Projects
Mega:24.09
rpm
Sign Up
Log In
Username
Password
We truncated the diff of some files because they were too big. If you want to see the full diff for every file,
click here
.
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 3
View file
_service:tar_scm:rpm.spec
Changed
@@ -1,6 +1,6 @@ Name: rpm Version: 4.18.2 -Release: 8 +Release: 14 Summary: RPM Package Manager License: GPLv2+ URL: http://www.rpm.org/ @@ -39,6 +39,12 @@ Patch6018: backport-Fix-potential-use-of-uninitialized-pgp-struct.patch Patch6019: backport-Use-unsigned-integers-more-consistently-in-the-handl.patch Patch6020: backport-Use-proper-type-for-copyTagsFromMainDebug.patch +Patch6021: backport-Reset-recursion-depth-for-error-message.patch +Patch6022: backport-Fix-division-by-zero-in-elfdeps-RhBug-2299414.patch +Patch6023: backport-Make-sure-dirs-are-not-relocated-twice.patch +Patch6024: backport-Fix-root-relocation-regression.patch +Patch6025: backport-Fix-crash-on-Lua-file-trigger-exiting-with-return-ed.patch +Patch6026: backport-Fix-V-option-usage-in-our-tests.patch Patch9000: Add-digest-list-plugin.patch Patch9001: Add-IMA-digest-list-support.patch @@ -337,6 +343,24 @@ %exclude %{_mandir}/man8/rpmspec.8.gz %changelog +* Wed Sep 4 2024 gengqihu<gengqihu2@h-partners.com> - 4.18.2-14 +- Backport some patches from upstream + +* Tue Sep 3 2024 gengqihu<gengqihu2@h-partners.com> - 4.18.2-13 +- Backport some patches from upstream + +* Thu Aug 22 2024 luhuaxin <luhuaxin1@huawei.com> - 4.18.2-12 +- Fix the calculation of hdr size + +* Tue Aug 20 2024 luhuaxin <luhuaxin1@huawei.com> - 4.18.2-11 +- Fix the wrong IMA signature header check + +* Mon Aug 19 2024 luhuaxin <luhuaxin1@huawei.com> - 4.18.2-10 +- Fix the judgement of digests count + +* Fri Aug 16 2024 luhuaxin <luhuaxin1@huawei.com> - 4.18.2-9 +- IMA digest list plugin support signature within IMA header + * Wed Jul 24 2024 gengqihu<gengqihu2@h-partners.com> - 4.18.2-8 - Backport some patches from upstream
View file
_service:tar_scm:Add-digest-list-plugin.patch
Changed
@@ -1,19 +1,20 @@ -From bc3ce3b2cb903ce0f2dca39964f11c4e79256a35 Mon Sep 17 00:00:00 2001 +From 3b2fb7d5a40d25c3295e02eb3695a45189342369 Mon Sep 17 00:00:00 2001 From: zhoushuiqing <zhoushuiqing2@huawei.com> Date: Fri, 16 Jun 2023 11:21:37 +0800 Subject: PATCH Add-digest-list-plugin +Signed-off-by: Huaxin Lu <luhuaxin1@huawei.com> --- - plugins/digest_list.c | 670 ++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 670 insertions(+) + plugins/digest_list.c | 680 ++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 680 insertions(+) create mode 100644 plugins/digest_list.c diff --git a/plugins/digest_list.c b/plugins/digest_list.c new file mode 100644 -index 0000000..70cae82 +index 0000000..715b8d6 --- /dev/null +++ b/plugins/digest_list.c -@@ -0,0 +1,670 @@ +@@ -0,0 +1,680 @@ +/* + * Copyright (C) 2020-2021 Huawei Technologies Duesseldorf GmbH + * @@ -114,22 +115,11 @@ + uint8_t sig0; /* signature payload */ +} __attribute__((packed)); + -+static int upload_digest_list(char *path, int type, int digest_list_signed) ++static int digest_list_count_is_zero(void) +{ -+ size_t size; -+ char buf21; -+ const char *ima_path = DIGEST_LIST_DATA_PATH; -+ struct stat st; -+ pid_t pid; -+ int ret = 0, fd; -+ -+ if (type == TR_REMOVED) -+ ima_path = DIGEST_LIST_DATA_DEL_PATH; -+ -+ if (stat(ima_path, &st) == -1) -+ return 0; ++ int fd = 0, ret = 0; ++ char first = 0; + -+ /* First determine if kernel interface can accept new digest lists */ + fd = open(DIGEST_LIST_COUNT, O_RDONLY); + if (fd < 0) { + rpmlog(RPMLOG_ERR, "digest_list: could not open IMA interface " @@ -137,24 +127,39 @@ + return -EACCES; + } + -+ ret = read(fd, buf, sizeof(buf)); -+ close(fd); -+ ++ ret = read(fd, &first, 1); + if (ret <= 0) { + rpmlog(RPMLOG_ERR, "digest_list: could not read from IMA " + "interface '%s': %s\n", DIGEST_LIST_COUNT, + strerror(errno)); ++ close(fd); + return -EACCES; + } + -+ /* Last character is newline */ -+ bufret - 1 = '\0'; ++ close(fd); ++ return (first == '0'); ++} + -+ rpmlog(RPMLOG_DEBUG, "digest_list: digests count %s\n", buf); ++static int upload_digest_list(char *path, int type, int digest_list_signed) ++{ ++ int ret = 0, fd = 0; ++ pid_t pid = 0; ++ size_t size = 0; ++ struct stat st; ++ const char *ima_path = NULL; + -+ if (*buf == '0') { -+ rpmlog(RPMLOG_DEBUG, "digest_list: not uploading '%s' to IMA " -+ "interface '%s'\n", path, ima_path); ++ ima_path = (type == TR_REMOVED) ? DIGEST_LIST_DATA_DEL_PATH : ++ DIGEST_LIST_DATA_PATH; ++ if (stat(ima_path, &st) == -1) { ++ rpmlog(RPMLOG_DEBUG, "digest_list: '%s' interface " ++ "not exist\n", ima_path); ++ return RPMRC_OK; ++ } ++ ++ /* First determine if kernel interface can accept new digest lists */ ++ if (digest_list_count_is_zero()) { ++ rpmlog(RPMLOG_DEBUG, "digest_list: the count is 0, not " ++ "upload '%s' to IMA interface '%s'\n", path, ima_path); + return RPMRC_OK; + } + @@ -163,7 +168,7 @@ + if (stat(RPM_PARSER, &st) == -1) { + rpmlog(RPMLOG_DEBUG, "digest_list: %s not found, " + "not uploading digest list\n", RPM_PARSER); -+ return 0; ++ return RPMRC_OK; + } + + if ((pid = fork()) == 0) { @@ -176,12 +181,13 @@ + if (ret != 0) + rpmlog(RPMLOG_ERR, "digest_list: %s returned %d\n", + RPM_PARSER, ret); -+ return 0; ++ return RPMRC_OK; + } + ++ /* If the digest list is signed, write path to the IMA interface */ + fd = open(ima_path, O_WRONLY); + if (fd < 0) { -+ rpmlog(RPMLOG_ERR, "digest_list: could not open IMA interface " ++ rpmlog(RPMLOG_ERR, "digest_list: rcould not open IMA interface " + "'%s': %s\n", ima_path, strerror(errno)); + return -EACCES; + } @@ -205,12 +211,11 @@ +static int write_rpm_digest_list(rpmte te, char *path) +{ + FD_t fd; -+ ssize_t written; -+ Header rpm = rpmteHeader(te); -+ rpmtd immutable; + int ret = 0; ++ ssize_t written = 0; ++ Header rpm = rpmteHeader(te); ++ rpmtd immutable = rpmtdNew(); + -+ immutable = rpmtdNew(); + headerGet(rpm, RPMTAG_HEADERIMMUTABLE, immutable, 0); + + fd = Fopen(path, "w.ufdio"); @@ -221,7 +226,6 @@ + + written = Fwrite(rpm_header_magic, sizeof(uint8_t), + sizeof(rpm_header_magic), fd); -+ + if (written != sizeof(rpm_header_magic)) { + ret = -EIO; + goto out; @@ -239,20 +243,18 @@ + +static int write_rpm_digest_list_ima_xattr(rpmte te, char *path) +{ -+ rpmtd signature; -+ ssize_t written; ++ FD_t fd; ++ ssize_t written = 0; ++ int ret = 0, sig_size = 0, sig_size_rounded = 0; + uint8_t sig2048 = { 0 }; + pgpDigParams sigp = NULL; + struct signature_v2_hdr *sig_hdr = (struct signature_v2_hdr *)sig; + Header rpm = rpmteHeader(te); -+ FD_t fd; -+ int ret = 0, sig_size, sig_size_rounded; ++ rpmtd signature = rpmtdNew(); + -+ signature = rpmtdNew(); + headerGet(rpm, RPMTAG_RSAHEADER, signature, 0); + ret = pgpPrtParams(signature->data, signature->count, + PGPTAG_SIGNATURE, &sigp); -+ + if (ret) { + ret = -ENOENT; + goto out; @@ -323,22 +325,16 @@ + return ret; +} + -+static int write_digest_list_ima_xattr(rpmte te, char *path, char *path_sig) ++static int fill_pgp_signature_header(rpmte te, struct signature_v2_hdr *sig_hdr) +{ -+ rpmtd signature; -+ uint8_t sig2048 = { 0 }; ++ int ret = 0; + pgpDigParams sigp = NULL; -+ struct signature_v2_hdr *sig_hdr = (struct signature_v2_hdr *)sig; + Header rpm = rpmteHeader(te); -+ FD_t fd; -+ struct stat st; -+ int ret = 0, sig_size; ++ rpmtd signature = rpmtdNew(); + -+ signature = rpmtdNew(); + headerGet(rpm, RPMTAG_RSAHEADER, signature, 0); + ret = pgpPrtParams(signature->data, signature->count, + PGPTAG_SIGNATURE, &sigp); -+ + if (ret) { + ret = -ENOENT;
View file
_service:tar_scm:backport-Fix-V-option-usage-in-our-tests.patch
Added
@@ -0,0 +1,242 @@ +From 826cbb8869e7d640fe3c2582a3a8dacf393e1ee0 Mon Sep 17 00:00:00 2001 +From: Michal Domonkos <mdomonko@redhat.com> +Date: Wed, 21 Aug 2024 15:02:36 +0200 +Subject: PATCH Fix -V option usage in our tests + +Conflict:adapt context because 760eb8638 is not merged +Reference:https://github.com/rpm-software-management/rpm/commit/826cbb8869e7d640fe3c2582a3a8dacf393e1ee0 + +Coupling -V with -a when querying for specific packages makes little +sense and only causes the order of the output lines to depend on the +database ordering. + +This is known to vary between the ndb and sqlite backends in particular, +confusing some of the tests that expect the lines to be in a specific +order. + +While at it, fix all such questionable usages, even those that only +entail one package argument. + +Fixes: #3242 +--- + tests/rpme.at | 16 ++++++++-------- + tests/rpmverify.at | 38 +++++++++++++++++++------------------- + 2 files changed, 27 insertions(+), 27 deletions(-) + +diff --git a/tests/rpme.at b/tests/rpme.at +index ead757579..058d929fd 100644 +--- a/tests/rpme.at ++++ b/tests/rpme.at +@@ -293,9 +293,9 @@ done + RPMTEST_CHECK( + runroot rpm -U --ignoreos /build/RPMS/noarch/conflicta-1.0-1.noarch.rpm + runroot rpm -U --ignoreos --excludepath=/usr/share /build/RPMS/noarch/conflictb-1.0-1.noarch.rpm +-runroot rpm -Vav --nogroup --nouser conflicta conflictb ++runroot rpm -Vv --nogroup --nouser conflicta conflictb + runroot rpm -e conflicta +-runroot rpm -Vav --nogroup --nouser conflictb ++runroot rpm -Vv --nogroup --nouser conflictb + runroot rpm -e conflictb + runroot rpm -Vp --nogroup --nouser /build/RPMS/noarch/conflictb-1.0-1.noarch.rpm + , +@@ -310,9 +310,9 @@ missing /usr/share/my.version + RPMTEST_CHECK( + runroot rpm -U --ignoreos --excludepath=/usr/share /build/RPMS/noarch/conflicta-1.0-1.noarch.rpm + runroot rpm -U --ignoreos /build/RPMS/noarch/conflictb-1.0-1.noarch.rpm +-runroot rpm -Vav --nogroup --nouser conflicta conflictb ++runroot rpm -Vv --nogroup --nouser conflicta conflictb + runroot rpm -e conflicta +-runroot rpm -Vav --nogroup --nouser conflictb ++runroot rpm -Vv --nogroup --nouser conflictb + runroot rpm -e conflictb + runroot rpm -Vp --nogroup --nouser /build/RPMS/noarch/conflictb-1.0-1.noarch.rpm + , +@@ -327,9 +327,9 @@ missing /usr/share/my.version + RPMTEST_CHECK( + runroot rpm -U --ignoreos /build/RPMS/noarch/conflicta-1.0-1.noarch.rpm + runroot rpm -U --ignoreos --force /build/RPMS/noarch/conflictb-1.0-1.noarch.rpm +-runroot rpm -Vav --nogroup --nouser conflicta conflictb ++runroot rpm -Vv --nogroup --nouser conflicta conflictb + runroot rpm -e conflicta +-runroot rpm -Vav --nogroup --nouser conflictb ++runroot rpm -Vv --nogroup --nouser conflictb + runroot rpm -e conflictb + runroot rpm -Vp --nogroup --nouser /build/RPMS/noarch/conflictb-1.0-1.noarch.rpm + , +@@ -344,9 +344,9 @@ missing /usr/share/my.version + RPMTEST_CHECK( + runroot rpm -U --ignoreos /build/RPMS/noarch/conflicta-1.0-1.noarch.rpm + runroot rpm -U --ignoreos --force /build/RPMS/noarch/conflictb-1.0-1.noarch.rpm +-runroot rpm -Vav --nogroup --nouser conflicta conflictb ++runroot rpm -Vv --nogroup --nouser conflicta conflictb + runroot rpm -e conflictb +-runroot rpm -Vav --nogroup --nouser conflicta ++runroot rpm -Vv --nogroup --nouser conflicta + runroot rpm -e conflicta + , + 0, +diff --git a/tests/rpmverify.at b/tests/rpmverify.at +index 3a87b085f..32427021d 100644 +--- a/tests/rpmverify.at ++++ b/tests/rpmverify.at +@@ -304,13 +304,13 @@ touch -t 201703171717 ${tf} + runroot rpm -U \ + --define "_minimize_writes 1" \ + /build/RPMS/noarch/replacetest-2.0-1.noarch.rpm +-runroot rpm -Va --nouser --nogroup replacetest ++runroot rpm -V --nouser --nogroup replacetest + cat "${tf}" + + runroot rpm -U \ + --define "_minimize_writes 1" \ + /build/RPMS/noarch/replacetest-3.0-1.noarch.rpm +-runroot rpm -Va --nouser --nogroup replacetest ++runroot rpm -V --nouser --nogroup replacetest + cat "${tf}" + + echo "xx" > "${tf}" +@@ -319,7 +319,7 @@ cat "${tf}" + runroot rpm -U \ + --define "_minimize_writes 1" \ + /build/RPMS/noarch/replacetest-4.0-1.noarch.rpm +-runroot rpm -Va --nouser --nogroup replacetest ++runroot rpm -V --nouser --nogroup replacetest + cat "${tf}" + + touch -t 201703171717 ${tf} +@@ -327,7 +327,7 @@ touch -t 201703171717 ${tf} + runroot rpm -U --oldpackage \ + --define "_minimize_writes 1" \ + /build/RPMS/noarch/replacetest-3.0-1.noarch.rpm +-runroot rpm -Va --nouser --nogroup replacetest ++runroot rpm -V --nouser --nogroup replacetest + cat "${tf}" + , + 0, +@@ -352,7 +352,7 @@ touch -t 201703171717 ${tf} + runroot rpm -Uvv --fsmdebug \ + --define "_minimize_writes 1" \ + /build/RPMS/noarch/replacetest-2.0-1.noarch.rpm > output.txt 2>&1 +-runroot rpm -Va --nouser --nogroup replacetest ++runroot rpm -V --nouser --nogroup replacetest + grep -c "touch" output.txt + cat "${tf}" + +@@ -360,7 +360,7 @@ cat "${tf}" + runroot rpm -Uvv --fsmdebug \ + --define "_minimize_writes 1" \ + /build/RPMS/noarch/replacetest-3.0-1.noarch.rpm > output.txt 2>&1 +-runroot rpm -Va --nouser --nogroup replacetest ++runroot rpm -V --nouser --nogroup replacetest + grep -c "touch" output.txt + cat "${tf}" + echo "xx" > "${tf}" +@@ -369,7 +369,7 @@ cat "${tf}" + runroot rpm -Uvv --fsmdebug \ + --define "_minimize_writes 1" \ + /build/RPMS/noarch/replacetest-4.0-1.noarch.rpm > output.txt 2>&1 +-runroot rpm -Va --nouser --nogroup replacetest ++runroot rpm -V --nouser --nogroup replacetest + grep -c "touch" output.txt + cat "${tf}" + +@@ -378,7 +378,7 @@ touch -t 201703171717 ${tf} + runroot rpm -U -Uvv --fsmdebug --oldpackage \ + --define "_minimize_writes 1" \ + /build/RPMS/noarch/replacetest-3.0-1.noarch.rpm > output.txt 2>&1 +-runroot rpm -Va --nouser --nogroup replacetest ++runroot rpm -V --nouser --nogroup replacetest + grep -c "touch" output.txt + cat "${tf}" + , +@@ -449,13 +449,13 @@ readlink "${tf}" + runroot rpm -U \ + --define "_minimize_writes 1" \ + /build/RPMS/noarch/replacetest-2.0-1.noarch.rpm +-runroot rpm -Va --nouser --nogroup replacetest ++runroot rpm -V --nouser --nogroup replacetest + readlink "${tf}" + + runroot rpm -U \ + --define "_minimize_writes 1" \ + /build/RPMS/noarch/replacetest-3.0-1.noarch.rpm +-runroot rpm -Va --nouser --nogroup replacetest ++runroot rpm -V --nouser --nogroup replacetest + readlink "${tf}" + + ln -sf "xx" "${tf}" +@@ -464,13 +464,13 @@ readlink "${tf}" + runroot rpm -U \ + --define "_minimize_writes 1" \ + /build/RPMS/noarch/replacetest-4.0-1.noarch.rpm +-runroot rpm -Va --nouser --nogroup replacetest ++runroot rpm -V --nouser --nogroup replacetest + readlink "${tf}" + + runroot rpm -U --oldpackage \ + --define "_minimize_writes 1" \ + /build/RPMS/noarch/replacetest-3.0-1.noarch.rpm +-runroot rpm -Va --nouser --nogroup replacetest ++runroot rpm -V --nouser --nogroup replacetest + readlink "${tf}" + , + 0, +@@ -494,7 +494,7 @@ readlink "${tf}" + runroot rpm -Uvv --fsmdebug \ + --define "_minimize_writes 1" \ + /build/RPMS/noarch/replacetest-2.0-1.noarch.rpm > output.txt 2>&1 +-runroot rpm -Va --nouser --nogroup replacetest ++runroot rpm -V --nouser --nogroup replacetest + grep -c "touch" output.txt + readlink "${tf}" + +@@ -502,7 +502,7 @@ readlink "${tf}" + runroot rpm -Uvv --fsmdebug \ + --define "_minimize_writes 1" \ + /build/RPMS/noarch/replacetest-3.0-1.noarch.rpm > output.txt 2>&1 +-runroot rpm -Va --nouser --nogroup replacetest ++runroot rpm -V --nouser --nogroup replacetest + grep -c "touch" output.txt
View file
_service:tar_scm:backport-Fix-crash-on-Lua-file-trigger-exiting-with-return-ed.patch
Added
@@ -0,0 +1,81 @@ +From 05fbeb97a92608a9f66faa3f8d1c0fb67b0db62c Mon Sep 17 00:00:00 2001 +From: Panu Matilainen <pmatilai@redhat.com> +Date: Wed, 7 Aug 2024 12:42:36 +0300 +Subject: PATCH Fix crash on Lua file trigger exiting with return'ed data + (#3029) + +Conflict:modify the test code because b9b3f3515164 and 7f59c7dd2f4 + is not merged. +Reference:https://github.com/rpm-software-management/rpm/commit/05fbeb97a92608a9f66faa3f8d1c0fb67b0db62c + +Reset the Lua stack on return from rpmluaRunScript() to discard any +unhandled returned data from the scriptlet. This may happen if there's +eg "return 0" from a non-macro scriptlet. + +We could check for a numeric return value here and treat it as an exit +code, but then what to do with other kinds of returned data? +Our documentation states errors in Lua scriptlets should be signaled with +Lua error() function, it seems better to stick with that and avoid +introducing ambiguities and incompatibilities. + +Update the existing file trigger tests to cover this case. + +Fixes: #3029 +--- + rpmio/rpmlua.c | 2 ++ + tests/data/SPECS/filetriggers.spec | 11 +++++++++++ + tests/rpmscript.at | 3 +++ + 3 files changed, 16 insertions(+) + +diff --git a/rpmio/rpmlua.c b/rpmio/rpmlua.c +index ecb21eb82..858be7739 100644 +--- a/rpmio/rpmlua.c ++++ b/rpmio/rpmlua.c +@@ -303,6 +303,8 @@ int rpmluaRunScript(rpmlua lua, const char *script, const char *name, + + exit: + free(buf); ++ /* discard any unhandled return data from the script */ ++ lua_settop(L, otop); + return ret; + } + +diff --git a/tests/data/SPECS/filetriggers.spec b/tests/data/SPECS/filetriggers.spec +index 3e2ee0034..e8d3bc7cd 100644 +--- a/tests/data/SPECS/filetriggers.spec ++++ b/tests/data/SPECS/filetriggers.spec +@@ -52,6 +52,17 @@ end + print("") + io.flush() + ++%filetriggerun -p <lua> -- /usr/bin ++print("filetriggerun(/usr/bin*)<lua>: "..arg2.." "..arg3) ++a = rpm.next_file() ++while a do ++ print(a) ++ a = rpm.next_file() ++end ++print("") ++io.flush() ++return 0 ++ + %filetriggerin -- /foo + echo "filetriggerin(/foo*):" + cat +diff --git a/tests/rpmscript.at b/tests/rpmscript.at +index 8fc729a56..d47705008 100644 +--- a/tests/rpmscript.at ++++ b/tests/rpmscript.at +@@ -461,6 +461,9 @@ filetriggerpostun(/foo*): + filetriggerun(/usr/bin*): 0 + /usr/bin/hello + ++filetriggerun(/usr/bin*)<lua>: 0 ++/usr/bin/hello ++ + filetriggerpostun(/usr/bin*): 0 + /usr/bin/hello + +-- +2.33.0 +
View file
_service:tar_scm:backport-Fix-division-by-zero-in-elfdeps-RhBug-2299414.patch
Added
@@ -0,0 +1,30 @@ +From 02ffc5158d1ad270e0b5c7ce6dfe4414a6ec029f Mon Sep 17 00:00:00 2001 +From: Michal Domonkos <mdomonko@redhat.com> +Date: Wed, 31 Jul 2024 16:19:40 +0200 +Subject: PATCH Fix division by zero in elfdeps (RhBug:2299414) + +Conflict:NA +Reference:https://github.com/rpm-software-management/rpm/commit/02ffc5158d1ad270e0b5c7ce6dfe4414a6ec029f + +Assume that the section does not hold a table if sh_entsize is 0 (as +specified in the elf(5) man page) and just skip it if that's the case. +--- + tools/elfdeps.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/tools/elfdeps.c b/tools/elfdeps.c +index cb388f08d..822359ab9 100644 +--- a/tools/elfdeps.c ++++ b/tools/elfdeps.c +@@ -196,6 +196,8 @@ static void processVerNeed(Elf_Scn *scn, GElf_Shdr *shdr, elfInfo *ei) + static void processDynamic(Elf_Scn *scn, GElf_Shdr *shdr, elfInfo *ei) + { + Elf_Data *data = NULL; ++ if (shdr->sh_entsize == 0) ++ return; + while ((data = elf_getdata(scn, data)) != NULL) { + for (int i = 0; i < (shdr->sh_size / shdr->sh_entsize); i++) { + const char *s = NULL; +-- +2.33.0 +
View file
_service:tar_scm:backport-Fix-root-relocation-regression.patch
Added
@@ -0,0 +1,66 @@ +From 308ac60677732e9979b9ce11e5a3085906da1901 Mon Sep 17 00:00:00 2001 +From: Michal Domonkos <mdomonko@redhat.com> +Date: Fri, 26 Jul 2024 10:44:04 +0200 +Subject: PATCH Fix root relocation regression + +Conflict:Do not modify the test code because the current test code is + different from that of the upstream community. If we directly + modify the test code, the test wull fail. Guaranteed by local + use cases. +Reference:https://github.com/rpm-software-management/rpm/commit/308ac60677732e9979b9ce11e5a3085906da1901 + +When relocating the root directory, make sure we insert the new path's +dirname to dirNames even if the root itself is owned by the package. + +This appears to have been the intention from the first version (largely +untouched since) of this code as we allow the root to pass through the +first checks (by setting len to 0 in that case) as well as the second +for loop where we do the relocations. + +This allows fsm to properly create and remove the relocated directory +since we're now using fd-based calls (#1919) and the parent directory +needs to be opened first. + +No need to do string comparison here, the empty basename signals that +we're processing the root directory, so just use that. + +Building a relocatable package that owns the root directory seems to be +a handy way to create user-installable packages (see RHEL-28967) and it +happened to work before with the path-based calls so this technically +was a regression. Add a test that emulates this use case. + +Fixes: #3173 +--- + lib/relocation.c | 8 +++++--- + 1 files changed, 5 insertions(+), 3 deletions(-) + +diff --git a/lib/relocation.c b/lib/relocation.c +index d31cf4779..0202b5c46 100644 +--- a/lib/relocation.c ++++ b/lib/relocation.c +@@ -181,8 +181,9 @@ void rpmRelocateFileList(rpmRelocation *relocations, int numRelocations, + rpmFileTypes ft; + int fnlen; + ++ size_t baselen = strlen(baseNamesi); + size_t len = maxlen + +- strlen(dirNamesdirIndexesi) + strlen(baseNamesi) + 1; ++ strlen(dirNamesdirIndexesi) + baselen + 1; + if (len >= fileAlloced) { + fileAlloced = len * 2; + fn = xrealloc(fn, fileAlloced); +@@ -244,8 +245,9 @@ assert(fn != NULL); /* XXX can't happen */ + continue; + } + +- /* Relocation on full paths only, please. */ +- if (fnlen != len) continue; ++ /* Relocation on '/' and full paths only, please. */ ++ if (baselen && fnlen != len) ++ continue; + + rpmlog(RPMLOG_DEBUG, "relocating %s to %s\n", + fn, relocationsj.newPath); +-- +2.33.0 +
View file
_service:tar_scm:backport-Make-sure-dirs-are-not-relocated-twice.patch
Added
@@ -0,0 +1,114 @@ +From 31c14ba6610568c2d634647fed1fb57221178da9 Mon Sep 17 00:00:00 2001 +From: Michal Domonkos <mdomonko@redhat.com> +Date: Fri, 26 Jul 2024 10:43:50 +0200 +Subject: PATCH Make sure dirs are not relocated twice + +Conflict:adapt context +Reference:https://github.com/rpm-software-management/rpm/commit/31c14ba6610568c2d634647fed1fb57221178da9 + +When processing relocations, new dirnames are added to dirNames first +and then the rest is relocated. However, we go through the entire array +in the latter step, meaning that we may accidentally relocate an already +relocated path. + +Most relocations are fine as they involve two separate directory trees, +and we already skip over directories that don't match the old prefix. +However, that breaks apart if we're relocating to a nested subdirectory +(e.g. /opt -> /opt/new/dir). + +Fix this by simply stopping at the original dirCount as the new entries +are always added to the end of dirNames. + +Such relocations are perhaps not very common (or even unsupported) but +relocating the root directory itself may be useful (see the next commit +for details) and that is subject to the same issue. + +Note that we currently don't handle root relocations properly to start +with but that will be addressed in the next commit, this prepares the +ground. +--- + lib/relocation.c | 6 +++--- + tests/rpmi.at | 35 +++++++++++++++++++++++++++++++++++ + 2 files changed, 38 insertions(+), 3 deletions(-) + +diff --git a/lib/relocation.c b/lib/relocation.c +index 1eab60211..d31cf4779 100644 +--- a/lib/relocation.c ++++ b/lib/relocation.c +@@ -124,7 +124,7 @@ void rpmRelocateFileList(rpmRelocation *relocations, int numRelocations, + char ** baseNames; + char ** dirNames; + uint32_t * dirIndexes; +- rpm_count_t fileCount, dirCount; ++ rpm_count_t fileCount, dirCount, dirCountOrig; + int nrelocated = 0; + int fileAlloced = 0; + char * fn = NULL; +@@ -163,7 +163,7 @@ void rpmRelocateFileList(rpmRelocation *relocations, int numRelocations, + baseNames = bnames.data; + dirIndexes = dindexes.data; + fileCount = rpmtdCount(&bnames); +- dirCount = rpmtdCount(&dnames); ++ dirCount = dirCountOrig = rpmtdCount(&dnames); + /* XXX TODO: use rpmtdDup() instead */ + dirNames = dnames.data = duparray(dnames.data, dirCount); + dnames.flags |= RPMTD_PTR_ALLOCED; +@@ -297,7 +297,7 @@ assert(fn != NULL); /* XXX can't happen */ + } + + /* Finish off by relocating directories. */ +- for (i = dirCount - 1; i >= 0; i--) { ++ for (i = dirCountOrig - 1; i >= 0; i--) { + for (j = numRelocations - 1; j >= 0; j--) { + + if (relocationsj.oldPath == NULL) /* XXX can't happen */ +diff --git a/tests/rpmi.at b/tests/rpmi.at +index 7d1a0a871..372be0a8b 100644 +--- a/tests/rpmi.at ++++ b/tests/rpmi.at +@@ -1135,6 +1135,42 @@ runroot rpm -U --relocate /opt/bin=/bin \ + , + ) + RPMTEST_CLEANUP ++ ++AT_SETUP(rpm -i relocatable package 2) ++AT_KEYWORDS(install relocate) ++RPMDB_INIT ++ ++runroot rpmbuild --quiet -bb /data/SPECS/reloc.spec ++runroot rpmbuild --quiet -bb /data/SPECS/fakeshell.spec ++ ++runroot rpm -U /build/RPMS/noarch/fakeshell-1.0-1.noarch.rpm ++ ++RPMTEST_CHECK( ++runroot rpm -U \ ++ --relocate /opt/bin=/opt/bin/foo/bar \ ++ --relocate /opt/etc=/opt/etc/foo/bar \ ++ --relocate /opt/lib=/opt/lib/foo/bar \ ++ /build/RPMS/noarch/reloc-1.0-1.noarch.rpm ++runroot rpm -ql reloc ++, ++0, ++1: /opt/bin/foo/bar ++2: /opt/etc/foo/bar ++3: /opt/lib/foo/bar ++0: /opt/bin/foo/bar ++1: /opt/etc/foo/bar ++2: /opt/lib/foo/bar ++/opt ++/opt/bin/foo/bar ++/opt/bin/foo/bar/typo ++/opt/etc/foo/bar ++/opt/etc/foo/bar/conf ++/opt/lib/foo/bar ++/opt/lib/foo/bar/notlib ++, ++) ++RPMTEST_CLEANUP ++ + AT_SETUP(rpm -i with/without --excludedocs) + AT_KEYWORDS(install excludedocs) + RPMTEST_CHECK( +-- +2.33.0 +
View file
_service:tar_scm:backport-Reset-recursion-depth-for-error-message.patch
Added
@@ -0,0 +1,81 @@ +From ef87d2503498f65577b5d7af07cd453d622fe02c Mon Sep 17 00:00:00 2001 +From: Florian Festi <ffesti@redhat.com> +Date: Thu, 18 Jul 2024 13:04:28 +0200 +Subject: PATCH Reset recursion depth for error message +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Conflict:adapt context +Reference:https://github.com/rpm-software-management/rpm/commit/ef87d2503498f65577b5d7af07cd453d622fe02c + +$ rpm --define 'aaa %%aaa' --eval '%aaa' + +let to a core dump due to a stack overflow. This was cause by the +generation of the error message failing due to being too deep in the +recursion of the macro expansion - creating more error messages. + +Resetting the depth counter allows rendering the error message. As we are +failing and breaking off the parse run this is fine to do. + +Thanks to Miro Hrončok for reporting + +Resolves: #3197 +--- + rpmio/macro.c | 4 +++- + tests/rpmmacro.at | 22 ++++++++++++++++++++++ + 2 files changed, 25 insertions(+), 1 deletion(-) + +diff --git a/rpmio/macro.c b/rpmio/macro.c +index b2fb1326d..3f34f718e 100644 +--- a/rpmio/macro.c ++++ b/rpmio/macro.c +@@ -447,9 +447,11 @@ static int mbInit(rpmMacroBuf mb, MacroExpansionData *med, size_t slen) + if (mb->buf == NULL) + mbAllocBuf(mb, slen); + if (++mb->depth > max_macro_depth) { ++ mb->depth--; ++ /* ensure error message can be rendered */ ++ mb->mc->depth = 0; + mbErr(mb, 1, + _("Too many levels of recursion in macro expansion. It is likely caused by recursive macro declaration.\n")); +- mb->depth--; + return -1; + } + med->tpos = mb->tpos; /* save expansion pointer for printExpand */ +diff --git a/tests/rpmmacro.at b/tests/rpmmacro.at +index 372cfa3ed..3adf48b61 100644 +--- a/tests/rpmmacro.at ++++ b/tests/rpmmacro.at +@@ -133,6 +133,28 @@ runroot rpm --define "this that" --define "that_that foo" --eval '%{expand:%{%{t + ) + RPMTEST_CLEANUP + ++AT_SETUP(recursive macro) ++AT_KEYWORDS(macros) ++RPMTEST_CHECK( ++runroot rpm --define 'aaa %aaa' --eval '%aaa' ++, ++1, ++, ++error: Too many levels of recursion in macro expansion. It is likely caused by recursive macro declaration. ++) ++RPMTEST_CLEANUP ++ ++AT_SETUP(recursive expression) ++AT_KEYWORDS(macros) ++RPMTEST_CHECK( ++runroot rpm --define 'aaa %\\%aaa\\' --eval '%aaa' ++, ++1, ++, ++error: Too many levels of recursion in macro expansion. It is likely caused by recursive macro declaration. ++) ++RPMTEST_CLEANUP ++ + AT_SETUP(parametrized macro 1) + AT_KEYWORDS(macros) + RPMTEST_CHECK( +-- +2.33.0 +
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2