[Rpm-maint] [rpm-software-management/rpm] Fail to check signature (#270)

Lucas De Marchi notifications at github.com
Thu Jul 20 20:48:54 UTC 2017 

This happens when updating update from 4.13.0.1-release to master branch:

```sh
rpm -qlp /tmp/capsule-01.00.12-r0.core2_64.rpm
error: /tmp/capsule-01.00.12-r0.core2_64.rpm: signature region 62: tag number mismatch 7 ril 6 dl 792 rdl 168

error: /tmp/capsule-01.00.12-r0.core2_64.rpm: not an rpm package (or package manifest)
```

I used commit a8e51b3bb05c6acb1d9b2e3d34f859ddda1677be as  starting point for a bisect since I knew it was failing and was already with it checked out (related bug: https://github.com/intel-aero/meta-intel-aero/issues/219).

Test script:
```sh
cat /tmp/test.sh 
#!/bin/bash -e

git clean -ffxd
./autogen.sh  --prefix=/usr --without-lua --disable-python --with-external-db \
    CPPFLAGS="-I/usr/include/nspr4 -I/usr/include/nss3 -I/usr/include/db45 "
make -j4 
./rpm -qlp /tmp/capsule-01.00.12-r0.core2_64.rpm
```

Bisect log:
```
# Tested with  with "git bisect run /tmp/test.sh"


git bisect start
# bad: [a8e51b3bb05c6acb1d9b2e3d34f859ddda1677be] brp-python-bytecompile: Process python lib dirs even without standard Python
git bisect bad a8e51b3bb05c6acb1d9b2e3d34f859ddda1677be
# good: [e97d475ae2cf6709f2bbdaba34f90b87d454c13c] Preparing for rpm 4.13.0.1
git bisect good e97d475ae2cf6709f2bbdaba34f90b87d454c13c
# good: [d27f0167aa53951c4164a5d49149ad416c5a1ee4] Get rid of warnigs caused by d18fdd7f8964d01b4dfc39bf84133695cff5a13a
git bisect good d27f0167aa53951c4164a5d49149ad416c5a1ee4
# good: [e5d3b9f682383ee026b5a86a47eb5f288bdf8991] rpmdb.c: (rpmdbCheckTerminate) return non-zero on subsequent runs
git bisect good e5d3b9f682383ee026b5a86a47eb5f288bdf8991
# bad: [5b714956b7776edea635f73daa1137aa44609290] Optionally validate string is hex in rpmSigInfoParse()
git bisect bad 5b714956b7776edea635f73daa1137aa44609290
# bad: [e9e637e2559926ef0d4aa3f7cf686d1944e1d036] Fix expandFormat() to work with all string types
git bisect bad e9e637e2559926ef0d4aa3f7cf686d1944e1d036
# good: [cb97c0161236e5ba9d560b95cadd41eba87cccfc] Add + use a helper function for converting entry info to host endianess
git bisect good cb97c0161236e5ba9d560b95cadd41eba87cccfc
# bad: [0cc5ee83f1f7f345a9d46166eac2cbe4d5ba84dc] Bury the last remains of non-header signatures into lead
git bisect bad 0cc5ee83f1f7f345a9d46166eac2cbe4d5ba84dc
# good: [d26dff0632f5a23c6da3795656e8137d4057bc13] Eliminate unnecessary entry argument to headerVerifyRegion()
git bisect good d26dff0632f5a23c6da3795656e8137d4057bc13
# good: [66145664fb1d7bb7e9d584c69f97c7869de5997f] Whitespace cleanup in headerVerifyRegion()
git bisect good 66145664fb1d7bb7e9d584c69f97c7869de5997f
# bad: [441a0998fca9b3d01052bc3d33f8a72f725d5865] Require exact match on header vs region sizes when reading package files
git bisect bad 441a0998fca9b3d01052bc3d33f8a72f725d5865
# good: [6e0b5dc9f10d7d3ee944dcd63d1c6019b2e80f0d] Verify region data size fits the header
git bisect good 6e0b5dc9f10d7d3ee944dcd63d1c6019b2e80f0d
# first bad commit: [441a0998fca9b3d01052bc3d33f8a72f725d5865] Require exact match on header vs region sizes when reading package files
```

Test rpm can be downloaded from here: https://downloadmirror.intel.com/26500/eng/capsule-01.00.12-r0.core2_64.rpm

It's not obvious for me what the fix should be since the commit itself should actually be a fix as far as I understand. Doing the wrong thing and removing the check for `exact_size` "fixes" the issue, but is also probably the wrong thing to do.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/270
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20170720/d78a05b5/attachment.html>

More information about the Rpm-maint mailing list