[Rpm-maint] [rpm-software-management/rpm] Be much more careful about copying data from the signature header (#1577)
Demi Marie Obenour
notifications at github.com
Mon Mar 15 15:30:00 UTC 2021
@DemiMarie approved this pull request.
Thank you! I included a couple of minor performance suggestions, but those should not delay merging.
> - case RPMSIGTAG_VERITYSIGNATURES:
- case RPMSIGTAG_VERITYSIGNATUREALGO:
- case RPMSIGTAG_SHA1:
- case RPMSIGTAG_SHA256:
- case RPMSIGTAG_DSA:
- case RPMSIGTAG_RSA:
- default:
- if (!(td.tag >= HEADER_SIGBASE && td.tag < HEADER_TAGBASE))
- continue;
- break;
- }
- if (!headerIsEntry(h, td.tag)) {
- switch (td.type) {
- case RPM_NULL_TYPE:
- continue;
+ if (headerGet(sigh, xl->stag, &td, HEADERGET_RAW)) {
```suggestion
if (headerGet(sigh, xl->stag, &td, HEADERGET_RAW | HEADERGET_MINMEM)) {
```
> }
}
- headerFreeIterator(hi);
+ rpmtdFreeData(&td);
+
```suggestion
bad:
```
> + rpmtdReset(&td);
+ for (xl = xlateTags; xl->stag; xl++) {
+ /* There mustn't be one in the main header */
+ if (headerIsEntry(h, xl->xtag))
break;
```suggestion
rpmtdReset(&td);
for (xl = xlateTags; xl->stag; xl++) {
/* There mustn't be one in the main header */
if (headerIsEntry(h, xl->xtag))
goto bad;
}
for (xl = xlateTags; xl->stag; xl++) {
```
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1577#pullrequestreview-612322287
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20210315/324defa1/attachment.html>
More information about the Rpm-maint
mailing list