From 8fcb9658d2a55379c8a7f6a9ce4c3cbd2d1ea212 Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Jan 23 2017 13:45:35 +0000
Subject: Fix malformed packages being generated around 4GB boundary (#1405570)


---

diff --git a/rpm-4.13.0-signaturesize.patch b/rpm-4.13.0-signaturesize.patch
new file mode 100644
index 0000000..05b24ee
--- /dev/null
+++ b/rpm-4.13.0-signaturesize.patch
@@ -0,0 +1,48 @@
+commit 61b41cd3d9f2003cbfd7c987f35fc6aedddd2a73
+Author: Panu Matilainen <pmatilai@redhat.com>
+Date:   Fri Jan 13 10:48:43 2017 +0200
+
+    Make the signature header size constant between 32- and 64-bit tags
+    
+    Since commit 68bddc353a7ea87ea00ad957858cd509e845e84c we're initially
+    creating the signature header with estimated values, and if you're
+    unlucky enough to have the estimated and actual size on the different
+    sides of UINT32_MAX boundary, the resulting package will have the main
+    header off by eight bytes, making it unreadable by rpm (RhBug:1405570)
+    
+    Always reserve a little bit of space in the signature header so we
+    we can maintain the overall size constant regardless of whether 32- or
+    64-bit tags were used by using a smaller "padding" with 64bit tags.
+    
+    (cherry picked from commit e51644e0ee2d33c02c06560f87ea6aecb9991673)
+
+diff --git a/lib/signature.c b/lib/signature.c
+index 9784c7b..1b9fe34 100644
+--- a/lib/signature.c
++++ b/lib/signature.c
+@@ -304,7 +304,8 @@ rpmRC rpmGenerateSignature(char *SHA1, uint8_t *MD5, rpm_loff_t size,
+     struct rpmtd_s td;
+     rpmRC rc = RPMRC_OK;
+     char *reservedSpace;
+-    int spaceSize = 0;
++    int spaceSize = 32; /* always reserve a bit of space */
++    int gpgSize = rpmExpandNumeric("%{__gpg_reserved_space}");
+ 
+     /* Prepare signature */
+     sig = rpmNewSignature();
+@@ -349,9 +350,14 @@ rpmRC rpmGenerateSignature(char *SHA1, uint8_t *MD5, rpm_loff_t size,
+ 	td.tag = RPMSIGTAG_LONGSIZE;
+ 	td.data = &s;
+ 	headerPut(sig, &td, HEADERPUT_DEFAULT);
++
++	/* adjust for the size difference between 64- and 32bit tags */
++	spaceSize -= 8;
+     }
+ 
+-    spaceSize = rpmExpandNumeric("%{__gpg_reserved_space}");
++    if (gpgSize > 0)
++	spaceSize += gpgSize;
++
+     if(spaceSize > 0) {
+ 	reservedSpace = xcalloc(spaceSize, sizeof(char));
+ 	rpmtdReset(&td);
diff --git a/rpm.spec b/rpm.spec
index 780d2d9..e9e40dd 100644
--- a/rpm.spec
+++ b/rpm.spec
@@ -29,7 +29,7 @@
 Summary: The RPM package management system
 Name: rpm
 Version: %{rpmver}
-Release: %{?snapver:0.%{snapver}.}10%{?dist}
+Release: %{?snapver:0.%{snapver}.}11%{?dist}
 Group: System Environment/Base
 Url: http://www.rpm.org/
 Source0: http://rpm.org/releases/%{srcdir}/%{name}-%{srcver}.tar.bz2
@@ -53,6 +53,7 @@ Patch5: rpm-4.12.0-rpm2cpio-hack.patch
 
 # Patches already upstream:
 Patch100: rpm-4.13.x-transfiletriggerpostun-invalid-read.patch
+Patch101: rpm-4.13.0-signaturesize.patch
 
 Patch133: rpm-4.13.x-pythondistdeps.patch
 Patch134: rpm-4.13.x-pythondistdeps-Makefile.patch
@@ -565,6 +566,9 @@ exit 0
 %doc doc/librpm/html/*
 
 %changelog
+* Mon Jan 23 2017 Panu Matilainen <pmatilai@redhat.com> - 4.13.0-11
+- Fix malformed packages being generated around 4GB boundary (#1405570)
+
 * Fri Jan 06 2017 Igor Gnatenko <i.gnatenko.brain@gmail.com> - 4.13.0-10
 - Add Requires: python-setuptools for rpm-build (RHBZ #1410631)