[Rpm-maint] [rpm-software-management/rpm] segfault installing packages (in very strange edge cases) (Issue #1833)
Michael Schroeder
notifications at github.com
Wed Nov 17 10:24:11 UTC 2021
The code in rpmsignfiles.c should at least check if the signature sizes match and not just use the size of the last signature...
Anyway, the sizes are implicit through the string array, so we can simply ignore the RPMTAG_FILESIGNATURELENGTH from the header and do the right thing in the implementation.
We can make fi->signaturelen an array, add fi->maxsignaturelen and add a new hex2bin variant that first calculates the max signature size, puts in in fi->maxsignaturelen and then converts the individual entries populating fi->signaturelen.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1833#issuecomment-971438688
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20211117/f619b493/attachment-0001.html>
More information about the Rpm-maint
mailing list