diff options
| author | Panu Matilainen <pmatilai@redhat.com> | 2012-10-30 09:29:46 +0200 |
|---|---|---|
| committer | Panu Matilainen <pmatilai@redhat.com> | 2012-12-07 14:22:47 +0200 |
| commit | 7a152a595685c196a716c6ed5405c74abdba1812 (patch) | |
| tree | 1c487c7ce9a3d9fe3ce2a88be4d53a90a5e179d1 | |
| parent | 539b918d838a23485cd0017c19e24af412520e44 (diff) | |
| download | rpm-7a152a595685c196a716c6ed5405c74abdba1812.tar.gz | |
Fix missing error on --import on bogus key file (RhBug:869667)
- When the "BEGIN PGP" marker is not found at all, we would silently
exit with success when trying to import utter garbage, such as
rpmkeys --import /bin/bash (not that I consider bash as gargabe ;)
(cherry picked from commit 0b9c93ed18a11818a2f3645431a338bdc3f1fc81)
| -rw-r--r-- | lib/rpmchecksig.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/lib/rpmchecksig.c b/lib/rpmchecksig.c index 42e2e6095..0d3e95ad7 100644 --- a/lib/rpmchecksig.c +++ b/lib/rpmchecksig.c @@ -32,8 +32,8 @@ static int doImport(rpmts ts, const char *fn, char *buf, ssize_t blen) int res = 0; int keyno = 1; char *start = strstr(buf, pgpmark); - - while (start) { + + do { uint8_t *pkt = NULL; size_t pktlen = 0; @@ -51,7 +51,7 @@ static int doImport(rpmts ts, const char *fn, char *buf, ssize_t blen) } /* See if there are more keys in the buffer */ - if (start + marklen < buf + blen) { + if (start && start + marklen < buf + blen) { start = strstr(start + marklen, pgpmark); } else { start = NULL; @@ -59,7 +59,8 @@ static int doImport(rpmts ts, const char *fn, char *buf, ssize_t blen) keyno++; free(pkt); - } + } while (start != NULL); + return res; } |