aa8a7b
Fix SIGSEGV in case of old unsupported gpg keys
@@ -0,0 +1,62 @@
|
|
1
|
+
From 2dd06933726cf5191e05264901789f8e1da6e51d Mon Sep 17 00:00:00 2001
|
2
|
+
From: Lubos Kardos <lkardos@redhat.com>
|
3
|
+
Date: Fri, 6 Nov 2015 12:45:32 +0100
|
4
|
+
Subject: [PATCH] Fix SIGSEGV in case of old unsupported gpg keys
|
5
|
+
(rhbz:1277464)
|
6
|
+
|
7
|
+
Regression from: a173d781a631a92524ce5be364c679ba19b3e321
|
8
|
+
Adds also warning that gpg key is not supported.
|
9
|
+
---
|
10
|
+
rpmio/rpmkeyring.c | 5 ++---
|
11
|
+
rpmio/rpmpgp.c | 5 +++++
|
12
|
+
2 files changed, 7 insertions(+), 3 deletions(-)
|
13
|
+
|
14
|
+
diff --git a/rpmio/rpmkeyring.c b/rpmio/rpmkeyring.c
|
15
|
+
index b6b5703..c3d2c19 100644
|
16
|
+
--- a/rpmio/rpmkeyring.c
|
17
|
+
+++ b/rpmio/rpmkeyring.c
|
18
|
+
@@ -159,9 +159,8 @@ rpmPubkey *rpmGetSubkeys(rpmPubkey mainkey, int *count)
|
19
|
+
int pgpsubkeysCount = 0;
|
20
|
+
int i;
|
21
|
+
|
22
|
+
- if (!pgpPrtParamsSubkeys(mainkey->pkt, mainkey->pktlen, mainkey->pgpkey,
|
23
|
+
- &pgpsubkeys, &pgpsubkeysCount)) {
|
24
|
+
-
|
25
|
+
+ if (mainkey && !pgpPrtParamsSubkeys(mainkey->pkt, mainkey->pktlen,
|
26
|
+
+ mainkey->pgpkey, &pgpsubkeys, &pgpsubkeysCount)) {
|
27
|
+
|
28
|
+
subkeys = xmalloc(pgpsubkeysCount * sizeof(*subkeys));
|
29
|
+
|
30
|
+
diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
|
31
|
+
index f020650..6f8d77b 100644
|
32
|
+
--- a/rpmio/rpmpgp.c
|
33
|
+
+++ b/rpmio/rpmpgp.c
|
34
|
+
@@ -624,6 +624,7 @@ static int pgpPrtSig(pgpTag tag, const uint8_t *h, size_t hlen,
|
35
|
+
rc = pgpPrtSigParams(tag, v->pubkey_algo, v->sigtype, p, h, hlen, _digp);
|
36
|
+
} break;
|
37
|
+
default:
|
38
|
+
+ rpmlog(RPMLOG_WARNING, _("Unsupported version of key: V%d\n"), h[0]);
|
39
|
+
rc = 1;
|
40
|
+
break;
|
41
|
+
}
|
42
|
+
@@ -710,6 +711,8 @@ static int pgpPrtKey(pgpTag tag, const uint8_t *h, size_t hlen,
|
43
|
+
rc = pgpPrtPubkeyParams(v->pubkey_algo, p, h, hlen, _digp);
|
44
|
+
}
|
45
|
+
} break;
|
46
|
+
+ default:
|
47
|
+
+ rpmlog(RPMLOG_WARNING, _("Unsupported version of key: V%d\n"), h[0]);
|
48
|
+
}
|
49
|
+
return rc;
|
50
|
+
}
|
51
|
+
@@ -775,6 +778,8 @@ static int getFingerprint(const uint8_t *h, size_t hlen, pgpKeyID_t keyid)
|
52
|
+
}
|
53
|
+
|
54
|
+
} break;
|
55
|
+
+ default:
|
56
|
+
+ rpmlog(RPMLOG_WARNING, _("Unsupported version of key: V%d\n"), h[0]);
|
57
|
+
}
|
58
|
+
return rc;
|
59
|
+
}
|
60
|
+
--
|
61
|
+
1.9.3
|
62
|
+
|
@@ -29,7 +29,7 @@
|
|
29
29
|
Summary: The RPM package management system
|
30
30
|
Name: rpm
|
31
31
|
Version: %{rpmver}
|
32
|
-
Release: %{?snapver:0.%{snapver}.}
|
32
|
+
Release: %{?snapver:0.%{snapver}.}10%{?dist}
|
33
33
|
Group: System Environment/Base
|
34
34
|
Url: http://www.rpm.org/
|
35
35
|
Source0: http://rpm.org/releases/rpm-4.12.x/%{name}-%{srcver}.tar.bz2
|
@@ -60,6 +60,7 @@ Patch104: rpm-4.13.0-memory-error.patch
|
|
60
60
|
Patch105: rpm-4.13.0-rpmdeps-weakdep-support.patch
|
61
61
|
Patch106: rpm-4.13.0-autopatch-fix.patch
|
62
62
|
Patch107: rpm-4.13.0-ignore-sigpipe.patch
|
63
|
+
Patch108: rpm-4.13.0-unsupported-keys.patch
|
63
64
|
|
64
65
|
# These are not yet upstream
|
65
66
|
Patch302: rpm-4.7.1-geode-i686.patch
|
@@ -564,6 +565,9 @@ exit 0
|
|
564
565
|
%doc doc/librpm/html/*
|
565
566
|
|
566
567
|
%changelog
|
568
|
+
* Fri Nov 06 2015 Lubos Kardos <lkardos@rpm.org> - 4.13.0-0.rc1.10
|
569
|
+
- Fix SIGSEGV in case of old unsupported gpg keys (#1277464)
|
570
|
+
|
567
571
|
* Fri Oct 30 2015 Lubos Kardos <lkardos@rpm.org> - 4.13.0-0.rc1.9
|
568
572
|
- Ignore SIGPIPE signals during execucton of scriptlets (#1264198)
|
569
573
|
|