summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Preparing for rpm 4.12.0.2rpm-4.12.0.2-releaserpm-4.12.xPanu Matilainen2016-11-0336-2766/+2766
|
* Avoid going past header data area when validating SHA1 header digestPanu Matilainen2016-11-021-2/+3
| | | | | | | | A malformed header with no zeros in it could've easily walked off the edge of the world here. That it happens while trying to validate the tag data content is the height of embarrasment of sorts. (cherry picked from commit d8bfe732572e8295015a372348dd13bdecb40f8c)
* Verify data is within range and does not overlap in headerVerifyInfo()Panu Matilainen2016-11-022-6/+17
| | | | | | | | | | | | | | | | Checking whether data start offset is within header data area is of no use whatsoever if the entire chunk doesn't fit. Validate the entire data fits within range and that it does not overlap, however with string types we can only check the array size is sane but we cant check the actual content. Adjust the upper limit for region trailer in headerVerifyRegion() so it fits the new rules, but in reality calling headerVerifyInfo() for the region tags is rather pointless since they're so different. Partial fix for RhBug:1373107. (cherry picked from commit 89dce2b91d7d73a1e225461a7392c3d6d7a30a95)
* Bring CREDITS to this milleniumPanu Matilainen2016-11-021-5/+114
| | | | | | | | Merge pre-existing contributions with names from git shortlog (now that we have a reasonable mapping), all names in alphabetical order. (cherry picked from commit ef656ca6a6edb75dd9e9ee5801c7ac3357de9f4d) (cherry picked from commit 49f06a1d96200f17f09e22e62b3c71221272b3fe)
* Revised fix for CVE-2013-6435Panu Matilainen2016-11-021-2/+2
| | | | | | | | | | | | | | | | | | | In case of hardlinked files, we first create a zero-length file to which all the links are created, the content comes in the last link. When the links have been created with no permissions at all (as per commit 7e26e2bd726f48836be289400c7d82cb8b067dc1), reopening the final file for writing the actual content fails for non-root users. Which breaks installation of hardlinked files for regular users, including our testsuite. Creating the files with write-only permissions solves the issue - we *are* writing to these files afterall so it only makes sense. This doesn't stop root from reading the file but neither does zero permissions so no change there. But if somebody reads a file with write-only permissions and gets garbage, at least we get to tell them "told you so". (cherry picked from commit 6e7c6d1a18aa14fc7a980c43d980a26d82f785c4)
* Create files with with 000 permissions to avoid leaking yet unchecked dataFlorian Festi2016-11-021-1/+6
| | | | | | | As we are calculating the check sum while writing we only know the file content is correct after it being written comletely. CVE-2013-6435 (cherry picked from commit 7e26e2bd726f48836be289400c7d82cb8b067dc1)
* Fix overflow in cpio filename by limiting the allowed length to 4kBFlorian Weimer2016-11-021-0/+3
| | | | | | | This could lead to a stack-based overflow, while parsing a crafted CPIO header in the payload section of an RPM file. Fixes: rhbz#1168715, CVE-2014-8118 (cherry picked from commit f255c6bdb27ad1512c043a64195410d46996395a)
* Make sure getNEVRA always sets td.dataFlorian Festi2016-11-021-1/+1
| | | | | | Fixes segfault when reading tampered package without any of the NEVRA tags. (cherry picked from commit b4f0e7ef184f2cdfcee5289108763e46be9438db)
* Fix sigsegv in stringFormat() (rhbz:1316903)Lubos Kardos2016-11-021-2/+5
| | | | | | | Just skip duping of NULL and return it. Returned NULL is handled in upper layer. (cherry picked from commit cddf43a56f19711866371f02f378dc4095b0fadd)
* Fix reading rpmtd behind its size in formatValue() (rhbz:1316896)Lubos Kardos2016-11-021-1/+1
| | | | | | When it is read from index higher than size of rpmtd, return "(none)". (cherry picked from commit b722cf86200505b3e3fcbb2095c4ff61f1f5a2ab)
* Misleading indentation fixes (GCC6)Boris Egorov2016-11-022-3/+6
| | | | | | | | | | | | | package.c: This one is definitely an error (See commit 57000e976b1e5ed2c3c1e78567cd stating "No functional changes"). rpminstall.c: Judging by the code above, we should set eiu->fnp to NULL only on error, but it happens every time we reach function end. Signed-off-by: Boris Egorov <egorov@linux.com> (cherry picked from commit dddc6e7be597e787917009c3d892ebe29c99eff8)
* Fix crash when parsing corrupted RPM file (rhbz:1273360)Lubos Kardos2016-11-021-6/+8
| | | | (cherry picked from commit 9c36ca411332d2718eca339e867561c39abc256b)
* Handle %ghost file in payload (RhBug:1156497)Panu Matilainen2016-11-021-0/+4
| | | | | | | | | | | | | - Older rpm (< 4.11) sometimes packaged %ghost files into payload, at least in case of a hardlinked file marked as %ghost. Just skip them if encountered in payload, whereas older rpm thought of these as actual hardlinks (including 'rpm -qlv' output) but handled (whether accidentally or otherwise) somewhere in the fsm. Thanks to Florian for pointing out this correct fix instead of reverting back to former behavior. - Depends on commit d85dc92e8d7fb50d16f49faa1e88c85fdc526199. (cherry picked from commit bcb5fb50ddccdbccf6f096d0c574184c7b82c4b8)
* Generic support for skipping items inside file info iteratorPanu Matilainen2016-11-022-1/+5
| | | | (cherry picked from commit 051ca9ec7f3c386877f9c0faa77d577f891d3a59)
* Unbreak size and archive size generation on big-endian systemsPanu Matilainen2016-11-021-22/+23
| | | | | | | - Fix regression from commit 68bddc353a7ea87ea00ad957858cd509e845e84c, accessing a 64bit int as if it were a 32bit one doesn't make it one. (cherry picked from commit 104856ea17161eb3a508913c2b7ed701f2e4f6aa)
* tests: Do not pass real pathnames to fakechroot commandsFlorian Festi2016-11-026-75/+76
| | | | | | | | for the remaining tests. Also add a Provides: /bin/sh to one of the specs as the test does no longer works without for some unknown reason. (backported from commit 394cbfb668655f7aa10ff6b178ec92b44a117ea6)
* tests: Do not pass real pathnames to fakechroot commandsMichal Marek2016-11-0212-177/+177
| | | | | | | | | | | | Fakechroot returns -ENOENT for such paths: $ FAKECHROOT_BASE=$PWD/tests/testing fakechroot ls /not_an.rpm /not_an.rpm $ FAKECHROOT_BASE=$PWD/tests/testing fakechroot ls $PWD/not_an.rpm ls: cannot access /home/mmarek/GIT/rpm/not_an.rpm: No such file or directory Signed-off-by: Michal Marek <mmarek@suse.com> (backported from commit 3a392532b0074bb7744c4d682f52834e942f50a2)
* Preparing for rpm 4.12.0.1 (dot paperbag)rpm-4.12.0.1-releasePanu Matilainen2014-09-1837-177/+177
| | | | | - Bump version - Bump library revisions
* Add a simple test-case for RhBug:1142949Panu Matilainen2014-09-181-0/+18
| | | | (cherry picked from commit 00b336b45a470eaed7009038a623169aff9d16f0)
* Fix archive size tag missing cpio trailer size (RhBug:1142949)Panu Matilainen2014-09-182-4/+4
| | | | | | | | | | | | | - Fixes regression from commit 7f84a126ab43f2d0163911100b4432364d0952a6 which causes archive size to be determined before closing the archive when closing actually writes the cpio trailer into the archive. Thus RPMTAG_ARCHIVESIZE (and RPMTAG_LONGARCHIVESIZE) are off by the cpio trailer size in all packages built with rpm 4.12.0 and pre-releases :( - Move rpmcpioFree() to rpmfiFree() to allow Tell() on the archive after closing it, swap to original order of things on build-side. (cherry picked from commit a655cee655f7a2b8b4c7ae214afceefa986378f5)
* Turn invalid double separator error into a warningPanu Matilainen2014-09-171-3/+3
| | | | | | | | | | | - As hysterical as it seems, people keep banging their heads into this: older distros have these invalid dependencies deployed etc and people do expect to create srpms and do test-builds on newer distros they're running themselves. Which, put that way, seems rather reasonable... - For history reference, the sanity check was originally introduced in commit b2cf1471bbe2c35e3c36510a9e3f59919d8ed2c8 and 67ccf8d99630f4edad0ea16dddaca0a3355fba00, - Backported from commit 1b3f7547c532b1f5ad68228571f1716d5be5b455
* Preparing for rpm 4.12.0rpm-4.12.0-releasePanu Matilainen2014-09-1536-491/+491
|
* Ensure librpm doxygen stuff gets rebuilt when version changesPanu Matilainen2014-09-151-1/+1
| | | | | | - configure.ac is where the version is defined, so... (cherry picked from commit 297eb7ae2f792bf55f4a4d0674800b3ccb6b43af)
* Dependency refactor whack-a-mole, aka One More Time...Panu Matilainen2014-09-121-1/+1
| | | | | | | | | | | | - Commit 0bda2faa4de368a87f85084856a5fed701774acb fixed manual dependencies in rpmspec queryies, but missed automatic self-provides. Add the self-provides before the first round of header dependency population to fix. SIGH. - Another sorta related side-effect is that the exact order of rpmspec output changes as things are now properly sorted, previously it was a mixed bag. (cherry picked from commit 4bc2900baee9ff289dabc47609059accc0f39983)
* Regression the 13th: The Final FridayPanu Matilainen2014-09-101-20/+11
| | | | | | | | | | - Yet another regression from the recent dependency refactoring and ensuing patches-on-patches-on-patches work: some rpmlib() dependencies (payload, tilde) are added as late as writeRPM(), those have been going to /dev/null recently. - The fix actually removing code is probably a good sign... (cherry picked from commit cac311c2ddb43b62ad9dbdb5543d50848eb9fd65)
* Preparing for rpm 4.12.0-rc1rpm-4.12.0-rc1Panu Matilainen2014-08-2736-1051/+1051
|
* Dont try to close non-existent fdno's on Fclose()Panu Matilainen2014-08-271-5/+7
| | | | | | | | | | | - Commit 547a004b7e1e9e5a5d6cc04ce0539242bff5e592 introduced a regression on stacked io Fclose() return code, details at http://lists.rpm.org/pipermail/rpm-maint/2014-August/003731.html - The original code seems fishy in other ways (missed errors), this hopefully fixes both cases by only attempting to close actually open fdno's and only considering actual closes for error codes. (cherry picked from commit 0ffc0e29e949c63b897fb87bd705e0fb8d0990f9)
* Fixed double dealocation of ei pointer (RhBug:1133885)Lubos Kardos2014-08-271-1/+1
| | | | (cherry picked from commit 0ab486b8e169edbe66870f5ff43f9dd07ffd2655)
* Dirty kludgery to fix rpmdeps segfault (RhBug:1131892)Panu Matilainen2014-08-261-0/+5
| | | | | | | | - Another regression from the recent rpmfc work, in rpmdeps context there's no spec or packages from it. Allocate a dummy package so we have some place to store the dependencies. And yes its ugly. (cherry picked from commit 49f2bb7d8fd91f2d8b22bf7128fd3defe4ed5434)
* Resurrect rpmlib() dependencies on source rpmsPanu Matilainen2014-08-261-0/+10
| | | | | | | | | | - Commit 0bda2faa4de368a87f85084856a5fed701774acb caused a regression where rpmlib() dependencies are no longer added to src.rpm packages as the header is populated early, whereas rpmlib() dependencies get added late in the game. So nothing was pushing the rpmlib stuff to header. Sigh. (cherry picked from commit 8b540fbf1bb77320772b87d40518d761f62752b3)
* Resurrect dependency spew during buildPanu Matilainen2014-08-261-5/+3
| | | | | | | | | - Since commit a357c99c58a5e1367160dfa692f26d14bd3a3df1 the dependencies are no longer in the header so there's little to print from there. As it happens things are much saner this way, we no longer need to create rpmds'es just to print stuff. (cherry picked from commit 404f053f7829fa859209ded8399243dba851f263)
* Fix triggerindex handling in rpmdsMergeMichael Schroeder2014-08-261-5/+13
| | | | | | | It always created a triggerindex array and also did not correctly initialize it with -1. (cherry picked from commit 1f22cc40518b3f671201803c5f937fae6b6afe63)
* Revised fix for RhBug:1131892Panu Matilainen2014-08-261-2/+2
| | | | | | | | - Didn't realize there's rpmdsTagTi() now, which is fit for this purpose and doesn't look as much out of line with the others. No functional changes here though. (cherry picked from commit 6ee2468934b45c1c9d1b84b1ba70fe44373425c9)
* Delete trigger indexes too from header before adding again (RhBug:1131892)Panu Matilainen2014-08-261-1/+2
| | | | | | | | | | - Fixes regression introduced in the regression-fix commit 0bda2faa4de368a87f85084856a5fed701774acb, *facepalm* - Unlike other dependency types, trigger dependencies involve a fourth tag which we forgot to delete before adding again, causing duplicate trigger indexes (cherry picked from commit 1566c18b6efbda7b4c367f4c0ee31b4d5be2d2fe)
* Add a simple testcase for rpmspec queriesPanu Matilainen2014-08-181-0/+20
| | | | (cherry picked from commit aca73ad405c03e2f4879781d2af85b7c3d2d736f)
* Populate manual dependencies into spec pkg headers early tooPanu Matilainen2014-08-182-0/+10
| | | | | | | | | | | | | - Similar to commit 1b41c91431d37295701281ff208f99a51f660c89, rpmspec and other tools expect to find manually specified dependencies from the headers of a freshly parsed spec. This means we need to add this cruft two times: once for the manual dependencies and then scratch all that and redo from start after automatic dependencies have been discovered at the end of package build. - Fixes another regression (rpmspec dependency queries went dead) introduced in commit a357c99c58a5e1367160dfa692f26d14bd3a3df1 (cherry picked from commit 0bda2faa4de368a87f85084856a5fed701774acb)
* Oh yes, its Monday alright...Panu Matilainen2014-08-182-2/+2
| | | | | | | - Two typos in previous commit, I fail to see how I managed to test this as "working" (cherry picked from commit cea90b92bbd7ac9bf82a6d8216325bf2a1d9f6d1)
* Add a simple testcase for buildrequires functionalityPanu Matilainen2014-08-182-0/+20
| | | | (cherry picked from commit 2d2b90b5babe17ea90556901d9d65b2166374df4)
* Populate src.rpm header with dependencies early againPanu Matilainen2014-08-182-4/+4
| | | | | | | | | - BuildRequire checking requires a header populated with dependencies, commit a357c99c58a5e1367160dfa692f26d14bd3a3df1 changed this to occur too late for this purpose. Move to initSourceHeader() seems to fix, also goes to show we dont have a test-case for buildrequires... (cherry picked from commit 1b41c91431d37295701281ff208f99a51f660c89)
* Preparing for rpm 4.12.0-beta1rpm-4.12.0-beta1Panu Matilainen2014-08-1836-3886/+3886
|
* Introduce a simple score system for determining best providers in orderingPanu Matilainen2014-08-181-10/+17
| | | | | | | | | | | | | | | | - Look at all providers and calculate a simple score for them: We want to prefer self-provides during ordering (RhBug:1111349) but only when other things are equal, coloring needs to prevail. Otherwise ordering can miss crucial dependencies to the preferred arch packages whose files are actually laid down: eg on x86_64 Fedora, both glibc.i686 and glibc.x86_64 provide and require /sbin/ldconfig, but only installing glibc.x86_64 will actually get the file on disk for itself and others to use, so glibc.i686 cannot satisfy its own /sbin/ldconfig provide, crazy as it is. - Also fixes a memleak on self-provided dependencies introduced in commit 6b6f8e6ecba05c69e4ecfc0ef6981a920b4b0eb6 (cherry picked from commit 9b2810544cbd30f692456344ed8d8a0d7a96fc18)
* Handle ancient payloads without ./ prefix again (RhBug:1122004)Panu Matilainen2014-08-181-5/+14
| | | | | | | | | | | | - Strip any prefixes and convert all paths to relative in rpmfnFindFN() and to match that, convert directories to relative in cmpPoolFn(). This covers looking up "normal" absolute paths, payload paths with or without prefix and also srpm paths which have always (?) been just simple non-prefixed basenames. - Fixes a regression introduced during payload refactoring, possibly commit 3c28dcdb6546a2be543ef3beeb893d071fc73205 (cherry picked from commit 563e57d5c6497d215c1b89557dc2e723c53ef772)
* Use IteratorFileNum in checkInstDepsMichael Schroeder2014-08-181-10/+10
| | | | | | | | The code used to loop over all dependencies instead of using the information from the database. Signed-off-by: Panu Matilainen <pmatilai@redhat.com> (cherry picked from commit 72d40ba49a4c889906be6322444746dffa66e00e)
* Use a more reasonable initial size for requires cacheMichael Schroeder2014-08-181-1/+1
| | | | | Signed-off-by: Panu Matilainen <pmatilai@redhat.com> (cherry picked from commit 3830e018c034f4da8296b17ce87b529f544c3745)
* Also build cache file requires of installed packagesMichael Schroeder2014-08-181-1/+40
| | | | | | | | | | This speeds up erasure/update of packages with a large amount of files quite a bit. The cost of building the cache seems to be just a couple of msecs, and it just needs to be done once for the complete transaction set. Signed-off-by: Panu Matilainen <pmatilai@redhat.com> (cherry picked from commit 0f5cc1bf4ad7f67da9e1e4186015a8a4af3e50f5)
* Put basenames in the conflict dependency cacheMichael Schroeder2014-08-181-6/+12
| | | | | | | | This makes the fingerprinting code work for file conflicts of installed packages. Signed-off-by: Panu Matilainen <pmatilai@redhat.com> (cherry picked from commit 5328f3f21494b6005d89cede75ec89fd17a7ca1a)
* parseSimplePart() returned bad return code in case of failure (RhBug:1123722)Lubos Kardos2014-08-181-1/+1
| | | | (cherry picked from commit 5dfb6e662451ab69e7c3a98191ae773db97be39b)
* Modify rpmalSatisfiesDepend() to get the requesting TE as a param to be able ↵Florian Festi2014-08-183-8/+12
| | | | | | | | to prefere self provides. This way the ordering code can ignore self provides and avoid unnessecary dependency loops as in rhbz#1111349 (cherry picked from commit 6b6f8e6ecba05c69e4ecfc0ef6981a920b4b0eb6)
* Eliminate unused spec argument from parseExpressionBoolean()Panu Matilainen2014-08-183-6/+3
| | | | | | | | | - Its never been used beyond assignment to the internal state struct, so in reality this is entirely free of any rpmbuild-specifics. Meaning we could trivially lift it to librpmio for macros... - No functional changes here (cherry picked from commit e49c51e451584d3229f629ed2923ccb34a94987b)
* Add testcase for basic trigger behaviorPanu Matilainen2014-08-183-0/+84
| | | | (cherry picked from commit e6ea36806ba21cb1b4f72b28946528091b3fe635)
View Lorry Controller Status