[rpm] - fix crash in package manifest check (#688091)

Jindrich Novy jnovy at fedoraproject.org
Wed Mar 16 14:29:26 UTC 2011 

commit daa59d2b024219efadd0d74827fcc5a4037aa58b
Author: Jindrich Novy <jnovy at redhat.com>
Date:   Wed Mar 16 15:25:04 2011 +0100

    - fix crash in package manifest check (#688091)

 rpm-4.9.0-manifest-fix.patch |   11 +++++++++++
 rpm.spec                     |    8 +++++++-
 2 files changed, 18 insertions(+), 1 deletions(-)
---
diff --git a/rpm-4.9.0-manifest-fix.patch b/rpm-4.9.0-manifest-fix.patch
new file mode 100644
index 0000000..96d71db
--- /dev/null
+++ b/rpm-4.9.0-manifest-fix.patch
@@ -0,0 +1,11 @@
+diff -up rpm-4.9.0/lib/manifest.c.manifest-fix rpm-4.9.0/lib/manifest.c
+--- rpm-4.9.0/lib/manifest.c.manifest-fix	2010-12-03 13:11:57.000000000 +0100
++++ rpm-4.9.0/lib/manifest.c	2011-03-16 14:54:49.502557299 +0100
+@@ -96,6 +96,7 @@ rpmRC rpmReadPackageManifest(FD_t fd, in
+ 
+ 	/* Sanity checks: skip obviously binary lines and dash (for stdin) */
+ 	if (*s < 32 || rstreq(s, "-")) {
++	    s = NULL;
+ 	    rpmrc = RPMRC_NOTFOUND;
+ 	    goto exit;
+ 	}
diff --git a/rpm.spec b/rpm.spec
index ff3e72e..9b80d92 100644
--- a/rpm.spec
+++ b/rpm.spec
@@ -21,7 +21,7 @@
 Summary: The RPM package management system
 Name: rpm
 Version: %{rpmver}
-Release: %{?snapver:0.%{snapver}.}2%{?dist}
+Release: %{?snapver:0.%{snapver}.}3%{?dist}
 Group: System Environment/Base
 Url: http://www.rpm.org/
 Source0: http://rpm.org/releases/rpm-4.8.x/%{name}-%{srcver}.tar.bz2
@@ -38,6 +38,8 @@ Patch2: rpm-4.8.90-fedora-specspo.patch
 Patch3: rpm-4.8.0-no-man-dirs.patch
 # gnupg2 comes installed by default, avoid need to drag in gnupg too
 Patch4: rpm-4.8.1-use-gpg2.patch
+# Do not try to free and unallocated variable (#688091)
+Patch5: rpm-4.9.0-manifest-fix.patch
 
 # Patches already in upstream
 
@@ -204,6 +206,7 @@ packages on a system.
 %patch2 -p1 -b .fedora-specspo
 %patch3 -p1 -b .no-man-dirs
 %patch4 -p1 -b .use-gpg2
+%patch5 -p1 -b .manifest-fix
 
 %patch301 -p1 -b .niagara
 %patch302 -p1 -b .geode
@@ -417,6 +420,9 @@ exit 0
 %doc COPYING doc/librpm/html/*
 
 %changelog
+* Wed Mar 16 2011 Jindirch Novy <jnovy at redhat.com> - 4.9.0-3
+- fix crash in package manifest check (#688091)
+
 * Fri Mar 04 2011 Panu Matilainen <pmatilai at redhat.com> - 4.9.0-2
 - fix duplicate rpmsign binary in rpm main package dragging in build-libs

More information about the scm-commits mailing list