libxcb-dri3.so.0 (0x00007f49ec5ad000)
- libxcb-present.so.0 => /usr/lib64/libxcb-present.so.0 (0x00007f49ec3aa000)
- libxcb-randr.so.0 => /usr/lib64/libxcb-randr.so.0 (0x00007f49ec19b000)
- libxcb-sync.so.1 => /usr/lib64/libxcb-sync.so.1 (0x00007f49ebf94000)
- libxshmfence.so.1 => /usr/lib64/libxshmfence.so.1 (0x00007f49ebd91000)
- libXxf86vm.so.1 => /usr/lib64/libXxf86vm.so.1 (0x00007f49ebb8a000)
- libpcre.so.1 => /usr/lib64/libpcre.so.1 (0x00007f49eb91d000)
- libgssapi_krb5.so.2 => /usr/lib64/libgssapi_krb5.so.2 (0x00007f49eb6cf000)
- libkrb5.so.3 => /usr/lib64/libkrb5.so.3 (0x00007f49eb3ec000)
- libcom_err.so.2 => /usr/lib64/libcom_err.so.2 (0x00007f49eb1e8000)
- libk5crypto.so.3 => /usr/lib64/libk5crypto.so.3 (0x00007f49eafb4000)
- libkrb5support.so.0 => /usr/lib64/libkrb5support.so.0 (0x00007f49eada5000)
- libkeyutils.so.1 => /usr/lib64/libkeyutils.so.1 (0x00007f49eaba0000)
+ linux-vdso.so.1 => (0x00007fff71e99000)
+ libssl3.so => /usr/lib64/libssl3.so (0x00007f49f94b6000)
+ libsmime3.so => /usr/lib64/libsmime3.so (0x00007f49f928e000)
+ libnss3.so => /usr/lib64/libnss3.so (0x00007f49f8f67000)
+ libnssutil3.so => /usr/lib64/libnssutil3.so (0x00007f49f8d3b000)
+ libplds4.so => /usr/lib64/libplds4.so (0x00007f49f8b36000)
+ libplc4.so => /usr/lib64/libplc4.so (0x00007f49f8931000)
+ libnspr4.so => /usr/lib64/libnspr4.so (0x00007f49f86f2000)
+ libdl.so.2 => /usr/lib64/libdl.so.2 (0x00007f49f84ed000)
+ libm.so.6 => /usr/lib64/libm.so.6 (0x00007f49f81e5000)
+ libgthread-2.0.so.0 => /usr/lib64/libgthread-2.0.so.0 (0x00007f49f7fe3000)
+ librt.so.1 => /usr/lib64/librt.so.1 (0x00007f49f7dda000)
+ libz.so.1 => /usr/lib64/libz.so.1 (0x00007f49f7bc4000)
+ libcap-ng.so.0 => /usr/lib64/libcap-ng.so.0 (0x00007f49f79be000)
+ libuuid.so.1 => /usr/lib64/libuuid.so.1 (0x00007f49f77b8000)
+ libgnutls.so.28 => /usr/lib64/libgnutls.so.28 (0x00007f49f749a000)
+ libSDL-1.2.so.0 => /usr/lib64/libSDL-1.2.so.0 (0x00007f49f71fd000)
+ libpthread.so.0 => /usr/lib64/libpthread.so.0 (0x00007f49f6fe0000)
+ libvte.so.9 => /usr/lib64/libvte.so.9 (0x00007f49f6d3f000)
+ libXext.so.6 => /usr/lib64/libXext.so.6 (0x00007f49f6b2d000)
+ libgtk-x11-2.0.so.0 => /usr/lib64/libgtk-x11-2.0.so.0 (0x00007f49f64a0000)
+ libgdk-x11-2.0.so.0 => /usr/lib64/libgdk-x11-2.0.so.0 (0x00007f49f61de000)
+ libpangocairo-1.0.so.0 => /usr/lib64/libpangocairo-1.0.so.0 (0x00007f49f5fd1000)
+ libatk-1.0.so.0 => /usr/lib64/libatk-1.0.so.0 (0x00007f49f5daa000)
+ libcairo.so.2 => /usr/lib64/libcairo.so.2 (0x00007f49f5a9d000)
+ libgdk_pixbuf-2.0.so.0 => /usr/lib64/libgdk_pixbuf-2.0.so.0 (0x00007f49f5878000)
+ libgio-2.0.so.0 => /usr/lib64/libgio-2.0.so.0 (0x00007f49f5500000)
+ libpangoft2-1.0.so.0 => /usr/lib64/libpangoft2-1.0.so.0 (0x00007f49f52eb000)
+ libpango-1.0.so.0 => /usr/lib64/libpango-1.0.so.0 (0x00007f49f50a0000)
+ libgobject-2.0.so.0 => /usr/lib64/libgobject-2.0.so.0 (0x00007f49f4e4e000)
+ libglib-2.0.so.0 => /usr/lib64/libglib-2.0.so.0 (0x00007f49f4b15000)
+ libfontconfig.so.1 => /usr/lib64/libfontconfig.so.1 (0x00007f49f48d6000)
+ libfreetype.so.6 => /usr/lib64/libfreetype.so.6 (0x00007f49f462b000)
+ libX11.so.6 => /usr/lib64/libX11.so.6 (0x00007f49f42e8000)
+ libxenstore.so.3.0 => /usr/lib64/libxenstore.so.3.0 (0x00007f49f40de000)
+ libxenctrl.so.4.4 => /usr/lib64/libxenctrl.so.4.4 (0x00007f49f3eb6000)
+ libxenguest.so.4.4 => /usr/lib64/libxenguest.so.4.4 (0x00007f49f3c8b000)
+ libseccomp.so.2 => /usr/lib64/libseccomp.so.2 (0x00007f49f3a74000)
+ librdmacm.so.1 => /usr/lib64/librdmacm.so.1 (0x00007f49f385d000)
+ libibverbs.so.1 => /usr/lib64/libibverbs.so.1 (0x00007f49f364a000)
+ libutil.so.1 => /usr/lib64/libutil.so.1 (0x00007f49f3447000)
+ libc.so.6 => /usr/lib64/libc.so.6 (0x00007f49f3089000)
+ /lib64/ld-linux-x86-64.so.2 (0x00007f49f9902000)
+ libp11-kit.so.0 => /usr/lib64/libp11-kit.so.0 (0x00007f49f2e23000)
+ libtspi.so.1 => /usr/lib64/libtspi.so.1 (0x00007f49f2bb2000)
+ libtasn1.so.6 => /usr/lib64/libtasn1.so.6 (0x00007f49f299f000)
+ libnettle.so.4 => /usr/lib64/libnettle.so.4 (0x00007f49f276d000)
+ libhogweed.so.2 => /usr/lib64/libhogweed.so.2 (0x00007f49f2545000)
+ libgmp.so.10 => /usr/lib64/libgmp.so.10 (0x00007f49f22cd000)
+ libncurses.so.5 => /usr/lib64/libncurses.so.5 (0x00007f49f20a5000)
+ libtinfo.so.5 => /usr/lib64/libtinfo.so.5 (0x00007f49f1e7a000)
+ libgmodule-2.0.so.0 => /usr/lib64/libgmodule-2.0.so.0 (0x00007f49f1c76000)
+ libXfixes.so.3 => /usr/lib64/libXfixes.so.3 (0x00007f49f1a6f000)
+ libXrender.so.1 => /usr/lib64/libXrender.so.1 (0x00007f49f1865000)
+ libXinerama.so.1 => /usr/lib64/libXinerama.so.1 (0x00007f49f1662000)
+ libXi.so.6 => /usr/lib64/libXi.so.6 (0x00007f49f1452000)
+ libXrandr.so.2 => /usr/lib64/libXrandr.so.2 (0x00007f49f1247000)
+ libXcursor.so.1 => /usr/lib64/libXcursor.so.1 (0x00007f49f103c000)
+ libXcomposite.so.1 => /usr/lib64/libXcomposite.so.1 (0x00007f49f0e39000)
+ libXdamage.so.1 => /usr/lib64/libXdamage.so.1 (0x00007f49f0c35000)
+ libharfbuzz.so.0 => /usr/lib64/libharfbuzz.so.0 (0x00007f49f09dd000)
+ libpixman-1.so.0 => /usr/lib64/libpixman-1.so.0 (0x00007f49f072f000)
+ libEGL.so.1 => /usr/lib64/libEGL.so.1 (0x00007f49f0505000)
+ libpng16.so.16 => /usr/lib64/libpng16.so.16 (0x00007f49f02d2000)
+ libxcb-shm.so.0 => /usr/lib64/libxcb-shm.so.0 (0x00007f49f00cd000)
+ libxcb-render.so.0 => /usr/lib64/libxcb-render.so.0 (0x00007f49efec3000)
+ libxcb.so.1 => /usr/lib64/libxcb.so.1 (0x00007f49efca1000)
+ libGL.so.1 => /usr/lib64/libGL.so.1 (0x00007f49efa06000)
+ libffi.so.6 => /usr/lib64/libffi.so.6 (0x00007f49ef7fe000)
+ libselinux.so.1 => /usr/lib64/libselinux.so.1 (0x00007f49ef5d8000)
+ libresolv.so.2 => /usr/lib64/libresolv.so.2 (0x00007f49ef3be000)
+ libexpat.so.1 => /usr/lib64/libexpat.so.1 (0x00007f49ef193000)
+ libbz2.so.1 => /usr/lib64/libbz2.so.1 (0x00007f49eef83000)
+ libgcc_s.so.1 => /usr/lib64/libgcc_s.so.1 (0x00007f49eed6c000)
+ liblzma.so.5 => /usr/lib64/liblzma.so.5 (0x00007f49eeb46000)
+ libnl-route-3.so.200 => /usr/lib64/libnl-route-3.so.200 (0x00007f49ee8e2000)
+ libnl-3.so.200 => /usr/lib64/libnl-3.so.200 (0x00007f49ee6c4000)
+ libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007f49ee2d6000)
+ libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007f49ee067000)
+ libgraphite2.so.3 => /usr/lib64/libgraphite2.so.3 (0x00007f49ede48000)
+ libX11-xcb.so.1 => /usr/lib64/libX11-xcb.so.1 (0x00007f49edc46000)
+ libxcb-dri2.so.0 => /usr/lib64/libxcb-dri2.so.0 (0x00007f49eda41000)
+ libxcb-xfixes.so.0 => /usr/lib64/libxcb-xfixes.so.0 (0x00007f49ed838000)
+ libxcb-shape.so.0 => /usr/lib64/libxcb-shape.so.0 (0x00007f49ed634000)
+ libgbm.so.1 => /usr/lib64/libgbm.so.1 (0x00007f49ed426000)
+ libwayland-client.so.0 => /usr/lib64/libwayland-client.so.0 (0x00007f49ed217000)
+ libwayland-server.so.0 => /usr/lib64/libwayland-server.so.0 (0x00007f49ed005000)
+ libglapi.so.0 => /usr/lib64/libglapi.so.0 (0x00007f49ecddb000)
+ libdrm.so.2 => /usr/lib64/libdrm.so.2 (0x00007f49ecbce000)
+ libXau.so.6 => /usr/lib64/libXau.so.6 (0x00007f49ec9ca000)
+ libxcb-glx.so.0 => /usr/lib64/libxcb-glx.so.0 (0x00007f49ec7b0000)
+ libxcb-dri3.so.0 => /usr/lib64/libxcb-dri3.so.0 (0x00007f49ec5ad000)
+ libxcb-present.so.0 => /usr/lib64/libxcb-present.so.0 (0x00007f49ec3aa000)
+ libxcb-randr.so.0 => /usr/lib64/libxcb-randr.so.0 (0x00007f49ec19b000)
+ libxcb-sync.so.1 => /usr/lib64/libxcb-sync.so.1 (0x00007f49ebf94000)
+ libxshmfence.so.1 => /usr/lib64/libxshmfence.so.1 (0x00007f49ebd91000)
+ libXxf86vm.so.1 => /usr/lib64/libXxf86vm.so.1 (0x00007f49ebb8a000)
+ libpcre.so.1 => /usr/lib64/libpcre.so.1 (0x00007f49eb91d000)
+ libgssapi_krb5.so.2 => /usr/lib64/libgssapi_krb5.so.2 (0x00007f49eb6cf000)
+ libkrb5.so.3 => /usr/lib64/libkrb5.so.3 (0x00007f49eb3ec000)
+ libcom_err.so.2 => /usr/lib64/libcom_err.so.2 (0x00007f49eb1e8000)
+ libk5crypto.so.3 => /usr/lib64/libk5crypto.so.3 (0x00007f49eafb4000)
+ libkrb5support.so.0 => /usr/lib64/libkrb5support.so.0 (0x00007f49eada5000)
+ libkeyutils.so.1 => /usr/lib64/libkeyutils.so.1 (0x00007f49eaba0000)
All libcacard actually needs are the NSS libs. Linking against the entire
world is a regression caused by
@@ -983,22 +1039,22 @@
Adding it back as an empty assignment brings the linked libs back to a more
reasonable set
- linux-vdso.so.1 => (0x00007fff575c1000)
- libssl3.so => /usr/lib64/libssl3.so (0x00007f7f753b1000)
- libsmime3.so => /usr/lib64/libsmime3.so (0x00007f7f75189000)
- libnss3.so => /usr/lib64/libnss3.so (0x00007f7f74e62000)
- libnssutil3.so => /usr/lib64/libnssutil3.so (0x00007f7f74c36000)
- libplds4.so => /usr/lib64/libplds4.so (0x00007f7f74a31000)
- libplc4.so => /usr/lib64/libplc4.so (0x00007f7f7482c000)
- libnspr4.so => /usr/lib64/libnspr4.so (0x00007f7f745ed000)
- libpthread.so.0 => /usr/lib64/libpthread.so.0 (0x00007f7f743d0000)
- libdl.so.2 => /usr/lib64/libdl.so.2 (0x00007f7f741cc000)
- libgthread-2.0.so.0 => /usr/lib64/libgthread-2.0.so.0 (0x00007f7f73fca000)
- libglib-2.0.so.0 => /usr/lib64/libglib-2.0.so.0 (0x00007f7f73c90000)
- libc.so.6 => /usr/lib64/libc.so.6 (0x00007f7f738d3000)
- libz.so.1 => /usr/lib64/libz.so.1 (0x00007f7f736bd000)
- librt.so.1 => /usr/lib64/librt.so.1 (0x00007f7f734b4000)
- /lib64/ld-linux-x86-64.so.2 (0x00007f7f757fd000)
+ linux-vdso.so.1 => (0x00007fff575c1000)
+ libssl3.so => /usr/lib64/libssl3.so (0x00007f7f753b1000)
+ libsmime3.so => /usr/lib64/libsmime3.so (0x00007f7f75189000)
+ libnss3.so => /usr/lib64/libnss3.so (0x00007f7f74e62000)
+ libnssutil3.so => /usr/lib64/libnssutil3.so (0x00007f7f74c36000)
+ libplds4.so => /usr/lib64/libplds4.so (0x00007f7f74a31000)
+ libplc4.so => /usr/lib64/libplc4.so (0x00007f7f7482c000)
+ libnspr4.so => /usr/lib64/libnspr4.so (0x00007f7f745ed000)
+ libpthread.so.0 => /usr/lib64/libpthread.so.0 (0x00007f7f743d0000)
+ libdl.so.2 => /usr/lib64/libdl.so.2 (0x00007f7f741cc000)
+ libgthread-2.0.so.0 => /usr/lib64/libgthread-2.0.so.0 (0x00007f7f73fca000)
+ libglib-2.0.so.0 => /usr/lib64/libglib-2.0.so.0 (0x00007f7f73c90000)
+ libc.so.6 => /usr/lib64/libc.so.6 (0x00007f7f738d3000)
+ libz.so.1 => /usr/lib64/libz.so.1 (0x00007f7f736bd000)
+ librt.so.1 => /usr/lib64/librt.so.1 (0x00007f7f734b4000)
+ /lib64/ld-linux-x86-64.so.2 (0x00007f7f757fd000)
Signed-off-by: Daniel P. Berrange
Cc:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libcacard-2.5.2/Makefile.in new/libcacard-2.5.3/Makefile.in
--- old/libcacard-2.5.2/Makefile.in 2015-12-08 15:51:57.000000000 +0100
+++ new/libcacard-2.5.3/Makefile.in 2017-03-01 16:35:29.000000000 +0100
@@ -1632,7 +1632,7 @@
! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \
|| chmod -R a+r "$(distdir)"
dist-gzip: distdir
- tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz
+ tardir=$(distdir) && $(am__tar) | eval GZIP= gzip $(GZIP_ENV) -c >$(distdir).tar.gz
$(am__post_remove_distdir)
dist-bzip2: distdir
@@ -1657,7 +1657,7 @@
@echo WARNING: "Support for shar distribution archives is" \
"deprecated." >&2
@echo WARNING: "It will be removed altogether in Automake 2.0" >&2
- shar $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz
+ shar $(distdir) | eval GZIP= gzip $(GZIP_ENV) -c >$(distdir).shar.gz
$(am__post_remove_distdir)
dist-zip: distdir
@@ -1675,7 +1675,7 @@
distcheck: dist
case '$(DIST_ARCHIVES)' in \
*.tar.gz*) \
- GZIP=$(GZIP_ENV) gzip -dc $(distdir).tar.gz | $(am__untar) ;;\
+ eval GZIP= gzip $(GZIP_ENV) -dc $(distdir).tar.gz | $(am__untar) ;;\
*.tar.bz2*) \
bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\
*.tar.lz*) \
@@ -1685,7 +1685,7 @@
*.tar.Z*) \
uncompress -c $(distdir).tar.Z | $(am__untar) ;;\
*.shar.gz*) \
- GZIP=$(GZIP_ENV) gzip -dc $(distdir).shar.gz | unshar ;;\
+ eval GZIP= gzip $(GZIP_ENV) -dc $(distdir).shar.gz | unshar ;;\
*.zip*) \
unzip $(distdir).zip ;;\
esac
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libcacard-2.5.2/NEWS new/libcacard-2.5.3/NEWS
--- old/libcacard-2.5.2/NEWS 2015-12-03 15:33:52.000000000 +0100
+++ new/libcacard-2.5.3/NEWS 2017-03-01 13:44:13.000000000 +0100
@@ -1,3 +1,12 @@
+v2.5.3
+======
+
+- fix memory leak in vcard_apdu_new
+- do not fail, if the caller didn't pick up response
+ from previous call (to please opensc)
+- some scan-build errors fixed
+
+
v2.5.2
======
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libcacard-2.5.2/configure new/libcacard-2.5.3/configure
--- old/libcacard-2.5.2/configure 2015-12-08 15:51:56.000000000 +0100
+++ new/libcacard-2.5.3/configure 2017-03-01 16:35:27.000000000 +0100
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for libcacard 2.5.2.
+# Generated by GNU Autoconf 2.69 for libcacard 2.5.3.
#
# Report bugs to .
#
@@ -590,8 +590,8 @@
# Identity of this package.
PACKAGE_NAME='libcacard'
PACKAGE_TARNAME='libcacard'
-PACKAGE_VERSION='2.5.2'
-PACKAGE_STRING='libcacard 2.5.2'
+PACKAGE_VERSION='2.5.3'
+PACKAGE_STRING='libcacard 2.5.3'
PACKAGE_BUGREPORT='spice-devel@lists.freedesktop.org'
PACKAGE_URL=''
@@ -1365,7 +1365,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures libcacard 2.5.2 to adapt to many kinds of systems.
+\`configure' configures libcacard 2.5.3 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1435,7 +1435,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of libcacard 2.5.2:";;
+ short | recursive ) echo "Configuration of libcacard 2.5.3:";;
esac
cat <<\_ACEOF
@@ -1574,7 +1574,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-libcacard configure 2.5.2
+libcacard configure 2.5.3
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1852,7 +1852,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by libcacard $as_me 2.5.2, which was
+It was created by libcacard $as_me 2.5.3, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -2732,7 +2732,7 @@
# Define the identity of the package.
PACKAGE='libcacard'
- VERSION='2.5.2'
+ VERSION='2.5.3'
cat >>confdefs.h <<_ACEOF
@@ -14674,7 +14674,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by libcacard $as_me 2.5.2, which was
+This file was extended by libcacard $as_me 2.5.3, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -14740,7 +14740,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-libcacard config.status 2.5.2
+libcacard config.status 2.5.3
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libcacard-2.5.2/src/card_7816.c new/libcacard-2.5.3/src/card_7816.c
--- old/libcacard-2.5.2/src/card_7816.c 2015-11-19 17:18:43.000000000 +0100
+++ new/libcacard-2.5.3/src/card_7816.c 2017-02-22 08:52:37.000000000 +0100
@@ -341,12 +341,12 @@
new_apdu->a_len = len;
*status = vcard_apdu_set_class(new_apdu);
if (*status != VCARD7816_STATUS_SUCCESS) {
- g_free(new_apdu);
+ vcard_apdu_delete(new_apdu);
return NULL;
}
*status = vcard_apdu_set_length(new_apdu);
if (*status != VCARD7816_STATUS_SUCCESS) {
- g_free(new_apdu);
+ vcard_apdu_delete(new_apdu);
new_apdu = NULL;
}
return new_apdu;
@@ -732,11 +732,9 @@
}
buffer_response = vcard_get_buffer_response(card);
if (buffer_response && apdu->a_ins != VCARD7816_INS_GET_RESPONSE) {
- /* clear out buffer_response, return an error */
+ /* clear out buffer_response, do not return an error */
vcard_set_buffer_response(card, NULL);
vcard_buffer_response_delete(buffer_response);
- *response = vcard_make_response(VCARD7816_STATUS_EXC_ERROR);
- return VCARD_DONE;
}
status = vcard_process_applet_apdu(card, apdu, response);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libcacard-2.5.2/src/vcard_emul_nss.c new/libcacard-2.5.3/src/vcard_emul_nss.c
--- old/libcacard-2.5.2/src/vcard_emul_nss.c 2015-11-19 12:51:44.000000000 +0100
+++ new/libcacard-2.5.3/src/vcard_emul_nss.c 2016-03-03 13:14:24.000000000 +0100
@@ -1266,6 +1266,10 @@
args++;
db = args;
args = strpbrk(args, "\"\n");
+ if (args == NULL) {
+ fprintf(stderr, "Error: invalid db argument.\n");
+ return NULL;
+ }
opts->nss_db = g_strndup(db, args-db);
if (*args != 0) {
args++;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libcacard-2.5.2/src/vscclient.c new/libcacard-2.5.3/src/vscclient.c
--- old/libcacard-2.5.2/src/vscclient.c 2015-11-19 12:51:44.000000000 +0100
+++ new/libcacard-2.5.3/src/vscclient.c 2016-03-03 13:14:24.000000000 +0100
@@ -679,6 +679,8 @@
#endif
while ((c = getopt(argc, argv, "c:e:d:")) != -1) {
+ assert(optarg != NULL);
+
switch (c) {
case 'c':
if (cert_count >= MAX_CERTS) {