sync some patches

(cherry picked from commit 25c5d27a3a8da1eaa972656018ac908f0adc4f69)

0003-setcifsacl-fix-comparison-of-actions-reported-by-cov.patch

@@ -0,0 +1,26 @@
+From 4ad2c50f8f22968abe84a84ef49d37806731b20e Mon Sep 17 00:00:00 2001
+From: Alexander Bokovoy <ab@samba.org>
+Date: Wed, 16 Feb 2022 13:58:24 +0200
+Subject: [PATCH] setcifsacl: fix comparison of actions reported by covscan
+
+Signed-off-by: Alexander Bokovoy <ab@samba.org>
+---
+ setcifsacl.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/setcifsacl.c b/setcifsacl.c
+index 9840b14..c0ecd41 100644
+--- a/setcifsacl.c
++++ b/setcifsacl.c
+@@ -1497,7 +1497,7 @@ cifsacl:
+ 
+ 		numfaces = get_numfaces((struct cifs_ntsd *)attrval, attrlen,
+ 				&aclptr, ace_kind);
+-		if (!numfaces && (maction != ActAdd || maction != ActAddReorder)) {
++		if (!numfaces && (maction != ActAdd && maction != ActAddReorder)) {
+ 			/* if we are not adding aces */
+ 			fprintf(stderr, "%s: Empty DACL\n", __func__);
+ 			goto setcifsacl_facenum_ret;
+-- 
+2.33.0
+

0004-cifs-utils-work-around-missing-krb5_free_string-in-H.patch

@@ -0,0 +1,55 @@
+From 5e5aa507f4c4954ed537a7dfc75cf69915727757 Mon Sep 17 00:00:00 2001
+From: atheik <atteh.mailbox@gmail.com>
+Date: Sat, 5 Mar 2022 00:24:49 +0200
+Subject: [PATCH] cifs-utils: work around missing krb5_free_string in Heimdal
+
+The krb5_free_string function is not present in Heimdal and instead
+krb5_xfree should be used for freeing the string allocation done by
+krb5_cc_get_full_name. Heimdal documentation does specify that
+krb5_xfree should be used here and krb5_unparse_name is freed with
+just free.
+
+Signed-off-by: atheik <atteh.mailbox@gmail.com>
+---
+ cifs.upcall.c | 8 ++++++++
+ configure.ac  | 5 +++++
+ 2 files changed, 13 insertions(+)
+
+diff --git a/cifs.upcall.c b/cifs.upcall.c
+index 7a8c374..bf4eb5d 100644
+--- a/cifs.upcall.c
++++ b/cifs.upcall.c
+@@ -190,6 +190,14 @@ static void krb5_free_unparsed_name(krb5_context context, char *val)
+ }
+ #endif
+ 
++#if !defined(HAVE_KRB5_FREE_STRING)	/* Heimdal */
++static void krb5_free_string(krb5_context context, char *val)
++{
++	(void)context;
++	krb5_xfree(val);
++}
++#endif
++
+ #if !defined(HAVE_KRB5_AUTH_CON_GETSENDSUBKEY)	/* Heimdal */
+ static krb5_error_code
+ krb5_auth_con_getsendsubkey(krb5_context context,
+diff --git a/configure.ac b/configure.ac
+index 19fb3d0..2b1aae6 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -256,6 +256,11 @@ if test $enable_cifsupcall != "no"; then
+ 	AC_CHECK_FUNCS([krb5_auth_con_setaddrs krb5_auth_con_set_req_cksumtype])
+ fi
+ 
++# determine how to free a string allocated by a krb5 function
++if test $enable_cifsupcall != "no"; then
++	AC_CHECK_FUNCS([krb5_free_string])
++fi
++
+ if test $enable_systemd != "no"; then
+ 	AC_DEFINE(ENABLE_SYSTEMD, 1, [Enable systemd specific behavior for mount.cifs])
+ fi
+-- 
+2.33.0
+

cifs-utils.spec

@@ -1,6 +1,6 @@
 Name:           cifs-utils
 Version:        6.14
-Release:        3
+Release:        4
 Summary:        Utilities for doing and managing mounts of the Linux CIFS filesystem
 License:        GPLv3+
 URL:            http://linux-cifs.samba.org/cifs-utils/
@@ -14,6 +14,8 @@ Requires:       keyutils
 
 Patch1:	0001-CVE-2022-27239.patch
 Patch2: 0002-CVE-2022-29869.patch
+Patch3: 0003-setcifsacl-fix-comparison-of-actions-reported-by-cov.patch
+Patch4: 0004-cifs-utils-work-around-missing-krb5_free_string-in-H.patch
 
 %description
 The in-kernel CIFS filesystem is generally the preferred method for mounting
@@ -78,6 +80,9 @@ install -m 644 contrib/request-key.d/cifs.spnego.conf %{buildroot}%{_sysconfdir}
 %{_mandir}/man8/*
 
 %changelog
+* Thu Jun 8 2023 volcanodragon <linfeilong@huawei.com> - 6.14-4
+- Sync some patches
+
 * Thu May 5 2022 yanglongkang <yanglongkang@h-partners.com> - 6.14-3
 - Fix CVE-2022-27239 and CVE-2022-29869