]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 12551f4) | patch
rpm: opendb before rpmverifyscript to avoid null point input
authorZhixiong Chi <zhixiong.chi@windriver.com>
Thu, 13 Aug 2015 03:16:29 +0000 (11:16 +0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Wed, 19 Aug 2015 16:57:57 +0000 (17:57 +0100)
commit91945b7fcb0c83ca72543e5327e965eca9c269c4
tree6ecfb2ef4a34240d34663bfdeac13d616e0a0f00tree | snapshot
parent12551f4ca214cfc2528b42da8574a6622228ce0bcommit | diff
rpm: opendb before rpmverifyscript to avoid null point input

If the command is "rpm -V" and the return value of (headerIsEntry(h, RPMTAG_VERIFYSCRIPT)
|| headerIsEntry(h, RPMTAG_SANITYCHECK)) located in /lib/verify.c is true, it will call
rpmpsmStage function(rpmVerifyScript->rpmpsmScriptStage->rpmpsmStage) and occur segment
fault because of null point(rpmtsGetRdb(ts) == NULL and rpmtsGetRdb(ts)->db_txn).
So we open rpmdb to avoid bad input when find headerIsEntry true.

workflow:
main()->rpmcliVerify()->rpmcliArgIter()->rpmQueryVerify()->rpmgiShowMatches()->showVerifyPackage()->
          rpmqv.c         verify.c        query.c             query.c           verify.c(headerIsEntry)
rpmVerifyScript()->rpmpsmScriptStage()->rpmpsmStage()->    rpmtxnCommit(rpmtsGetRdb(ts)->db_txn);
      verify.c            psm.c             psm.c                 psm.c

Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
meta/recipes-devtools/rpm/rpm/rpm-opendb-before-verifyscript-to-avoid-null-point.patch [new file with mode: 0644] blob
meta/recipes-devtools/rpm/rpm_5.4.14.bb diff | blob | history
Mirror of the official openembedded-core repository