Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
OBS:Server:2.6
rpm
headerchk.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File headerchk.diff of Package rpm
--- ./rpmdb/header.c.orig 2011-10-04 17:14:47.000000000 +0000 +++ ./rpmdb/header.c 2011-10-04 17:15:15.000000000 +0000 @@ -483,6 +483,8 @@ static int regionSwab(/*@null@*/ indexEn int tl = dl; struct indexEntry_s ieprev; + if ((entry != NULL && regionid >= 0) || (entry == NULL && regionid != 0)) + return -1; /*@-boundswrite@*/ memset(&ieprev, 0, sizeof(ieprev)); /*@=boundswrite@*/ @@ -1081,7 +1083,7 @@ Header headerLoad(/*@kept@*/ void * uh) { int off = ntohl(pe->offset); - if (hdrchkData(off)) + if (hdrchkData(off) || hdrchkRange(dl, off)) goto errxit; if (off) { /*@-sizeoftype@*/ @@ -1146,6 +1148,10 @@ Header headerLoad(/*@kept@*/ void * uh) h->indexUsed += ne; } } + rdlen += REGION_TAG_COUNT; + /* XXX should be equality test, but dribbles are sometimes a bit off? */ + if (rdlen > dl) + goto errxit; } h->flags &= ~HEADERFLAG_SORTED; --- ./rpmio/rpmpgp.c.orig 2011-10-04 17:14:48.000000000 +0000 +++ ./rpmio/rpmpgp.c 2011-10-04 17:15:15.000000000 +0000 @@ -301,6 +301,8 @@ int pgpPrtSubType(const byte *h, unsigne while (hlen > 0) { i = pgpLen(p, &plen); + if (i + plen > hlen) + break; p += i; hlen -= i; @@ -389,7 +391,7 @@ int pgpPrtSubType(const byte *h, unsigne p += plen; hlen -= plen; } - return 0; + return (hlen != 0); /* non-zero hlen is an error */ } /*@-varuse =readonlytrans @*/ @@ -532,7 +534,8 @@ fprintf(stderr, " hash[%u] -- %s\n", p _digp->hashlen = sizeof(*v) + plen; _digp->hash = memcpy(xmalloc(_digp->hashlen), v, _digp->hashlen); } - (void) pgpPrtSubType(p, plen, v->sigtype); + if (pgpPrtSubType(p, plen, v->sigtype)) + return 1; p += plen; plen = pgpGrab(p,2); @@ -543,7 +546,8 @@ fprintf(stderr, " hash[%u] -- %s\n", p if (_debug && _print) fprintf(stderr, " unhash[%u] -- %s\n", plen, pgpHexStr(p, plen)); - (void) pgpPrtSubType(p, plen, v->sigtype); + if (pgpPrtSubType(p, plen, v->sigtype)) + return 1; p += plen; plen = pgpGrab(p,2);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor