packages/rpm
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Optimize signature header merge a bit

Browse Source
This commit is contained in:
renmingshuai 2021-05-24 11:24:41 +08:00
parent 9fb7d28f87
commit 7e17027a3f
2 changed files with 50 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
backport-optimize-signature-header-merge-a-bit.patch Normal file
View File

@ -0,0 +1,42 @@
From a427c3cd2776bc523bd40491a5d92d98d071ffea Mon Sep 17 00:00:00 2001
From: Demi Marie Obenour <athena@invisiblethingslab.com>
Date: Tue, 16 Mar 2021 11:41:16 +0200
Subject: [PATCH] Optimize signature header merge a bit
Look up possible offending tags from the main header first in a separate
loop, this avoids having to re-sort after each headerPut() operation
---
lib/package.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/lib/package.c b/lib/package.c
index 6f10bb9..355c3e7 100644
--- a/lib/package.c
+++ b/lib/package.c
@@ -64,10 +64,14 @@ rpmTagVal headerMergeLegacySigs(Header h, Header sigh, char **msg)
{
const struct taglate_s *xl;
struct rpmtd_s td;
- rpmtdReset(&td);
for (xl = xlateTags; xl->stag; xl++) {
/* There mustn't be one in the main header */
if (headerIsEntry(h, xl->xtag))
+ goto exit;
+ }
+
+ rpmtdReset(&td);
+ for (xl = xlateTags; xl->stag; xl++) {
if (headerGet(sigh, xl->stag, &td, HEADERGET_RAW|HEADERGET_MINMEM)) {
/* Translate legacy tags */
if (xl->stag != xl->xtag)
@@ -86,6 +90,7 @@ rpmTagVal headerMergeLegacySigs(Header h, Header sigh, char **msg)
}
rpmtdFreeData(&td);
+exit:
if (xl->stag) {
rasprintf(msg, "invalid signature tag %s (%d)",
rpmTagGetName(xl->xtag), xl->xtag);
--
2.27.0

9
rpm.spec
View File

@ -1,6 +1,6 @@
Name: rpm
Version: 4.15.1
Release: 24
Release: 25
Summary: RPM Package Manager
License: GPLv2+
URL: http://www.rpm.org/
@ -78,6 +78,7 @@ Patch66: backport-Always-open-and-initialize-the-entire-database-at-on.patch
Patch67: backport-Stop-on-first-failure-when-trying-to-open-a-database.patch
Patch68: backport-Only-attempt-loading-the-keyring-once-the-rpmdb-is-o.patch
patch69: backport-CVE-2021-20271.patch
Patch70: backport-optimize-signature-header-merge-a-bit.patch
BuildRequires: gcc autoconf automake libtool make gawk popt-devel openssl-devel readline-devel
BuildRequires: zlib-devel libzstd-devel xz-devel bzip2-devel libarchive-devel ima-evm-utils-devel
@ -346,6 +347,12 @@ make check || (cat tests/rpmtests.log; exit 0)
%{_mandir}/man1/gendiff.1*
%changelog
* Mon May 24 2021 liudabo<liudabo1@huawei.com> - 4.15.1-25
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:Optimize signature header merge a bit
* Tue Apr 20 2021 liudabo<liudabo1@huawei.com> - 4.15.1-24
- Type:CVE
- ID:CVE-2021-20271