diff options
author | Panu Matilainen <pmatilai@redhat.com> | 2016-11-16 13:20:46 +0200 |
---|---|---|
committer | Panu Matilainen <pmatilai@redhat.com> | 2016-11-16 13:26:41 +0200 |
commit | 7010c677b0d2b0b7b4714e675d4296d3499439fc (patch) | |
tree | c6089a1aa4aacbc2e445c72f3cd76b8791041023 | |
parent | e4705b4181922d99f6e012a8ae98edac553ee102 (diff) | |
download | rpm-7010c677b0d2b0b7b4714e675d4296d3499439fc.tar.gz |
Enable data overlap checks for signature header too
For whatever historical reason rpmReadSignature() had its own loop
for calling headerVerifyInfo() on each tag one by one. Not only is
this redundant since headerVerifyInfo() can loop on its own and a
wholly unnecessary difference between the signature and regular header,
it also misses the opportunity to perform data overlap checks on the
signature data.
-rw-r--r-- | lib/signature.c | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/lib/signature.c b/lib/signature.c index 5da5b88b4..e9b0fa45a 100644 --- a/lib/signature.c +++ b/lib/signature.c @@ -146,7 +146,6 @@ rpmRC rpmReadSignature(FD_t fd, Header * sighp, char ** msg) Header sigh = NULL; rpmRC rc = RPMRC_FAIL; /* assume failure */ int xx; - int i; if (sighp) *sighp = NULL; @@ -195,10 +194,8 @@ rpmRC rpmReadSignature(FD_t fd, Header * sighp, char ** msg) goto exit; /* Sanity check signature tags */ - for (i = 1; i < il; i++) { - if (headerVerifyInfo(1, dl, pe+i, dataStart, NULL, &buf) != -1) - goto exit; - } + if (headerVerifyInfo(il-1, dl, pe+1, dataStart, NULL, &buf) != -1) + goto exit; /* OK, blob looks sane, load the header. */ sigh = headerImport(ei, uc, 0); |