File _service:obs_scm:backport-workaround-coverity-w... of Package libnl3

File _service:obs_scm:backport-workaround-coverity-warning-about-time_t-handling.patch of Package libnl3

From 4fcb075720ed3beea4ceee3f679305caacd0f51b Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Mon, 4 Dec 2023 11:22:38 +0100
Subject: [PATCH] socket: workaround coverity warning about time_t handling

Coverity really wants to warn if a time_t is cast to 32 bits.
We use time() here to get (some very bad) randomness. The loss
of the upper bits is the least of the problems.

Work around the coverity warning by also the higher bits.

Error: Y2K38_SAFETY (CWE-197): [#def12]
  libnl-3.8.0/lib/socket.c:76: store_truncates_time_t: A "time_t" value is stored in an integer with too few bits to accommodate it.  The expression "time(NULL)" is cast to "uint32_t".
  #   74|
  #   75|   	if (idx_state == 0) {
  #   76|-> 		uint32_t t = (uint32_t) time(NULL);
  #   77|
  #   78|   		/* from time to time (on average each 2^15 calls), the idx_state will

Error: Y2K38_SAFETY (CWE-197): [#def13]
  libnl-3.8.0/lib/socket.c:193: store_truncates_time_t: A "time_t" value is stored in an integer with too few bits to accommodate it.  The expression "time(NULL)" is cast to "unsigned int".
  #  191|   	sk->s_local.nl_family = AF_NETLINK;
  #  192|   	sk->s_peer.nl_family = AF_NETLINK;
  #  193|-> 	sk->s_seq_next = (unsigned int) time(NULL);
  #  194|   	sk->s_seq_expect = sk->s_seq_next;
  #  195|

Conflict:patch for explicitly cast time() to uint32_t at 57e0170 is not incorporated
Reference:https://github.com/thom311/libnl/commit/4fcb075720ed3beea4ceee3f679305caacd0f51b

---
 lib/socket.c | 23 +++++++++++++++++++++--
 1 file changed, 21 insertions(+), 2 deletions(-)

diff --git a/lib/socket.c b/lib/socket.c
index 99cd36d..778230b 100644
--- a/lib/socket.c
+++ b/lib/socket.c
@@ -54,6 +54,24 @@ static void __init init_default_cb(void)
 	}
 }
 
+static uint32_t _badrandom_from_time(void)
+{
+	uint32_t result;
+	uint64_t v64;
+	time_t t;
+
+	t = time(NULL);
+	v64 = (uint64_t)t;
+	result = (uint32_t)v64;
+
+	/* XOR with the upper bits. Otherwise, coverity warns about only
+	 * considering 32 bit from time_t.  Use the inverse, so that for the
+	 * most part the bits don't change.  */
+	result ^= (~(v64 >> 32));
+
+	return result;
+}
+
 static uint32_t used_ports_map[32];
 static NL_RW_LOCK(port_map_lock);
 
@@ -67,7 +85,7 @@ static uint32_t generate_local_port(void)
 	nl_write_lock(&port_map_lock);
 
 	if (idx_state == 0) {
-		uint32_t t = time(NULL);
+		uint32_t t = _badrandom_from_time();
 
 		/* from time to time (on average each 2^15 calls), the idx_state will
 		 * be zero again. No problem, just "seed" anew with time(). */
@@ -184,7 +202,8 @@ static struct nl_sock *__alloc_socket(struct nl_cb *cb)
 	sk->s_cb = nl_cb_get(cb);
 	sk->s_local.nl_family = AF_NETLINK;
 	sk->s_peer.nl_family = AF_NETLINK;
-	sk->s_seq_expect = sk->s_seq_next = time(NULL);
+	sk->s_seq_next = _badrandom_from_time();
+	sk->s_seq_expect = sk->s_seq_next;
 
 	/* the port is 0 (unspecified), meaning NL_OWN_PORT */
 	sk->s_flags = NL_OWN_PORT;
-- 
2.33.0