teknoraver / rpms / rpm

Forked from rpms/rpm 5 months ago
Clone

Blame 0001-Fix-potential-use-of-uninitialized-pgp-struct.patch

Michal Domonkos 0c6298
From 1b90b8c7d176026b669ce28c6e185724a4b208b0 Mon Sep 17 00:00:00 2001
Michal Domonkos 0c6298
From: Michal Domonkos <mdomonko@redhat.com>
Michal Domonkos 0c6298
Date: Fri, 7 Jun 2024 10:14:25 +0200
Michal Domonkos 0c6298
Subject: [PATCH] Fix potential use of uninitialized pgp struct
Michal Domonkos 0c6298
Michal Domonkos 0c6298
We only call initPgpData() after base64 encoding the pubkey so if the
Michal Domonkos 0c6298
latter fails, the kd struct will be left uninitialized and subsequently
Michal Domonkos 0c6298
read from after skipping to the exit label.  Fix by initializing it.
Michal Domonkos 0c6298
Michal Domonkos 0c6298
Found by Coverity.
Michal Domonkos 0c6298
Michal Domonkos 0c6298
Fixes: RHEL-22605
Michal Domonkos 0c6298
---
Michal Domonkos 0c6298
 lib/rpmts.c | 2 ++
Michal Domonkos 0c6298
 1 file changed, 2 insertions(+)
Michal Domonkos 0c6298
Michal Domonkos 0c6298
diff --git a/lib/rpmts.c b/lib/rpmts.c
Michal Domonkos 0c6298
index 3070b97e6..76964c60a 100644
Michal Domonkos 0c6298
--- a/lib/rpmts.c
Michal Domonkos 0c6298
+++ b/lib/rpmts.c
Michal Domonkos 0c6298
@@ -508,6 +508,8 @@ static int makePubkeyHeader(rpmts ts, rpmPubkey key, rpmPubkey *subkeys,
Michal Domonkos 0c6298
     int rc = -1;
Michal Domonkos 0c6298
     int i;
Michal Domonkos 0c6298
 
Michal Domonkos 0c6298
+    memset(&kd, 0, sizeof(kd));
Michal Domonkos 0c6298
+
Michal Domonkos 0c6298
     if ((enc = rpmPubkeyBase64(key)) == NULL)
Michal Domonkos 0c6298
 	goto exit;
Michal Domonkos 0c6298
 
Michal Domonkos 0c6298
-- 
Michal Domonkos 0c6298
2.46.0
Michal Domonkos 0c6298