From 7dda432b530c9be47bde8bd8c93f8e51944ff2f3 Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Wed, 10 Mar 2021 14:13:36 +0200
Subject: Eliminate remaining uses of unsafe headerCopyLoad() in the codebase

There's no way to safely validate an object to which only a void
pointer is given. Use headerImport() and pass a size to make
verification possible, headerCopyLoad() has been long deprecated anyway.

(cherry picked from commit 07858c0d60cb3d19f977aed14842fd7fbf66528f)
---
 python/header-py.c | 5 ++++-
 sign/rpmgensig.c   | 2 +-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/python/header-py.c b/python/header-py.c
index af7d33d0a..7750c37d6 100644
--- a/python/header-py.c
+++ b/python/header-py.c
@@ -381,7 +381,10 @@ static PyObject *hdr_new(PyTypeObject *subtype, PyObject *args, PyObject *kwds)
     } else if (hdrObject_Check(obj)) {
 	h = headerCopy(((hdrObject*) obj)->h);
     } else if (PyBytes_Check(obj)) {
-	h = headerCopyLoad(PyBytes_AsString(obj));
+	Py_ssize_t len = 0;
+	char *blob = NULL;
+	if (PyBytes_AsStringAndSize(obj, &blob, &len) == 0)
+	    h = headerImport(blob, len, HEADERIMPORT_COPY);
     } else if (rpmfdFromPyObject(obj, &fdo)) {
 	Py_BEGIN_ALLOW_THREADS;
 	h = headerRead(rpmfdGetFd(fdo), HEADER_MAGIC_YES);
diff --git a/sign/rpmgensig.c b/sign/rpmgensig.c
index 3eecdb7fa..e5d191cc0 100644
--- a/sign/rpmgensig.c
+++ b/sign/rpmgensig.c
@@ -402,7 +402,7 @@ static void unloadImmutableRegion(Header *hdrp, rpmTagVal tag)
     Header oh = NULL;
 
     if (headerGet(*hdrp, tag, &td, HEADERGET_DEFAULT)) {
-	oh = headerCopyLoad(td.data);
+	oh = headerImport(td.data, td.count, HEADERIMPORT_COPY);
 	rpmtdFreeData(&td);
     } else {
 	/* XXX should we warn if the immutable region is corrupt/missing? */
-- 
cgit v1.2.1