csomh / source-git / rpm

Forked from source-git/rpm 4 years ago
Clone
Source Code
GIT

620074 Fix off-by-one in hdrblobGet() making last entry unreachable (RhBug:1722921)

1 file Authored by Panu Matilainen 4 years ago, Committed by Hunor Csomortáni 4 years ago,
raw patch tree parent
1 file changed. 1 lines added. 1 lines removed.
lib/header.c
file modified
+1 -1 
    Fix off-by-one in hdrblobGet() making last entry unreachable (RhBug:1722921)
    
    hdrblobGet() introduced in commits acfde0d0e812e9f8e153ab6be8c9f2682bdd4763
    and 9821de18811db97238c34a564221e315f5f35b44 has an off-by-one thinko
    (perhaps the idea was to skip the first, region tag) which causes
    the last entry to be unreachable. In typical packages, that is
    RPMSIG_PAYLOADSIZE which is not used at all in this context so it doesn't
    matter, but in large packages use RPMSIG_LONGARCHIVESIZE which has a lower
    tag number and leaves either RPMSIGTAG_MD5 or RPMSIGTAG_GPG last,
    unreachable and thus unverifiable. Oops.
    
    This fixes the regression introduced in rpm 4.14, affecting verification
    of large packages (ie having RPMSIG_LONGARCHIVESIZE)
file modified
+1 -1

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation