[Rpm-maint] [rpm-software-management/rpm] Fix off-by-one in hdrblobGet() making last entry unreachable (RhBug:1… (#803)
notifications at github.com
Wed Jul 31 09:15:04 UTC 2019
hdrblobGet() introduced in commits acfde0d0e812e9f8e153ab6be8c9f2682bdd4763
and 9821de18811db97238c34a564221e315f5f35b44 has an off-by-one thinko
(perhaps the idea was to skip the first, region tag) which causes
the last entry to be unreachable. In typical packages, that is
RPMSIG_PAYLOADSIZE which is not used at all in this context so it doesn't
matter, but in large packages use RPMSIG_LONGARCHIVESIZE which has a lower
tag number and leaves either RPMSIGTAG_MD5 or RPMSIGTAG_GPG last,
unreachable and thus unverifiable. Oops.
This fixes the regression introduced in rpm 4.14, affecting verification
of large packages (ie having RPMSIG_LONGARCHIVESIZE)
You can view, comment on, or merge this pull request online at:
-- Commit Summary --
* Fix off-by-one in hdrblobGet() making last entry unreachable (RhBug:1722921)
-- File Changes --
M lib/header.c (2)
-- Patch Links --
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Rpm-maint