!31 [sync] PR-28: 修复fuzz测试中遇到内存未做初始化的错误

From: @openeuler-sync-bot Reviewed-by: @caodongxia Signed-off-by: @caodongxia
2023-03-13 08:08:39 +00:00 · 2023-03-13 08:08:39 +00:00 · 8be2879fd0
commit 8be2879fd0
parent 574c658719 1bfbbb8fc2
2 changed files with 18 additions and 1 deletions
--- a/fix-memory-uninitialized-in-fuzz-testcase.patch
+++ b/fix-memory-uninitialized-in-fuzz-testcase.patch
@ -0,0 +1,13 @@
+diff --git a/sds.c b/sds.c
+index 49d2096..9d46dc4 100644
+--- a/sds.c
+++ b/sds.c
+@@ -513,7 +513,7 @@ sds sdscatvprintf(sds s, const char *fmt, va_list ap) {
+     } else {
+         buflen = sizeof(staticbuf);
+     }
+-
+    memset(buf, 0, buflen);
+     /* Try with buffers two times bigger every time we fail to
+      * fit the string in the current buffer size. */
+     while(1) {
--- a/hiredis.spec
+++ b/hiredis.spec
@ -1,6 +1,6 @@
 Name:           hiredis
 Version:        1.0.2
-Release:        2
+Release:        3
 Summary:        A minimalistic C client library for the Redis database
 License:        BSD
 URL:            https://github.com/redis/hiredis
@ -8,6 +8,7 @@ Source0:        https://github.com/redis/hiredis/archive/refs/tags/v%{version}.t
 BuildRequires:  gcc redis

 Patch0001:      fix-heap-buffer-overflow-in-redisvFormatCommand.patch
+Patch0002:      fix-memory-uninitialized-in-fuzz-testcase.patch

 %description
 Hiredis is a minimalistic C client library for the Redis database.
@ -60,6 +61,9 @@ make check || true
 %{_libdir}/pkgconfig/hiredis.pc

 %changelog
+* Fri Dec 16 2022 xu_ping <xuping33@h-partners.com> - 1.0.2-3
+- fix memory uninitialized in fuzz testcase
+
 * Tue May 24 2022 loong_C <loong_c@yeah.net> - 1.0.2-2
 - fix spec changelog date