packages/rpm
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!349 [sync] PR-348: backport some patches from upstream

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @xujing99 
Signed-off-by: @xujing99
This commit is contained in:
openeuler-ci-bot 2024-07-23 03:07:34 +00:00 committed by Gitee
commit d9f58c1a46
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
5 changed files with 145 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
backport-Fix-an-ancient-memleak-on-caps-parsing-add-tests.patch Normal file
View File

@ -0,0 +1,36 @@
From a385821780804b558ae18aec820d127e4144fafd Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Thu, 11 Apr 2024 12:08:04 +0300
Subject: [PATCH] Fix an ancient memleak on %caps() parsing, add tests
Conflict:don't modify tests because the test framework is changed and
the test case depends on the gcc, the current test framework reports an
error indicating that the gcc cannot be found.
Reference:https://github.com/rpm-software-management/rpm/commit/a385821780804b558ae18aec820d127e4144fafd
This leak has been there ever since rpm 4.7.0, so pretty close to 15
years. ASAN would've caught it, if it had it been tested. Oops.
Of course, in the fakechroot era we couldn't have tested installation
but we could've at least tested the parsing side.
Add tests for parsing, query and install functionality, and fix the
leak that is now very visible.
---
build/files.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/build/files.c b/build/files.c
index 14e4c55ef..b059458a1 100644
--- a/build/files.c
+++ b/build/files.c
@@ -228,6 +228,7 @@ static void copyFileEntry(FileEntry src, FileEntry dest)
static void FileEntryFree(FileEntry entry)
{
argvFree(entry->langs);
+ free(entry->caps);
memset(entry, 0, sizeof(*entry));
}
--
2.33.0

31
backport-Fix-pointer-bogosity-in-rpmlog-callback.patch Normal file
View File

@ -0,0 +1,31 @@
From f8a72afbdb560dc534ca1ff390bc54e01d1144a6 Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Mon, 8 Apr 2024 14:41:48 +0300
Subject: [PATCH] Fix pointer bogosity in rpmlog callback
Conflict:NA
Reference:https://github.com/rpm-software-management/rpm/commit/f8a72afbdb560dc534ca1ff390bc54e01d1144a6
rpmlogCallbackData is already a pointer type, we don't want a pointer
to a pointer for this. Kinda surprising it actually worked, but then
it's just a void pointer so...
---
rpmio/rpmlog.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/rpmio/rpmlog.c b/rpmio/rpmlog.c
index 2bb5ab0e3..3ccbe2692 100644
--- a/rpmio/rpmlog.c
+++ b/rpmio/rpmlog.c
@@ -382,7 +382,7 @@ static void dolog(struct rpmlogRec_s *rec, int saverec)
int cbrc = RPMLOG_DEFAULT;
int needexit = 0;
FILE *clog = NULL;
- rpmlogCallbackData *cbdata = NULL;
+ rpmlogCallbackData cbdata = NULL;
rpmlogCallback cbfunc = NULL;
rpmlogCtx ctx = rpmlogCtxAcquire(saverec);
--
2.33.0

35
backport-Fix-potential-use-of-uninitialized-pgp-struct.patch Normal file
View File

@ -0,0 +1,35 @@
From 1b90b8c7d176026b669ce28c6e185724a4b208b0 Mon Sep 17 00:00:00 2001
From: Michal Domonkos <mdomonko@redhat.com>
Date: Fri, 7 Jun 2024 10:14:25 +0200
Subject: [PATCH] Fix potential use of uninitialized pgp struct
Conflict:NA
Reference:https://github.com/rpm-software-management/rpm/commit/1b90b8c7d176026b669ce28c6e185724a4b208b0
We only call initPgpData() after base64 encoding the pubkey so if the
latter fails, the kd struct will be left uninitialized and subsequently
read from after skipping to the exit label. Fix by initializing it.
Found by Coverity.
Fixes: RHEL-22605
---
lib/rpmts.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lib/rpmts.c b/lib/rpmts.c
index 3070b97e6..76964c60a 100644
--- a/lib/rpmts.c
+++ b/lib/rpmts.c
@@ -508,6 +508,8 @@ static int makePubkeyHeader(rpmts ts, rpmPubkey key, rpmPubkey *subkeys,
int rc = -1;
int i;
+ memset(&kd, 0, sizeof(kd));
+
if ((enc = rpmPubkeyBase64(key)) == NULL)
goto exit;
--
2.33.0

35
backport-Fix-potential-use-of-uninitialized-pipe-array.patch Normal file
View File

@ -0,0 +1,35 @@
From bff65aad8af719542c7b0c6429e09223c014a909 Mon Sep 17 00:00:00 2001
From: Michal Domonkos <mdomonko@redhat.com>
Date: Thu, 6 Jun 2024 09:15:02 +0200
Subject: [PATCH] Fix potential use of uninitialized pipe array
Conflict:NA
Reference:https://github.com/rpm-software-management/rpm/commit/bff65aad8af719542c7b0c6429e09223c014a909
We only call pipe(2) after the script is written to disk so if the
latter fails, the array will be left uninitialized and subsequently read
after skipping to the exit label. Fix by initializing it.
Found by Coverity.
Fixes: RHEL-22604
---
lib/rpmscript.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/rpmscript.c b/lib/rpmscript.c
index 281c55c53..1de4acf8e 100644
--- a/lib/rpmscript.c
+++ b/lib/rpmscript.c
@@ -316,7 +316,7 @@ static rpmRC runExtScript(rpmPlugins plugins, ARGV_const_t prefixes,
char * fn = NULL;
pid_t pid, reaped;
int status;
- int inpipe[2];
+ int inpipe[2] = { -1, -1 };
FILE *in = NULL;
const char *line;
char *mline = NULL;
--
2.33.0

9
rpm.spec
View File

@ -1,6 +1,6 @@
Name: rpm Name: rpm
Version: 4.17.0 Version: 4.17.0
Release: 39 Release: 40
Summary: RPM Package Manager Summary: RPM Package Manager
License: GPLv2+ License: GPLv2+
URL: http://www.rpm.org/ URL: http://www.rpm.org/
@ -121,6 +121,10 @@ Patch6089: backport-Fix-an-enum-int-type-mismatch-in-rpmfiArchiveReadToF.patch
Patch6090: backport-Fix-an-enum-int-type-mismatch-in-transaction-verify-.patch Patch6090: backport-Fix-an-enum-int-type-mismatch-in-transaction-verify-.patch
Patch6091: backport-Fix-enum-type-mismatch-in-rpmTagGetValue.patch Patch6091: backport-Fix-enum-type-mismatch-in-rpmTagGetValue.patch
Patch6092: backport-Don-t-segfault-on-missing-priority-tag.patch Patch6092: backport-Don-t-segfault-on-missing-priority-tag.patch
Patch6093: backport-Fix-pointer-bogosity-in-rpmlog-callback.patch
Patch6094: backport-Fix-an-ancient-memleak-on-caps-parsing-add-tests.patch
Patch6095: backport-Fix-potential-use-of-uninitialized-pipe-array.patch
Patch6096: backport-Fix-potential-use-of-uninitialized-pgp-struct.patch
BuildRequires: gcc autoconf automake libtool make gawk popt-devel openssl-devel readline-devel BuildRequires: gcc autoconf automake libtool make gawk popt-devel openssl-devel readline-devel
BuildRequires: zlib-devel zstd-devel >= 1.3.8 xz-devel bzip2-devel libarchive-devel ima-evm-utils-devel BuildRequires: zlib-devel zstd-devel >= 1.3.8 xz-devel bzip2-devel libarchive-devel ima-evm-utils-devel
@ -411,6 +415,9 @@ make check || (cat tests/rpmtests.log; exit 0)
%{_mandir}/man1/gendiff.1* %{_mandir}/man1/gendiff.1*
%changelog %changelog
* Mon Jul 22 2024 gengqihu <gengqihu2@h-partners.com> - 4.17.0-40
- Backport some patches from upstream
* Fri Jul 05 2024 luhuaxin <luhuaxin1@huawei.com> - 4.17.0-39 * Fri Jul 05 2024 luhuaxin <luhuaxin1@huawei.com> - 4.17.0-39
- IMA digest list plugin support signature within IMA header - IMA digest list plugin support signature within IMA header