60 lines
1.8 KiB
Diff
60 lines
1.8 KiB
Diff
From 9c36ca411332d2718eca339e867561c39abc256b Mon Sep 17 00:00:00 2001
|
|
From: Lubos Kardos <lkardos@redhat.com>
|
|
Date: Fri, 6 Nov 2015 14:49:59 +0100
|
|
Subject: [PATCH] Fix crash when parsing corrupted RPM file (rhbz:1273360)
|
|
|
|
---
|
|
lib/legacy.c | 14 ++++++++------
|
|
1 file changed, 8 insertions(+), 6 deletions(-)
|
|
|
|
diff --git a/lib/legacy.c b/lib/legacy.c
|
|
index 422c2b0..8ba7bbd 100644
|
|
--- a/lib/legacy.c
|
|
+++ b/lib/legacy.c
|
|
@@ -25,7 +25,7 @@ static void compressFilelist(Header h)
|
|
char ** dirNames;
|
|
const char ** baseNames;
|
|
uint32_t * dirIndexes;
|
|
- rpm_count_t count;
|
|
+ rpm_count_t count, realCount = 0;
|
|
int i;
|
|
int dirIndex = -1;
|
|
|
|
@@ -58,6 +58,7 @@ static void compressFilelist(Header h)
|
|
while ((i = rpmtdNext(&fileNames)) >= 0) {
|
|
dirIndexes[i] = dirIndex;
|
|
baseNames[i] = rpmtdGetString(&fileNames);
|
|
+ realCount++;
|
|
}
|
|
goto exit;
|
|
}
|
|
@@ -87,19 +88,20 @@ static void compressFilelist(Header h)
|
|
(needle = bsearch(&filename, dirNames, dirIndex + 1, sizeof(dirNames[0]), dncmp)) == NULL) {
|
|
char *s = xmalloc(len + 1);
|
|
rstrlcpy(s, filename, len + 1);
|
|
- dirIndexes[i] = ++dirIndex;
|
|
+ dirIndexes[realCount] = ++dirIndex;
|
|
dirNames[dirIndex] = s;
|
|
} else
|
|
- dirIndexes[i] = needle - dirNames;
|
|
+ dirIndexes[realCount] = needle - dirNames;
|
|
|
|
*baseName = savechar;
|
|
- baseNames[i] = baseName;
|
|
+ baseNames[realCount] = baseName;
|
|
+ realCount++;
|
|
}
|
|
|
|
exit:
|
|
if (count > 0) {
|
|
- headerPutUint32(h, RPMTAG_DIRINDEXES, dirIndexes, count);
|
|
- headerPutStringArray(h, RPMTAG_BASENAMES, baseNames, count);
|
|
+ headerPutUint32(h, RPMTAG_DIRINDEXES, dirIndexes, realCount);
|
|
+ headerPutStringArray(h, RPMTAG_BASENAMES, baseNames, realCount);
|
|
headerPutStringArray(h, RPMTAG_DIRNAMES,
|
|
(const char **) dirNames, dirIndex + 1);
|
|
}
|
|
--
|
|
1.9.3
|
|
|