[prev in list] [next in list] [prev in thread] [next in thread]
List: rpm-cvs
Subject: [CVS] RPM: rpm-5_4: rpm/lib/ verify.c
From: "Jeff Johnson" <jbj () rpm5 ! org>
Date: 2016-02-27 20:59:29
Message-ID: 20160227205929.770B46316B () rpm5 ! org
[Download RAW message or body]
RPM Package Manager, CVS Repository
http://rpm5.org/cvs/
____________________________________________________________________________
Server: rpm5.org Name: Jeff Johnson
Root: /v/rpm/cvs Email: jbj@rpm5.org
Module: rpm Date: 27-Feb-2016 21:59:29
Branch: rpm-5_4 Handle: 2016022720592900
Modified files: (Branch: rpm-5_4)
rpm/lib verify.c
Log:
rpm: opendb before rpmverifyscript to avoid null point input
If the command is "rpm -V" and the return value of (headerIsEntry(h, RPMTAG_VERI
FYSCRIPT)
|| headerIsEntry(h, RPMTAG_SANITYCHECK)) located in /lib/verify.c is true, it wi
ll call
rpmpsmStage function(rpmVerifyScript->rpmpsmScriptStage->rpmpsmStage) and occur
segment
fault because of null point(rpmtsGetRdb(ts) == NULL and rpmtsGetRdb(ts)->db_txn)
.
So we open rpmdb to avoid bad input when find headerIsEntry true.
Upstream-Status: Pending
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Summary:
Revision Changes Path
2.201.4.13 +2 -0 rpm/lib/verify.c
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: rpm/lib/verify.c
============================================================================
$ cvs diff -u -r2.201.4.12 -r2.201.4.13 verify.c
--- rpm/lib/verify.c 19 Jul 2014 23:33:38 -0000 2.201.4.12
+++ rpm/lib/verify.c 27 Feb 2016 20:59:29 -0000 2.201.4.13
@@ -613,6 +613,8 @@
{
FD_t fdo = fdDup(STDOUT_FILENO);
+ rpmtsOpenDB(ts, O_RDONLY); /*Open the DB to avoid null point input \
in function rpmpsmStage()*/ +
rc = rpmfiSetHeader(fi, h);
if ((rc = rpmVerifyScript(qva, ts, fi, fdo)) != 0)
ec += rc;
@@ .
______________________________________________________________________
RPM Package Manager http://rpm5.org
CVS Sources Repository rpm-cvs@rpm5.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic