@pmatilai commented on this pull request.


> +}
+
+static char *rpmVeritySignFile(rpmfi fi, size_t *sig_size, char *key,
+                              char *keypass, char *cert, uint16_t algo,
+                              uint32_t block_size)
+{
+    struct libfsverity_merkle_tree_params params;
+    struct libfsverity_signature_params sig_params;
+    struct libfsverity_digest *digest = NULL;
+    rpm_loff_t file_size;
+    char *digest_hex, *sig_hex = NULL;
+    uint8_t *sig = NULL;
+    int status;
+
+    if (S_ISLNK(rpmfiFMode(fi)))
+       file_size = 0;

No signatures for symlinks? Symlink pointing to an unintended place can have 
pretty drastic consequences...

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1203#pullrequestreview-418310585
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint

Reply via email to