Fix buffer overrun on rpmdb queries involving ^ in version

Technically the packages depend on each other in that if you install on,
the other must be pulled in for the functionality. However the
installation order doesn't matter, as the plugin will only be used in
the next transaction anyway. Thus, making that dependency unordered by
flagging it as "meta" resolves the ordering loop.

.gitignore

@@ -53,3 +53,4 @@
 /rpm-4.18.0-alpha1.tar.bz2
 /rpm-4.18.0-alpha2.tar.bz2
 /rpm-4.18.0-beta1.tar.bz2
+/rpm-4.18.0-rc1.tar.bz2

0001-Fix-buffer-overrun-from-commit-4420c78beb86cc6739227.patch

@@ -0,0 +1,28 @@
+From 19d73f67883c011cc74326a5dc34f7009efa60e1 Mon Sep 17 00:00:00 2001
+Message-Id: <19d73f67883c011cc74326a5dc34f7009efa60e1.1662536462.git.pmatilai@redhat.com>
+From: Panu Matilainen <pmatilai@redhat.com>
+Date: Tue, 6 Sep 2022 13:15:44 +0300
+Subject: [PATCH] Fix buffer overrun from commit
+ 4420c78beb86cc67392274bf351478a3375626a2
+
+The newly handled ^ needs to be accounted for when allocating memory.
+Found when testing #1936, goes to show what a useful thing that is.
+---
+ lib/rpmdb.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/lib/rpmdb.c b/lib/rpmdb.c
+index fd2b0671a..b3c5da62d 100644
+--- a/lib/rpmdb.c
++++ b/lib/rpmdb.c
+@@ -1107,6 +1107,7 @@ static char * mireDup(rpmTagVal tag, rpmMireMode *modep,
+ 	    case '.':
+ 	    case '+':
+ 	    case '*':
++	    case '^':
+ 		if (!brackets) nb++;
+ 		break;
+ 	    case '\\':
+-- 
+2.37.3
+

0002-Exclude-.src.rpm-from-check-buildroot.patch

@@ -1,31 +0,0 @@
-From 7a9edfccdb667045ecaeeb591161bf08f14066c9 Mon Sep 17 00:00:00 2001
-From: Florian Festi <ffesti@redhat.com>
-Date: Wed, 6 Jul 2022 13:19:59 +0200
-Subject: [PATCH 2/2] Exclude *.src.rpm from check-buildroot
-
-With the SRPMs now containing the expanded spec file they are bound to
-have the build root included in the header. Turns out some people
-package SRPMs to rebuild them locally e.g. against the local kernel.
-
-Resolves: rhbz#2104150
-
-Backported from commit aa701a8f483e2b1f57764c5d9129e27271d96b38
----
- scripts/check-buildroot | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/scripts/check-buildroot b/scripts/check-buildroot
-index 74c3b469b..d97820633 100755
---- a/scripts/check-buildroot
-+++ b/scripts/check-buildroot
-@@ -28,6 +28,7 @@ NCPUS=${RPM_BUILD_NCPUS:-1}
- 
- find "$RPM_BUILD_ROOT" \! \( \
-     -name '*.pyo' -o -name '*.pyc' -o -name '*.elc' -o -name '.packlist' \
-+    -o -name '*.src.rpm' \
-     \) -type f -print0 | \
-     LANG=C xargs -0r -P$NCPUS -n16 grep -lF "$RPM_BUILD_ROOT" >>$tmp
- 
--- 
-2.36.1
-

rpm-4.17.1-revert-autopatch-branch.patch

@@ -1,15 +0,0 @@
-diff -up rpm-4.17.1/macros.in.orig rpm-4.17.1/macros.in
---- rpm-4.17.1/macros.in.orig	2022-08-02 14:19:36.496729048 +0200
-+++ rpm-4.17.1/macros.in	2022-08-02 14:19:56.270615191 +0200
-@@ -1166,10 +1166,7 @@ package or when debugging this package.\
- %{__git} config gc.auto 0\
- %{__git} add --force .\
- %{__git} commit %{-q} --allow-empty -a\\\
--	--author "%{__scm_author}" -m "%{NAME}-%{VERSION} base"\
--%{__git} branch rpm-build \
--%{__git} checkout rpm-build \
--%{__git} branch --set-upstream-to=master
-+	--author "%{__scm_author}" -m "%{NAME}-%{VERSION} base"
- 
- %__scm_apply_git(qp:m:)\
- %{__git} apply --index --reject %{-p:-p%{-p*}} -\

rpm.spec

@@ -29,8 +29,8 @@
 %define rpmhome /usr/lib/rpm
 
 %global rpmver 4.18.0
-%global snapver beta1
-%global baserelease 4
+%global snapver rc1
+%global baserelease 3
 %global sover 9
 
 %global srcver %{rpmver}%{?snapver:-%{snapver}}
@@ -56,14 +56,12 @@ Patch1: rpm-4.17.x-siteconfig.patch
 Patch3: rpm-4.9.90-no-man-dirs.patch
 
 # Patches already upstream:
-Patch101: 0002-Exclude-.src.rpm-from-check-buildroot.patch
+Patch100: 0001-Fix-buffer-overrun-from-commit-4420c78beb86cc6739227.patch
 
 # These are not yet upstream
 Patch906: rpm-4.7.1-geode-i686.patch
 # Probably to be upstreamed in slightly different form
 Patch907: rpm-4.15.x-ldflags.patch
-# Hotfix, needs revert or fix upstream
-Patch908: rpm-4.17.1-revert-autopatch-branch.patch
 
 # Partially GPL/LGPL dual-licensed and some bits with BSD
 # SourceLicense: (GPLv2+ and LGPLv2+ with exceptions) and BSD
@@ -256,7 +254,7 @@ packages on a system.
 %package plugin-selinux
 Summary: Rpm plugin for SELinux functionality
 Requires: rpm-libs%{_isa} = %{version}-%{release}
-Requires: selinux-policy-base
+Requires(meta): selinux-policy-base
 
 %description plugin-selinux
 %{summary}.
@@ -613,6 +611,15 @@ fi
 %doc docs/librpm/html/*
 
 %changelog
+* Wed Sep 07 2022 Panu Matilainen <pmatilai@redhat.com> - 4.18.0-0.rc1.3
+- Fix buffer overrun on rpmdb queries involving ^ in version
+
+* Wed Sep 07 2022 Panu Matilainen <pmatilai@redhat.com> - 4.18.0-0.rc1.2
+- Break selinux-policy <-> rpm-plugin-selinux ordering loop (#1851266)
+
+* Fri Sep 02 2022 Panu Matilainen <pmatilai@redhat.com> - 4.18.0-0.rc1.1
+- Rebase to 4.18.0-rc1 (https://rpm.org/wiki/Releases/4.18.0)
+
 * Tue Aug 02 2022 Michal Domonkos <mdomonko@redhat.com> - 4.18.0-0.beta1.4
 - Revert %%autosetup -S git patch due to another regression
 

sources

@@ -1 +1 @@
-SHA512 (rpm-4.18.0-beta1.tar.bz2) = 4476c9e679e0ac622323e80212404dc062884d1f38923ab824a64e1120bd7c1586379709feae824628425222567e4f338fcba0104e2ae285909df249adcf96c8
+SHA512 (rpm-4.18.0-rc1.tar.bz2) = 64b4a9db704ba1a3d7b1bcf653eca3aa674573f5906f55e1d191b85b5c10b82e1ec591bfe4fbd209445bf818cc2cfb07b2e5e8696e09a46e5ee803355ff5ad4d