From 491743a26c9ab6d099fb398a113a6110d4e27875 Mon Sep 17 00:00:00 2001 From: gengqihu <2712504175@qq.com> Date: Thu, 15 Aug 2024 09:54:42 +0800 Subject: [PATCH] Backport some patches from upstream --- ...nt-memleak-on-caps-parsing-add-tests.patch | 34 ++++++++++++++++++ ...-pointer-bogosity-in-rpmlog-callback.patch | 31 ++++++++++++++++ ...tial-use-of-uninitialized-pgp-struct.patch | 35 +++++++++++++++++++ ...tial-use-of-uninitialized-pipe-array.patch | 35 +++++++++++++++++++ rpm.spec | 9 ++++- 5 files changed, 143 insertions(+), 1 deletion(-) create mode 100644 backport-Fix-an-ancient-memleak-on-caps-parsing-add-tests.patch create mode 100644 backport-Fix-pointer-bogosity-in-rpmlog-callback.patch create mode 100644 backport-Fix-potential-use-of-uninitialized-pgp-struct.patch create mode 100644 backport-Fix-potential-use-of-uninitialized-pipe-array.patch diff --git a/backport-Fix-an-ancient-memleak-on-caps-parsing-add-tests.patch b/backport-Fix-an-ancient-memleak-on-caps-parsing-add-tests.patch new file mode 100644 index 0000000..bc0dd4d --- /dev/null +++ b/backport-Fix-an-ancient-memleak-on-caps-parsing-add-tests.patch @@ -0,0 +1,34 @@ +From a385821780804b558ae18aec820d127e4144fafd Mon Sep 17 00:00:00 2001 +From: Panu Matilainen +Date: Thu, 11 Apr 2024 12:08:04 +0300 +Subject: [PATCH] Fix an ancient memleak on %caps() parsing, add tests + +Conflict:don't modify tests because the test case depends on the gcc. +Reference:https://github.com/rpm-software-management/rpm/commit/a385821780804b558ae18aec820d127e4144fafd + +This leak has been there ever since rpm 4.7.0, so pretty close to 15 +years. ASAN would've caught it, if it had it been tested. Oops. +Of course, in the fakechroot era we couldn't have tested installation +but we could've at least tested the parsing side. + +Add tests for parsing, query and install functionality, and fix the +leak that is now very visible. +--- + build/files.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/build/files.c b/build/files.c +index 14e4c55ef..b059458a1 100644 +--- a/build/files.c ++++ b/build/files.c +@@ -228,6 +228,7 @@ static void copyFileEntry(FileEntry src, FileEntry dest) + static void FileEntryFree(FileEntry entry) + { + argvFree(entry->langs); ++ free(entry->caps); + memset(entry, 0, sizeof(*entry)); + } + +-- +2.33.0 + diff --git a/backport-Fix-pointer-bogosity-in-rpmlog-callback.patch b/backport-Fix-pointer-bogosity-in-rpmlog-callback.patch new file mode 100644 index 0000000..d95cf48 --- /dev/null +++ b/backport-Fix-pointer-bogosity-in-rpmlog-callback.patch @@ -0,0 +1,31 @@ +From f8a72afbdb560dc534ca1ff390bc54e01d1144a6 Mon Sep 17 00:00:00 2001 +From: Panu Matilainen +Date: Mon, 8 Apr 2024 14:41:48 +0300 +Subject: [PATCH] Fix pointer bogosity in rpmlog callback + +Conflict:NA +Reference:https://github.com/rpm-software-management/rpm/commit/f8a72afbdb560dc534ca1ff390bc54e01d1144a6 + +rpmlogCallbackData is already a pointer type, we don't want a pointer +to a pointer for this. Kinda surprising it actually worked, but then +it's just a void pointer so... +--- + rpmio/rpmlog.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/rpmio/rpmlog.c b/rpmio/rpmlog.c +index 2bb5ab0e3..3ccbe2692 100644 +--- a/rpmio/rpmlog.c ++++ b/rpmio/rpmlog.c +@@ -382,7 +382,7 @@ static void dolog(struct rpmlogRec_s *rec, int saverec) + int cbrc = RPMLOG_DEFAULT; + int needexit = 0; + FILE *clog = NULL; +- rpmlogCallbackData *cbdata = NULL; ++ rpmlogCallbackData cbdata = NULL; + rpmlogCallback cbfunc = NULL; + rpmlogCtx ctx = rpmlogCtxAcquire(saverec); + +-- +2.33.0 + diff --git a/backport-Fix-potential-use-of-uninitialized-pgp-struct.patch b/backport-Fix-potential-use-of-uninitialized-pgp-struct.patch new file mode 100644 index 0000000..87a01cc --- /dev/null +++ b/backport-Fix-potential-use-of-uninitialized-pgp-struct.patch @@ -0,0 +1,35 @@ +From 1b90b8c7d176026b669ce28c6e185724a4b208b0 Mon Sep 17 00:00:00 2001 +From: Michal Domonkos +Date: Fri, 7 Jun 2024 10:14:25 +0200 +Subject: [PATCH] Fix potential use of uninitialized pgp struct + +Conflict:NA +Reference:https://github.com/rpm-software-management/rpm/commit/1b90b8c7d176026b669ce28c6e185724a4b208b0 + +We only call initPgpData() after base64 encoding the pubkey so if the +latter fails, the kd struct will be left uninitialized and subsequently +read from after skipping to the exit label. Fix by initializing it. + +Found by Coverity. + +Fixes: RHEL-22605 +--- + lib/rpmts.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/lib/rpmts.c b/lib/rpmts.c +index 3070b97e6..76964c60a 100644 +--- a/lib/rpmts.c ++++ b/lib/rpmts.c +@@ -508,6 +508,8 @@ static int makePubkeyHeader(rpmts ts, rpmPubkey key, rpmPubkey *subkeys, + int rc = -1; + int i; + ++ memset(&kd, 0, sizeof(kd)); ++ + if ((enc = rpmPubkeyBase64(key)) == NULL) + goto exit; + if ((dig = rpmPubkeyDig(key)) == NULL) +-- +2.33.0 + diff --git a/backport-Fix-potential-use-of-uninitialized-pipe-array.patch b/backport-Fix-potential-use-of-uninitialized-pipe-array.patch new file mode 100644 index 0000000..c90e429 --- /dev/null +++ b/backport-Fix-potential-use-of-uninitialized-pipe-array.patch @@ -0,0 +1,35 @@ +From bff65aad8af719542c7b0c6429e09223c014a909 Mon Sep 17 00:00:00 2001 +From: Michal Domonkos +Date: Thu, 6 Jun 2024 09:15:02 +0200 +Subject: [PATCH] Fix potential use of uninitialized pipe array + +Conflict:NA +Reference:https://github.com/rpm-software-management/rpm/commit/bff65aad8af719542c7b0c6429e09223c014a909 + +We only call pipe(2) after the script is written to disk so if the +latter fails, the array will be left uninitialized and subsequently read +after skipping to the exit label. Fix by initializing it. + +Found by Coverity. + +Fixes: RHEL-22604 +--- + lib/rpmscript.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/rpmscript.c b/lib/rpmscript.c +index 281c55c53..1de4acf8e 100644 +--- a/lib/rpmscript.c ++++ b/lib/rpmscript.c +@@ -316,7 +316,7 @@ static rpmRC runExtScript(rpmPlugins plugins, ARGV_const_t prefixes, + char * fn = NULL; + pid_t pid, reaped; + int status; +- int inpipe[2]; ++ int inpipe[2] = { -1, -1 }; + FILE *in = NULL; + const char *line; + char *mline = NULL; +-- +2.33.0 + diff --git a/rpm.spec b/rpm.spec index e089425..4bd1d9f 100644 --- a/rpm.spec +++ b/rpm.spec @@ -1,6 +1,6 @@ Name: rpm Version: 4.15.1 -Release: 57 +Release: 58 Summary: RPM Package Manager License: GPLv2+ URL: http://www.rpm.org/ @@ -220,6 +220,10 @@ Patch198: backport-Use-the-internal-DB_CTRL-enum-for-intenal-uses-consi.patch Patch199: backport-Fix-an-enum-int-type-mismatch-in-rpmfiArchiveReadToF.patch Patch200: backport-Fix-an-enum-int-type-mismatch-in-transaction-verify-.patch Patch201: backport-Fix-enum-type-mismatch-in-rpmTagGetValue.patch +Patch202: backport-Fix-pointer-bogosity-in-rpmlog-callback.patch +Patch203: backport-Fix-an-ancient-memleak-on-caps-parsing-add-tests.patch +Patch204: backport-Fix-potential-use-of-uninitialized-pipe-array.patch +Patch205: backport-Fix-potential-use-of-uninitialized-pgp-struct.patch BuildRequires: gcc autoconf automake libtool make gawk popt-devel openssl-devel readline-devel libdb-devel BuildRequires: zlib-devel libzstd-devel xz-devel bzip2-devel libarchive-devel ima-evm-utils-devel @@ -516,6 +520,9 @@ make check || (cat tests/rpmtests.log; exit 0) %{_mandir}/man1/gendiff.1* %changelog +* Thu Aug 15 2024 gengqihu - 4.15.1-58 +- Backport some patches from upstream + * Wed Jun 12 2024 gengqihu - 4.15.1-57 - Backport some patches from upstream