diff --git a/backport-Enforce-the-same-sanity-checks-on-db-add-and-rebuild.patch b/backport-Enforce-the-same-sanity-checks-on-db-add-and-rebuild.patch new file mode 100644 index 0000000..21182f9 --- /dev/null +++ b/backport-Enforce-the-same-sanity-checks-on-db-add-and-rebuild.patch @@ -0,0 +1,64 @@ +From 1fbf8aeb4e78b8b4afeeaafcbc97b3cbf7cfeaba Mon Sep 17 00:00:00 2001 +From: Panu Matilainen +Date: Tue, 17 Sep 2024 08:31:35 +0300 +Subject: [PATCH] Enforce the same sanity checks on db add and rebuild + +Conflict:adapt context; don't use RPMTAG_HEADERIMMUTABLE because +e484d99 is not merged; use int type instead of bool in validHeader() +Reference:https://github.com/rpm-software-management/rpm/commit/1fbf8aeb4e78b8b4afeeaafcbc97b3cbf7cfeaba + +It doesn't make a whole lot of sense to allow inserting headers +that will get removed as invalid on the next rebuild. Funny what +oddities have survived all this time... + +Fixes: #3306 +--- + lib/rpmdb.c | 18 +++++++++++++----- + 1 file changed, 13 insertions(+), 5 deletions(-) + +diff --git a/lib/rpmdb.c b/lib/rpmdb.c +index e2ace9b..2f63efa 100644 +--- a/lib/rpmdb.c ++++ b/lib/rpmdb.c +@@ -2314,6 +2314,17 @@ static rpmRC indexPut(dbiIndex dbi, rpmTagVal rpmtag, unsigned int hdrNum, Heade + return tag2index(dbi, rpmtag, hdrNum, h, idxdbPut); + } + ++static int validHeader(Header h) ++{ ++ if (!(headerIsEntry(h, RPMTAG_NAME) && ++ headerIsEntry(h, RPMTAG_VERSION) && ++ headerIsEntry(h, RPMTAG_RELEASE))) ++ { ++ return 0; ++ } ++ return 1; ++} ++ + int rpmdbAdd(rpmdb db, Header h) + { + dbiIndex dbi = NULL; +@@ -2327,7 +2338,7 @@ int rpmdbAdd(rpmdb db, Header h) + return 0; + + hdrBlob = headerExport(h, &hdrLen); +- if (hdrBlob == NULL || hdrLen == 0) { ++ if (!validHeader(h) || hdrBlob == NULL || hdrLen == 0) { + ret = -1; + goto exit; + } +@@ -2564,10 +2575,7 @@ int rpmdbRebuild(const char * prefix, rpmts ts, + while ((h = rpmdbNextIterator(mi)) != NULL) { + + /* let's sanity check this record a bit, otherwise just skip it */ +- if (!(headerIsEntry(h, RPMTAG_NAME) && +- headerIsEntry(h, RPMTAG_VERSION) && +- headerIsEntry(h, RPMTAG_RELEASE))) +- { ++ if (!validHeader(h)) { + rpmlog(RPMLOG_ERR, + _("header #%u in the database is bad -- skipping.\n"), + rpmdbGetIteratorOffset(mi)); +-- +2.43.0 + diff --git a/backport-Fix-a-memory-leak-on-rpmdb-importdb.patch b/backport-Fix-a-memory-leak-on-rpmdb-importdb.patch new file mode 100644 index 0000000..3558d5a --- /dev/null +++ b/backport-Fix-a-memory-leak-on-rpmdb-importdb.patch @@ -0,0 +1,27 @@ +From 4b830f7b5a4a70a53e2eef63baf82b7fff308a3c Mon Sep 17 00:00:00 2001 +From: Panu Matilainen +Date: Fri, 11 Oct 2024 14:26:57 +0300 +Subject: [PATCH] Fix a memory leak on rpmdb --importdb + +Conflict:modify rpmdb.c instead of tools/rpmdb.cc +Reference:https://github.com/rpm-software-management/rpm/commit/4b830f7b5a4a70a53e2eef63baf82b7fff308a3c + +--- + rpmdb.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/rpmdb.c b/rpmdb.c +index b72f0a5..a16dbac 100644 +--- a/rpmdb.c ++++ b/rpmdb.c +@@ -79,6 +79,7 @@ static int importDB(rpmts ts) + Header h; + while ((h = headerRead(fd, HEADER_MAGIC_YES))) { + rc += rpmtsImportHeader(txn, h, 0); ++ headerFree(h); + } + } else { + rc = -1; +-- +2.43.0 + diff --git a/backport-Fix-memleak-when-process-policies.patch b/backport-Fix-memleak-when-process-policies.patch new file mode 100644 index 0000000..462d3a4 --- /dev/null +++ b/backport-Fix-memleak-when-process-policies.patch @@ -0,0 +1,41 @@ +From 937e725626eecad2e0c34463e733ae123ba2ff5e Mon Sep 17 00:00:00 2001 +From: xujing +Date: Thu, 12 Sep 2024 20:52:30 +0800 +Subject: [PATCH] Fix memleak when process policies + +Conflict:adapt the release conditions of optCon +Reference:https://github.com/rpm-software-management/rpm/commit/937e725626eecad2e0c34463e733ae123ba2ff5e + +--- + build/policies.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/build/policies.c b/build/policies.c +index 16d5f87..6c1050e 100644 +--- a/build/policies.c ++++ b/build/policies.c +@@ -282,6 +282,10 @@ static rpmRC processPolicies(rpmSpec spec, Package pkg, int test) + mod = freeModule(mod); + name = _free(name); + types = _free(types); ++ if (optCon) { ++ poptFreeContext(optCon); ++ optCon = NULL; ++ } + } + + rc = RPMRC_OK; +@@ -290,6 +294,10 @@ static rpmRC processPolicies(rpmSpec spec, Package pkg, int test) + freeModule(mod); + free(name); + free(types); ++ if (optCon) { ++ poptFreeContext(optCon); ++ optCon = NULL; ++ } + + return rc; + } +-- +2.43.0 + diff --git a/rpm.spec b/rpm.spec index 5d9eff7..da70082 100644 --- a/rpm.spec +++ b/rpm.spec @@ -1,6 +1,6 @@ Name: rpm Version: 4.15.1 -Release: 60 +Release: 61 Summary: RPM Package Manager License: GPLv2+ URL: http://www.rpm.org/ @@ -225,6 +225,9 @@ Patch203: backport-Fix-an-ancient-memleak-on-caps-parsing-add-tests.patch Patch204: backport-Fix-potential-use-of-uninitialized-pipe-array.patch Patch205: backport-Fix-potential-use-of-uninitialized-pgp-struct.patch Patch206: backport-Fix-division-by-zero-in-elfdeps-RhBug-2299414.patch +Patch207: backport-Fix-memleak-when-process-policies.patch +Patch208: backport-Enforce-the-same-sanity-checks-on-db-add-and-rebuild.patch +Patch209: backport-Fix-a-memory-leak-on-rpmdb-importdb.patch BuildRequires: gcc autoconf automake libtool make gawk popt-devel openssl-devel readline-devel libdb-devel BuildRequires: zlib-devel libzstd-devel xz-devel bzip2-devel libarchive-devel ima-evm-utils-devel @@ -521,6 +524,9 @@ make check || (cat tests/rpmtests.log; exit 0) %{_mandir}/man1/gendiff.1* %changelog +* Thu Dec 5 2024 dongyuzhen - 4.15.1-61 +- sync patches from upstream + * Sat Oct 26 2024 Funda Wang - 4.15.1-60 - fix RPM_LD_FLAGS not got exported