diff --git a/0001-Skip-to-hashed-subpacket-data-directly.patch b/0001-Skip-to-hashed-subpacket-data-directly.patch new file mode 100644 index 0000000..f0eaf1f --- /dev/null +++ b/0001-Skip-to-hashed-subpacket-data-directly.patch @@ -0,0 +1,35 @@ +From 331afbf2b6b32582b29ceadcd37b43a4f905b7f4 Mon Sep 17 00:00:00 2001 +From: Michal Domonkos +Date: Mon, 5 Aug 2024 14:40:57 +0200 +Subject: [PATCH] Skip to hashed subpacket data directly + +Make OpenScanHub grok the bigger picture here, instead of producing a +spurious overrun warning for v->hashlen when we're dereferencing p +later. + +No functional change. + +Resolves: RHEL-22607 +--- + rpmio/rpmpgp.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c +index d0688ebe9..6a7049954 100644 +--- a/rpmio/rpmpgp.c ++++ b/rpmio/rpmpgp.c +@@ -618,10 +618,9 @@ static int pgpPrtSig(pgpTag tag, const uint8_t *h, size_t hlen, + pgpPrtVal(" ", pgpSigTypeTbl, v->sigtype); + pgpPrtNL(); + +- p = &v->hashlen[0]; + if (pgpGet(v->hashlen, sizeof(v->hashlen), h + hlen, &plen)) + return 1; +- p += sizeof(v->hashlen); ++ p = h + sizeof(*v); + + if ((p + plen) > (h + hlen)) + return 1; +-- +2.45.2 + diff --git a/rpm.spec b/rpm.spec index 13f3ec5..97a9cb2 100644 --- a/rpm.spec +++ b/rpm.spec @@ -32,7 +32,7 @@ %global rpmver 4.16.1.3 #global snapver rc1 -%global rel 32 +%global rel 33 %global sover 9 %global srcver %{rpmver}%{?snapver:-%{snapver}} @@ -136,6 +136,7 @@ Patch1000: rpm-4.16.1.3-hashtab-use-after-free-fix.patch Patch1001: rpm-4.16.1.3-find_debuginfo_vendor_opts.patch Patch1002: 0001-Macroize-find-debuginfo-script-location.patch Patch1003: 0001-Fix-root-relocation-regression.patch +Patch1004: 0001-Skip-to-hashed-subpacket-data-directly.patch # Partially GPL/LGPL dual-licensed and some bits with BSD # SourceLicense: (GPLv2+ and LGPLv2+ with exceptions) and BSD @@ -666,6 +667,7 @@ fi %changelog * Mon Aug 05 2024 Michal Domonkos - 4.16.1.3-33 - Fix root relocation regression (RHEL-28967) +- Don't confuse OpenScanHub with false array overrun (RHEL-22607) * Fri Jul 12 2024 Michal Domonkos - 4.16.1.3-32 - Revert incorrect fix for false array overrun (RHEL-22607)