Projects
Mega:24.09
rpm
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 2
View file
_service:tar_scm:rpm.spec
Changed
@@ -1,6 +1,6 @@ Name: rpm Version: 4.18.2 -Release: 6 +Release: 8 Summary: RPM Package Manager License: GPLv2+ URL: http://www.rpm.org/ @@ -32,6 +32,13 @@ Patch6011: backport-Fix-an-enum-int-type-mismatch-in-rpmfiArchiveReadToF.patch Patch6012: backport-Fix-an-enum-int-type-mismatch-in-transaction-verify-.patch Patch6013: backport-Fix-enum-type-mismatch-in-rpmTagGetValue.patch +Patch6014: backport-Free-old-cookie-value-to-prevent-a-memory-leak.patch +Patch6015: backport-Fix-pointer-bogosity-in-rpmlog-callback.patch +Patch6016: backport-Fix-an-ancient-memleak-on-caps-parsing-add-tests.patch +Patch6017: backport-Fix-potential-use-of-uninitialized-pipe-array.patch +Patch6018: backport-Fix-potential-use-of-uninitialized-pgp-struct.patch +Patch6019: backport-Use-unsigned-integers-more-consistently-in-the-handl.patch +Patch6020: backport-Use-proper-type-for-copyTagsFromMainDebug.patch Patch9000: Add-digest-list-plugin.patch Patch9001: Add-IMA-digest-list-support.patch @@ -330,6 +337,12 @@ %exclude %{_mandir}/man8/rpmspec.8.gz %changelog +* Wed Jul 24 2024 gengqihu<gengqihu2@h-partners.com> - 4.18.2-8 +- Backport some patches from upstream + +* Tue Jul 23 2024 zhangxingrong<zhangxingrong@uniontech.cn> - 4.18.2-7 +- Free old cookie value to prevent a memory leak + * Mon Jun 3 2024 gengqihu<gengqihu2@h-partners.com> - 4.18.2-6 - Backport some patches from upstream
View file
_service:tar_scm:backport-Fix-an-ancient-memleak-on-caps-parsing-add-tests.patch
Added
@@ -0,0 +1,34 @@ +From a385821780804b558ae18aec820d127e4144fafd Mon Sep 17 00:00:00 2001 +From: Panu Matilainen <pmatilai@redhat.com> +Date: Thu, 11 Apr 2024 12:08:04 +0300 +Subject: PATCH Fix an ancient memleak on %caps() parsing, add tests + +Conflict:don't modify tests because the test case depends on the gcc. +Reference:https://github.com/rpm-software-management/rpm/commit/a385821780804b558ae18aec820d127e4144fafd + +This leak has been there ever since rpm 4.7.0, so pretty close to 15 +years. ASAN would've caught it, if it had it been tested. Oops. +Of course, in the fakechroot era we couldn't have tested installation +but we could've at least tested the parsing side. + +Add tests for parsing, query and install functionality, and fix the +leak that is now very visible. +--- + build/files.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/build/files.c b/build/files.c +index 14e4c55ef..b059458a1 100644 +--- a/build/files.c ++++ b/build/files.c +@@ -228,6 +228,7 @@ static void copyFileEntry(FileEntry src, FileEntry dest) + static void FileEntryFree(FileEntry entry) + { + argvFree(entry->langs); ++ free(entry->caps); + memset(entry, 0, sizeof(*entry)); + } + +-- +2.33.0 +
View file
_service:tar_scm:backport-Fix-pointer-bogosity-in-rpmlog-callback.patch
Added
@@ -0,0 +1,31 @@ +From f8a72afbdb560dc534ca1ff390bc54e01d1144a6 Mon Sep 17 00:00:00 2001 +From: Panu Matilainen <pmatilai@redhat.com> +Date: Mon, 8 Apr 2024 14:41:48 +0300 +Subject: PATCH Fix pointer bogosity in rpmlog callback + +Conflict:NA +Reference:https://github.com/rpm-software-management/rpm/commit/f8a72afbdb560dc534ca1ff390bc54e01d1144a6 + +rpmlogCallbackData is already a pointer type, we don't want a pointer +to a pointer for this. Kinda surprising it actually worked, but then +it's just a void pointer so... +--- + rpmio/rpmlog.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/rpmio/rpmlog.c b/rpmio/rpmlog.c +index 2bb5ab0e3..3ccbe2692 100644 +--- a/rpmio/rpmlog.c ++++ b/rpmio/rpmlog.c +@@ -382,7 +382,7 @@ static void dolog(struct rpmlogRec_s *rec, int saverec) + int cbrc = RPMLOG_DEFAULT; + int needexit = 0; + FILE *clog = NULL; +- rpmlogCallbackData *cbdata = NULL; ++ rpmlogCallbackData cbdata = NULL; + rpmlogCallback cbfunc = NULL; + rpmlogCtx ctx = rpmlogCtxAcquire(saverec); + +-- +2.33.0 +
View file
_service:tar_scm:backport-Fix-potential-use-of-uninitialized-pgp-struct.patch
Added
@@ -0,0 +1,35 @@ +From 1b90b8c7d176026b669ce28c6e185724a4b208b0 Mon Sep 17 00:00:00 2001 +From: Michal Domonkos <mdomonko@redhat.com> +Date: Fri, 7 Jun 2024 10:14:25 +0200 +Subject: PATCH Fix potential use of uninitialized pgp struct + +Conflict:NA +Reference:https://github.com/rpm-software-management/rpm/commit/1b90b8c7d176026b669ce28c6e185724a4b208b0 + +We only call initPgpData() after base64 encoding the pubkey so if the +latter fails, the kd struct will be left uninitialized and subsequently +read from after skipping to the exit label. Fix by initializing it. + +Found by Coverity. + +Fixes: RHEL-22605 +--- + lib/rpmts.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/lib/rpmts.c b/lib/rpmts.c +index 3070b97e6..76964c60a 100644 +--- a/lib/rpmts.c ++++ b/lib/rpmts.c +@@ -508,6 +508,8 @@ static int makePubkeyHeader(rpmts ts, rpmPubkey key, rpmPubkey *subkeys, + int rc = -1; + int i; + ++ memset(&kd, 0, sizeof(kd)); ++ + if ((enc = rpmPubkeyBase64(key)) == NULL) + goto exit; + +-- +2.33.0 +
View file
_service:tar_scm:backport-Fix-potential-use-of-uninitialized-pipe-array.patch
Added
@@ -0,0 +1,35 @@ +From bff65aad8af719542c7b0c6429e09223c014a909 Mon Sep 17 00:00:00 2001 +From: Michal Domonkos <mdomonko@redhat.com> +Date: Thu, 6 Jun 2024 09:15:02 +0200 +Subject: PATCH Fix potential use of uninitialized pipe array + +Conflict:NA +Reference:https://github.com/rpm-software-management/rpm/commit/bff65aad8af719542c7b0c6429e09223c014a909 + +We only call pipe(2) after the script is written to disk so if the +latter fails, the array will be left uninitialized and subsequently read +after skipping to the exit label. Fix by initializing it. + +Found by Coverity. + +Fixes: RHEL-22604 +--- + lib/rpmscript.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/rpmscript.c b/lib/rpmscript.c +index 281c55c53..1de4acf8e 100644 +--- a/lib/rpmscript.c ++++ b/lib/rpmscript.c +@@ -316,7 +316,7 @@ static rpmRC runExtScript(rpmPlugins plugins, ARGV_const_t prefixes, + char * fn = NULL; + pid_t pid, reaped; + int status; +- int inpipe2; ++ int inpipe2 = { -1, -1 }; + FILE *in = NULL; + const char *line; + char *mline = NULL; +-- +2.33.0 +
View file
_service:tar_scm:backport-Free-old-cookie-value-to-prevent-a-memory-leak.patch
Added
@@ -0,0 +1,28 @@ +From 1849c99826fdc64e8bd0847675e28e2619c64de6 Mon Sep 17 00:00:00 2001 +From: Florian Festi <ffesti@redhat.com> +Date: Mon, 13 May 2024 15:42:07 +0200 +Subject: PATCH Free old cookie value to prevent a memory leak + +This keeps the old behaviour of overriding the cookie. This may not me +correct as the code looks like it reads the cookie from the srpm when +doing rpmbuild --rebuild for the purpose of preserving it. Otoh the +current behaviour with overriding it even in this case has been around +for years. This whole cookie business seems to have some other issues, +too, and needs further investigation. Here we are only trying to fix the +memory leak. +--- + build/pack.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/build/pack.c b/build/pack.c +index 4318a6132f..e87d66deb6 100644 +--- a/build/pack.c ++++ b/build/pack.c +@@ -472,6 +472,7 @@ static rpmRC writeRPM(Package pkg, unsigned char ** pkgidp, + + /* Create and add the cookie */ + if (cookie) { ++ free(*cookie); + rasprintf(cookie, "%s %d", buildHost, buildTime); + headerPutString(pkg->header, RPMTAG_COOKIE, *cookie); + }
View file
_service:tar_scm:backport-Use-proper-type-for-copyTagsFromMainDebug.patch
Added
@@ -0,0 +1,30 @@ +From 42694806bf73b07514554233d0d58d17a58cd863 Mon Sep 17 00:00:00 2001 +From: Panu Matilainen <pmatilai@redhat.com> +Date: Thu, 9 Feb 2023 13:05:24 +0200 +Subject: PATCH Use proper type for copyTagsFromMainDebug + +Conflict:NA +Reference:https://github.com/rpm-software-management/rpm/commit/42694806bf73b07514554233d0d58d17a58cd863 + +The array contains a non-enum value (0), this is why headerCopyTags() +uses rpmTagVal pointer, not rpmTag. +--- + build/files.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/build/files.c b/build/files.c +index 666c66651..24b4d80bf 100644 +--- a/build/files.c ++++ b/build/files.c +@@ -2858,7 +2858,7 @@ exit: + return rc; + } + +-static rpmTag copyTagsFromMainDebug = { ++static rpmTagVal copyTagsFromMainDebug = { + RPMTAG_ARCH, + RPMTAG_SUMMARY, + RPMTAG_DESCRIPTION, +-- +2.33.0 +
View file
_service:tar_scm:backport-Use-unsigned-integers-more-consistently-in-the-handl.patch
Added
@@ -0,0 +1,66 @@ +From 8e6108a5964c7289f3db70f3d188293276416528 Mon Sep 17 00:00:00 2001 +From: Daniel Alley <dalley@redhat.com> +Date: Thu, 8 Dec 2022 09:40:00 -0500 +Subject: PATCH Use unsigned integers more consistently in the handling of + tag data + +Conflict:NA +Reference:https://github.com/rpm-software-management/rpm/commit/8e6108a5964c7289f3db70f3d188293276416528 + +Not a functional change, it just makes the code more clear and +self-consistent. +--- + lib/header.c | 16 ++++++++-------- + 1 file changed, 8 insertions(+), 8 deletions(-) + +diff --git a/lib/header.c b/lib/header.c +index 004102dd2..72fb3d4fe 100644 +--- a/lib/header.c ++++ b/lib/header.c +@@ -568,7 +568,7 @@ static int regionSwab(indexEntry entry, int il, int dl, + } + } break; + case RPM_INT32_TYPE: +- { int32_t * it = ie.data; ++ { uint32_t * it = ie.data; + for (; ie.info.count > 0; ie.info.count--, it += 1) { + if (dataEnd && ((unsigned char *)it) >= dataEnd) + return -1; +@@ -576,7 +576,7 @@ static int regionSwab(indexEntry entry, int il, int dl, + } + } break; + case RPM_INT16_TYPE: +- { int16_t * it = ie.data; ++ { uint16_t * it = ie.data; + for (; ie.info.count > 0; ie.info.count--, it += 1) { + if (dataEnd && ((unsigned char *)it) >= dataEnd) + return -1; +@@ -772,9 +772,9 @@ static void * doExport(const struct indexEntry_s *hindex, int indexUsed, + count = entry->info.count; + src = entry->data; + while (count--) { +- *((int32_t *)te) = htonl(*((int32_t *)src)); +- te += sizeof(int32_t); +- src += sizeof(int32_t); ++ *((uint32_t *)te) = htonl(*((uint32_t *)src)); ++ te += sizeof(uint32_t); ++ src += sizeof(uint32_t); + } + break; + +@@ -782,9 +782,9 @@ static void * doExport(const struct indexEntry_s *hindex, int indexUsed, + count = entry->info.count; + src = entry->data; + while (count--) { +- *((int16_t *)te) = htons(*((int16_t *)src)); +- te += sizeof(int16_t); +- src += sizeof(int16_t); ++ *((uint16_t *)te) = htons(*((uint16_t *)src)); ++ te += sizeof(uint16_t); ++ src += sizeof(uint16_t); + } + break; + +-- +2.33.0 +
View file
_service
Changed
@@ -2,7 +2,7 @@ <service name="tar_scm"> <param name="scm">git</param> <param name="url">git@gitee.com:src-openeuler/rpm.git</param> - <param name="revision">master</param> + <param name="revision">openEuler-24.09</param> <param name="exclude">*</param> <param name="extract">*</param> </service>
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2