From 58b5f2832f2e7a521ad9e519b0ed861d10c8174e Mon Sep 17 00:00:00 2001 From: Michal Grzedzicki Date: Jul 04 2024 10:18:20 +0000 Subject: Fix segfault in rpm2extents where headerFree() crashes trying to free uninitialized header value in process_package() if it exits early. --- diff --git a/0035-rpmcow-fix-segfault-in-rpm2extents.patch b/0035-rpmcow-fix-segfault-in-rpm2extents.patch new file mode 100644 index 0000000..6ebf722 --- /dev/null +++ b/0035-rpmcow-fix-segfault-in-rpm2extents.patch @@ -0,0 +1,11 @@ +--- a/rpm2extents.c 2024-07-03 07:13:36.195332381 -0700 ++++ b/rpm2extents.c 2024-07-03 07:13:43.606553540 -0700 +@@ -269,7 +269,7 @@ + + FD_t fdo; + FD_t gzdi; +- Header h, sigh; ++ Header h=NULL, sigh=NULL; + long fundamental_block_size = sysconf(_SC_PAGESIZE); + rpmRC rc = RPMRC_OK; + rpm_mode_t mode; diff --git a/rpm.spec b/rpm.spec index f699003..47e8925 100644 --- a/rpm.spec +++ b/rpm.spec @@ -42,7 +42,7 @@ %global rpmver 4.16.1.3 #global snapver rc1 -%global rel 25.1 +%global rel 25.2 %global sover 9 %global srcver %{rpmver}%{?snapver:-%{snapver}} @@ -195,6 +195,7 @@ Patch9931: 0031-rpmcow-denylist.patch Patch9932: 0032-rpmcow-workaround.patch Patch9933: 0033-rpmcow-fix-stack-overflow-in-rpm2extents.patch Patch9934: 0034-rpmcow-fix-issue-for-transaction-with-transcoded-and-untranscoded-packages.patch +Patch9935: 0035-rpmcow-fix-segfault-in-rpm2extents.patch Provides: rpm(pr1470) Provides: rpm(pr1470_1) @@ -794,6 +795,9 @@ fi %doc doc/librpm/html/* %changelog +* Wed Jul 3 2024 Michal Grzedzicki - 4.16.1.3-25.2 +- Fix segfault in rpm2extents + * Thu Aug 17 2023 Richard Phibel - 4.16.1.3-25.1 - Merge upstream changes for Hyperscale