[Rpm-maint] [Rpm-announce] RPM 4.14.0 release candidate 2 is out

Thierry Vignaud thierry.vignaud at gmail.com
Mon Oct 2 21:06:53 UTC 2017


On 28 September 2017 at 16:06, Panu Matilainen <pmatilai at redhat.com> wrote:
> There aren't that many changes since rc1, but enough to warrant a second
> release candidate instead of going for final. The important ones being:
>
> - Fix a bug of file triggers failing on some packages (MgBug:18797, in
> 4.13.x already)
> - Fix a regression on 32bit architectures on generation of packages over 2GB
> in size (RhBug:1492587)
> - Fix rpm following arbitrary directory symlinks on installation
> (CVE-2017-7500)
> - Fix rpm following symlinks on file creation (CVE-2017-7501)
> - Adjust verification to match the new directory symlink rule
> - Forbid 'if' richops in 'or' context and 'unless' richops in 'and' context
>
> As usual, the details + download info at:
>
>         http://rpm.org/wiki/Releases/4.14.0

Also this new rpm introduced segfault regressions in both RPM4 & urpmi
testsuites
See attached gdb traces in BUG*.txt
valgrind seems to hint about invalid writes/reads
See you
-------------- next part --------------
$ LC_ALL=C gdb -q --args perl t/05transaction.t
Reading symbols from perl...Reading symbols from /usr/lib/debug/usr/bin/perl5.26.1-5.26.1-1.mga7.x86_64.debug...done.
done.
(gdb) r
Starting program: /usr/bin/perl t/05transaction.t
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
1..45
error: can't create transaction lock on /dev/null/__db.000 (Not a directory)
ok 1 - Verify non existing database (get error)
ok 2 - initdb works
ok 3 - rebuild database
error: rpmdb: Enhancename: No such file or directory
error: db5 error(2) from db->verify: No such file or directory
error: rpmdb: Supplementname: No such file or directory
error: db5 error(2) from db->verify: No such file or directory
error: rpmdb: Suggestname: No such file or directory
error: db5 error(2) from db->verify: No such file or directory
error: rpmdb: Recommendname: No such file or directory
error: db5 error(2) from db->verify: No such file or directory
error: rpmdb: Transfiletriggername: No such file or directory
error: db5 error(2) from db->verify: No such file or directory
error: rpmdb: Filetriggername: No such file or directory
error: db5 error(2) from db->verify: No such file or directory
error: rpmdb: Sha1header: No such file or directory
error: db5 error(2) from db->verify: No such file or directory
error: rpmdb: Sigmd5: No such file or directory
error: db5 error(2) from db->verify: No such file or directory
error: rpmdb: Installtid: No such file or directory
error: db5 error(2) from db->verify: No such file or directory
error: rpmdb: Dirnames: No such file or directory
error: db5 error(2) from db->verify: No such file or directory
error: rpmdb: Triggername: No such file or directory
error: db5 error(2) from db->verify: No such file or directory
error: rpmdb: Obsoletename: No such file or directory
error: db5 error(2) from db->verify: No such file or directory
error: rpmdb: Conflictname: No such file or directory
error: db5 error(2) from db->verify: No such file or directory
error: rpmdb: Providename: No such file or directory
error: db5 error(2) from db->verify: No such file or directory
error: rpmdb: Requirename: No such file or directory
error: db5 error(2) from db->verify: No such file or directory
error: rpmdb: Group: No such file or directory
error: db5 error(2) from db->verify: No such file or directory
error: rpmdb: Basenames: No such file or directory
error: db5 error(2) from db->verify: No such file or directory
error: rpmdb: Name: No such file or directory
error: db5 error(2) from db->verify: No such file or directory
not ok 4 - Verify empty
#   Failed test 'Verify empty'
#   at t/05transaction.t line 24.
ok 5 - Open a new transaction
warning: Generating 18 missing index(es), please wait...
ok 6 - ts->traverse
ok 7 - Importing a public key
ok 8 - Reading the header works
ok 9 - Adding a package to transaction works
ok 10 - Checking transaction works
ok 11 - Run transaction order
ok 12 - Set transflags
ok 13 - Resetting transaction
ok 14 - Reading the header works
ok 15 - Adding a package to transaction works
ok 16 - Can get name from te
ok 17 - Can get type from te
ok 18 - traverse_transaction works
ok 19 - Checking transaction works
ok 20 - Run transaction order
ok 21 - Set transflags
TRANS_START 6 / 1
TRANS_PROGRESS 0 / 1
TRANS_STOP 6 / 1
INST_OPEN_FILE 0 / 0
 0 / 1
INST_START 0 / 284
INST_PROGRESS 0 / 284
INST_PROGRESS 284 / 284
 284 / 284
INST_CLOSE_FILE 0 / 0
ok 22 - Running transaction justdb

Program received signal SIGSEGV, Segmentation fault.
__GI___libc_free (mem=0xfffffffe7fffffff) at malloc.c:3121
3121      if (chunk_is_mmapped (p))                       /* release mmapped memory. */
(gdb) bt
#0  __GI___libc_free (mem=0xfffffffe7fffffff) at malloc.c:3121
#1  0x00007ffff68b0dd9 in rfree (ptr=ptr at entry=0xfffffffe7fffffff) at rpmmalloc.c:83
#2  0x00007ffff6ae576c in headerFree (h=0x7fffffffd1a8) at header.c:214
#3  0x00007ffff6f4d315 in XS_RPM4__Header_DESTROY (my_perl=<optimized out>, cv=<optimized out>) at RPM4.xs:890
#4  0x0000003f512e2c41 in Perl_pp_entersub (my_perl=0x603260) at pp_hot.c:4231
#5  0x0000003f5125551f in Perl_call_sv (my_perl=my_perl at entry=0x603260, sv=0xfdc988, flags=flags at entry=45) at perl.c:2848
#6  0x0000003f512e7c0a in S_curse (my_perl=my_perl at entry=0x603260, sv=sv at entry=0x104d160, check_refcnt=check_refcnt at entry=true) at sv.c:6987
#7  0x0000003f512e84f8 in Perl_sv_clear (my_perl=my_perl at entry=0x603260, orig_sv=orig_sv at entry=0x104d040) at sv.c:6591
#8  0x0000003f512e898e in Perl_sv_free2 (my_perl=my_perl at entry=0x603260, sv=0x104d040, rc=<optimized out>) at sv.c:7088
#9  0x0000003f513182e7 in S_SvREFCNT_dec_NN (sv=<optimized out>, my_perl=0x603260) at inline.h:200
#10 Perl_free_tmps (my_perl=0x603260) at scope.c:212
#11 0x0000003f512dad75 in Perl_pp_nextstate (my_perl=0x603260) at pp_hot.c:52
#12 0x0000003f512daa56 in Perl_runops_standard (my_perl=0x603260) at run.c:41
#13 0x0000003f5125d237 in S_run_body (oldscope=<optimized out>, my_perl=<optimized out>) at perl.c:2524
#14 perl_run (my_perl=0x603260) at perl.c:2447
#15 0x0000000000400c7a in main (argc=<optimized out>, argv=<optimized out>, env=<optimized out>) at perlmain.c:123
(gdb) 
-------------- next part --------------
$ LC_ALL=C sudo gdb -q --args perl t/superuser--buggy-rpms.t
Reading symbols from perl...Reading symbols from /usr/lib/debug/usr/bin/perl5.26.1-5.26.1-1.mga7.x86_64.debug...done.
done.
(gdb) r
Starting program: /usr/bin/perl t/superuser--buggy-rpms.t
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Detaching after fork from child process 13114.
ok 1 - use URPM;
Detaching after fork from child process 13115.
ok 2
Detaching after fork from child process 13116.
data/rpm-buggy/invalid-signature.rpm: NOT OK
ok 3 - rpm -K data/rpm-buggy/invalid-signature.rpm
Detaching after fork from child process 13117.
ok 4 - urpmi data/rpm-buggy/invalid-signature.rpm

Program received signal SIGSEGV, Segmentation fault.
headerFree (h=0x3f51367bc5 <Perl_PerlIO_fileno+37>) at header.c:194
194         (void) headerUnlink(h);
(gdb) bt
#0  headerFree (h=0x3f51367bc5 <Perl_PerlIO_fileno+37>) at header.c:194
#1  0x00007ffff7574daf in XS_URPM_verify_signature (my_perl=<optimized out>, cv=<optimized out>) at URPM.xs:3179
#2  0x0000003f512e2c41 in Perl_pp_entersub (my_perl=0x603260) at pp_hot.c:4231
#3  0x0000003f512daa56 in Perl_runops_standard (my_perl=0x603260) at run.c:41
#4  0x0000003f5125d237 in S_run_body (oldscope=<optimized out>, my_perl=<optimized out>) at perl.c:2524
#5  perl_run (my_perl=0x603260) at perl.c:2447
#6  0x0000000000400c7a in main (argc=<optimized out>, argv=<optimized out>, env=<optimized out>) at perlmain.c:123
(gdb) 


More information about the Rpm-maint mailing list