[Rpm-maint] [rpm-software-management/rpm] Fix segfault on fingerprinting symlink round (RhBug:1660232) (#651)
Panu Matilainen
notifications at github.com
Tue Apr 2 10:15:22 UTC 2019
Both yum and dnf perform a test-transaction before the real thing,
and both neglet to check for an error code from the test-transaction
when there are no problem objects to return. Which can happen in
some special cases, such a using different vsflags between initial
package read and transaction (which is what both yum and dnf do),
which can cause the in-transaction package open fail on corrupt packages.
And when this failed transaction is fed back to rpmtsRun(), it
segfaults in fingerprinting as the second loop of symlink checking
doesn't check for NULL's element files like the first loop does.
Add the missing NULL check and remove bogus "can't happen" comment to fix.
FWIW, the scenario with different vsflags and corrupted packages doesn't
happen by default in rpm >= 4.14.2, the corrupt package gets caught
in the verify stage which does create problem objects and thus both
yum and dnf abort as they should.
You can view, comment on, or merge this pull request online at:
https://github.com/rpm-software-management/rpm/pull/651
-- Commit Summary --
* Fix segfault on fingerprinting symlink round (RhBug:1660232)
-- File Changes --
M lib/fprint.c (6)
-- Patch Links --
https://github.com/rpm-software-management/rpm/pull/651.patch
https://github.com/rpm-software-management/rpm/pull/651.diff
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/651
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20190402/c315f849/attachment.html>
More information about the Rpm-maint
mailing list