[Rpm-maint] [rpm-software-management/rpm] Fix a regression from commit 22106f5d33628515d22c09c1c15dfd2217535116 (#1596)

Demi Marie Obenour notifications at github.com
Tue Mar 23 16:15:39 UTC 2021


Commit 22106f5d33628515d22c09c1c15dfd2217535116 assumed that
dataLength() would always return a nonzero number.  Unfortunately, that
isn’t the case: dataLength() returns zero for RPM_NULL_TYPE.  This meant
that hdrblobVerifyInfo() failed to reject such entries, which are
invalid.

This fixes the problem in three different ways:

1. It checks that tag data entries have length greater than zero.
2. It modifies hdrchkType() to reject RPM_NULL_TYPE.
3. It modifies dataLength() to consider zero length as an error.
You can view, comment on, or merge this pull request online at:

  https://github.com/rpm-software-management/rpm/pull/1596

-- Commit Summary --

  * Fix a regression from commit 22106f5d33628515d22c09c1c15dfd2217535116

-- File Changes --

    M lib/header.c (6)

-- Patch Links --

https://github.com/rpm-software-management/rpm/pull/1596.patch
https://github.com/rpm-software-management/rpm/pull/1596.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1596
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20210323/51d61a4f/attachment-0001.html>


More information about the Rpm-maint mailing list