aa8a7b Fix SIGSEGV in case of old unsupported gpg keys

Authored and Committed by Lubos Kardos 9 years ago
    Fix SIGSEGV in case of old unsupported gpg keys
    Resolves: #1277464
    
        
rpm-4.13.0-unsupported-keys.patch ADDED
@@ -0,0 +1,62 @@
1
+ From 2dd06933726cf5191e05264901789f8e1da6e51d Mon Sep 17 00:00:00 2001
2
+ From: Lubos Kardos <lkardos@redhat.com>
3
+ Date: Fri, 6 Nov 2015 12:45:32 +0100
4
+ Subject: [PATCH] Fix SIGSEGV in case of old unsupported gpg keys
5
+ (rhbz:1277464)
6
+
7
+ Regression from: a173d781a631a92524ce5be364c679ba19b3e321
8
+ Adds also warning that gpg key is not supported.
9
+ ---
10
+ rpmio/rpmkeyring.c | 5 ++---
11
+ rpmio/rpmpgp.c | 5 +++++
12
+ 2 files changed, 7 insertions(+), 3 deletions(-)
13
+
14
+ diff --git a/rpmio/rpmkeyring.c b/rpmio/rpmkeyring.c
15
+ index b6b5703..c3d2c19 100644
16
+ --- a/rpmio/rpmkeyring.c
17
+ +++ b/rpmio/rpmkeyring.c
18
+ @@ -159,9 +159,8 @@ rpmPubkey *rpmGetSubkeys(rpmPubkey mainkey, int *count)
19
+ int pgpsubkeysCount = 0;
20
+ int i;
21
+
22
+ - if (!pgpPrtParamsSubkeys(mainkey->pkt, mainkey->pktlen, mainkey->pgpkey,
23
+ - &pgpsubkeys, &pgpsubkeysCount)) {
24
+ -
25
+ + if (mainkey && !pgpPrtParamsSubkeys(mainkey->pkt, mainkey->pktlen,
26
+ + mainkey->pgpkey, &pgpsubkeys, &pgpsubkeysCount)) {
27
+
28
+ subkeys = xmalloc(pgpsubkeysCount * sizeof(*subkeys));
29
+
30
+ diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
31
+ index f020650..6f8d77b 100644
32
+ --- a/rpmio/rpmpgp.c
33
+ +++ b/rpmio/rpmpgp.c
34
+ @@ -624,6 +624,7 @@ static int pgpPrtSig(pgpTag tag, const uint8_t *h, size_t hlen,
35
+ rc = pgpPrtSigParams(tag, v->pubkey_algo, v->sigtype, p, h, hlen, _digp);
36
+ } break;
37
+ default:
38
+ + rpmlog(RPMLOG_WARNING, _("Unsupported version of key: V%d\n"), h[0]);
39
+ rc = 1;
40
+ break;
41
+ }
42
+ @@ -710,6 +711,8 @@ static int pgpPrtKey(pgpTag tag, const uint8_t *h, size_t hlen,
43
+ rc = pgpPrtPubkeyParams(v->pubkey_algo, p, h, hlen, _digp);
44
+ }
45
+ } break;
46
+ + default:
47
+ + rpmlog(RPMLOG_WARNING, _("Unsupported version of key: V%d\n"), h[0]);
48
+ }
49
+ return rc;
50
+ }
51
+ @@ -775,6 +778,8 @@ static int getFingerprint(const uint8_t *h, size_t hlen, pgpKeyID_t keyid)
52
+ }
53
+
54
+ } break;
55
+ + default:
56
+ + rpmlog(RPMLOG_WARNING, _("Unsupported version of key: V%d\n"), h[0]);
57
+ }
58
+ return rc;
59
+ }
60
+ --
61
+ 1.9.3
62
+
file modified
+5 -1
rpm.spec CHANGED
@@ -29,7 +29,7 @@
29
29
Summary: The RPM package management system
30
30
Name: rpm
31
31
Version: %{rpmver}
32
- Release: %{?snapver:0.%{snapver}.}9%{?dist}
32
+ Release: %{?snapver:0.%{snapver}.}10%{?dist}
33
33
Group: System Environment/Base
34
34
Url: http://www.rpm.org/
35
35
Source0: http://rpm.org/releases/rpm-4.12.x/%{name}-%{srcver}.tar.bz2
@@ -60,6 +60,7 @@ Patch104: rpm-4.13.0-memory-error.patch
60
60
Patch105: rpm-4.13.0-rpmdeps-weakdep-support.patch
61
61
Patch106: rpm-4.13.0-autopatch-fix.patch
62
62
Patch107: rpm-4.13.0-ignore-sigpipe.patch
63
+ Patch108: rpm-4.13.0-unsupported-keys.patch
63
64
64
65
# These are not yet upstream
65
66
Patch302: rpm-4.7.1-geode-i686.patch
@@ -564,6 +565,9 @@ exit 0
564
565
%doc doc/librpm/html/*
565
566
566
567
%changelog
568
+ * Fri Nov 06 2015 Lubos Kardos <lkardos@rpm.org> - 4.13.0-0.rc1.10
569
+ - Fix SIGSEGV in case of old unsupported gpg keys (#1277464)
570
+
567
571
* Fri Oct 30 2015 Lubos Kardos <lkardos@rpm.org> - 4.13.0-0.rc1.9
568
572
- Ignore SIGPIPE signals during execucton of scriptlets (#1264198)
569
573