commit rpm for openSUSE:11.3

Mon, 10 Oct 2011 03:38:08 -0700 

Hello community,

here is the log from the commit of package rpm for openSUSE:11.3
checked in at Mon Oct 10 12:38:03 CEST 2011.



--------
--- old-versions/11.3/all/rpm/rpm.changes       2010-06-04 16:44:55.000000000 
+0200
+++ 11.3/rpm/rpm.changes        2011-10-04 19:27:32.000000000 +0200
@@ -1,0 +2,6 @@
+Tue Oct  4 19:20:23 CEST 2011 - [email protected]
+
+- fix multiple crashes on malformed data in header and gpg
+  key processing [bnc#720824]
+
+-------------------------------------------------------------------

Package does not exist at destination yet. Using Fallback 
old-versions/11.3/all/rpm
Destination is old-versions/11.3/UPDATES/all/rpm
calling whatdependson for 11.3-i586


New:
----
  headerchk.diff

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ rpm-python.spec ++++++
--- /var/tmp/diff_new_pack.7Yykmo/_old  2011-10-10 12:37:27.000000000 +0200
+++ /var/tmp/diff_new_pack.7Yykmo/_new  2011-10-10 12:37:27.000000000 +0200
@@ -1,7 +1,7 @@
 #
-# spec file for package rpm-python (Version 4.8.0)
+# spec file for package rpm-python
 #
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -25,7 +25,7 @@
 Group:          System/Packages
 Summary:        Python Bindings for Manipulating RPM Packages
 Version:        4.8.0
-Release:        4
+Release:        5.<RELEASE2>
 Requires:       rpm = %{version}
 %py_requires
 Source99:       rpm.spec

++++++ rpm.spec ++++++
--- /var/tmp/diff_new_pack.7Yykmo/_old  2011-10-10 12:37:27.000000000 +0200
+++ /var/tmp/diff_new_pack.7Yykmo/_new  2011-10-10 12:37:27.000000000 +0200
@@ -1,7 +1,7 @@
 #
-# spec file for package rpm (Version 4.8.0)
+# spec file for package rpm
 #
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -28,7 +28,7 @@
 AutoReqProv:    on
 Summary:        The RPM Package Manager
 Version:        4.8.0
-Release:        4
+Release:        5.<RELEASE2>
 Source:         rpm-%{version}.tar.bz2
 Source1:        RPM-HOWTO.tar.bz2
 Source2:        RPM-Tips.html.tar.bz2
@@ -114,6 +114,7 @@
 Patch78:        nosource.diff
 Patch79:        nosignature.diff
 Patch80:        fixsbits.diff
+Patch81:        headerchk.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 #
 # avoid bootstrapping problem
@@ -175,7 +176,7 @@
 %patch -P 50 -P 51 -P 52 -P 53 -P 54 -P 55 -P 56 -P 57 -P 58 -P 59
 %patch -P 60 -P 61 -P 62 -P 63 -P 64 -P 65 -P 66 -P 67 -P 68 -P 69
 %patch -P 70 -P 71 -P 72 -P 73 -P 74 -P 75 -P 76 -P 77 -P 78 -P 79
-%patch -P 80
+%patch -P 80 -P 81
 #chmod 755 scripts/find-supplements{,.ksyms}
 #chmod 755 scripts/find-provides.ksyms scripts/find-requires.ksyms
 #chmod 755 scripts/firmware.prov

++++++ headerchk.diff ++++++
--- ./lib/header.c.orig 2009-12-07 14:36:49.000000000 +0000
+++ ./lib/header.c      2011-10-04 17:17:48.000000000 +0000
@@ -358,6 +358,9 @@ static int regionSwab(indexEntry entry,
                const unsigned char * dataEnd,
                int regionid)
 {
+    if ((entry != NULL && regionid >= 0) || (entry == NULL && regionid != 0))
+       return -1;
+
     for (; il > 0; il--, pe++) {
        struct indexEntry_s ie;
        rpmTagType type;
@@ -822,7 +825,7 @@ Header headerLoad(void * uh)
 
        {   int off = ntohl(pe->offset);
 
-           if (hdrchkData(off))
+           if (hdrchkData(off) || hdrchkRange(dl, off))
                goto errxit;
            if (off) {
                size_t nb = REGION_TAG_COUNT;
@@ -881,6 +884,11 @@ Header headerLoad(void * uh)
            h->indexUsed += ne;
          }
        }
+
+       rdlen += REGION_TAG_COUNT;
+       /* XXX should be equality test, but dribbles are sometimes a bit off? */
+       if (rdlen > dl)
+           goto errxit;
     }
 
     h->flags &= ~HEADERFLAG_SORTED;
--- ./rpmio/rpmpgp.c.orig       2011-10-04 17:17:40.000000000 +0000
+++ ./rpmio/rpmpgp.c    2011-10-04 17:17:48.000000000 +0000
@@ -378,6 +378,9 @@ static int pgpPrtSubType(const uint8_t *
 
     while (hlen > 0) {
        i = pgpLen(p, &plen);
+       if (i + plen > hlen)
+           break;
+
        p += i;
        hlen -= i;
 
@@ -460,7 +463,7 @@ static int pgpPrtSubType(const uint8_t *
        p += plen;
        hlen -= plen;
     }
-    return 0;
+    return (hlen != 0); /* non-zero hlen is an error */
 }
 
 static const char * const pgpSigRSA[] = {
@@ -584,7 +587,8 @@ fprintf(stderr, "   hash[%zu] -- %s\n",
            _digp->hashlen = sizeof(*v) + plen;
            _digp->hash = memcpy(xmalloc(_digp->hashlen), v, _digp->hashlen);
        }
-       (void) pgpPrtSubType(p, plen, v->sigtype, _digp);
+       if (pgpPrtSubType(p, plen, v->sigtype, _digp))
+           return 1;
        p += plen;
 
        plen = pgpGrab(p,2);
@@ -595,7 +599,8 @@ fprintf(stderr, "   hash[%zu] -- %s\n",
 
 if (_debug && _print)
 fprintf(stderr, " unhash[%zu] -- %s\n", plen, pgpHexStr(p, plen));
-       (void) pgpPrtSubType(p, plen, v->sigtype, _digp);
+       if (pgpPrtSubType(p, plen, v->sigtype, _digp))
+           return 1;
        p += plen;
 
        plen = pgpGrab(p,2);
continue with "q"...



Remember to have fun...

-- 
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to