@DemiMarie commented on this pull request.
> @@ -169,8 +169,8 @@ rpmRC rpmpkgRead(struct rpmvs_s *vs, FD_t fd,
goto exit;
}
-/* Read the signature header. Might not be in a contiguous region. */
-if (hdrblobRead(fd, 1, 0, RPMTAG_HEADERSIGNATURES, sigblob, ))
+/* Read
@DemiMarie Can you split up these changes into separate commits? That would
make it easier to do partial merges as each change is approved.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
@Conan-Kudo requested changes on this pull request.
> @@ -169,8 +169,8 @@ rpmRC rpmpkgRead(struct rpmvs_s *vs, FD_t fd,
goto exit;
}
-/* Read the signature header. Might not be in a contiguous region. */
-if (hdrblobRead(fd, 1, 0, RPMTAG_HEADERSIGNATURES, sigblob, ))
+
How will package signatures be verified? More specifically, will `rpm2extents`
verify the signed digest of files before decompressing them? Otherwise, this
seems like a potential security risk, in case there is a bug in the
decompression library.
--
You are receiving this because you are
This makes vulnerabilities less likely by:
- Preventing an out-of-bounds read on 32-bit systems.
- Adding `-fno-strict-overflow`, `-fwrapv`, and `-fwrapv-pointer`
- Avoid some undefined pointer arithmetic
- Requiring signature headers to be contiguous.
You can view, comment on, or merge this pull
Some time back, @daxelrod-datto suggested in
https://github.com/debbuild/debbuild/issues/114 that debbuild implement a
`--macrofile` option similar to the `--rcfile` option for overriding the macro
search path for that invocation. It was noted there that this feature does not
exist in RPM, and
