rpms/PackageKit
7
0
Fork 1
Code Issues Pull Requests Releases Activity

Backport a crash fix from upstream

Browse Source 
https://bugzilla.redhat.com/show_bug.cgi?id=1185544
This commit is contained in:
Kalev Lember 2015-03-28 21:06:51 +01:00
parent 180c50082d
commit 7ca2ef6f37
2 changed files with 50 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
0001-hif-Fix-use-after-free-during-untrusted-repo-check.patch Normal file
View File

@ -0,0 +1,44 @@
From e3d857e50e2a9d587e59e377238adb7ed2e82a58 Mon Sep 17 00:00:00 2001
From: Kalev Lember <kalevlember@gmail.com>
Date: Fri, 13 Mar 2015 22:47:49 +0100
Subject: [PATCH] hif: Fix use-after-free during untrusted repo check
https://bugzilla.redhat.com/show_bug.cgi?id=1185544
---
backends/hif/pk-backend-hif.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/backends/hif/pk-backend-hif.c b/backends/hif/pk-backend-hif.c
index 2e497cd..5988ab1 100644
--- a/backends/hif/pk-backend-hif.c
+++ b/backends/hif/pk-backend-hif.c
@@ -2090,7 +2090,7 @@ pk_backend_transaction_check_untrusted_repos (PkBackend *backend, GPtrArray *sou
HIF_PACKAGE_INFO_DOWNGRADE,
HIF_PACKAGE_INFO_UPDATE,
-1);
- array = g_ptr_array_new ();
+ array = g_ptr_array_new_with_free_func ((GDestroyNotify) hy_package_free);
for (i = 0; i < install->len; i++) {
pkg = g_ptr_array_index (install, i);
@@ -2098,7 +2098,7 @@ pk_backend_transaction_check_untrusted_repos (PkBackend *backend, GPtrArray *sou
* untrusted repo */
if (g_strcmp0 (hy_package_get_reponame (pkg),
HY_CMDLINE_REPO_NAME) == 0) {
- g_ptr_array_add (array, pkg);
+ g_ptr_array_add (array, hy_package_link (pkg));
continue;
}
@@ -2115,7 +2115,7 @@ pk_backend_transaction_check_untrusted_repos (PkBackend *backend, GPtrArray *sou
/* repo has no gpg key */
if (!hif_source_get_gpgcheck (src))
- g_ptr_array_add (array, pkg);
+ g_ptr_array_add (array, hy_package_link (pkg));
}
out:
if (array != NULL && !ret) {
--
2.3.4

7
PackageKit.spec
View File

@ -7,7 +7,7 @@
Summary: Package management service
Name: PackageKit
Version: 1.0.5
Release: 1%{?dist}
Release: 2%{?dist}
License: GPLv2+ and LGPLv2+
URL: http://www.freedesktop.org/software/PackageKit/
Source0: http://www.freedesktop.org/software/PackageKit/releases/%{name}-%{version}.tar.xz
@ -19,6 +19,7 @@ Source1: cached-metadata.tar
Patch0: PackageKit-0.3.8-Fedora-Vendor.conf.patch
# Backported from upstream
Patch1: PackageKit-new-missing-codecs-API.patch
Patch2: 0001-hif-Fix-use-after-free-during-untrusted-repo-check.patch
Requires: %{name}-glib%{?_isa} = %{version}-%{release}
Requires: shared-mime-info
@ -176,6 +177,7 @@ using PackageKit.
%setup -q
%patch0 -p1 -b .fedora
%patch1 -p1 -b .new-missing-codecs-API
%patch2 -p1
%build
%configure \
@ -314,6 +316,9 @@ systemctl disable packagekit-offline-update.service > /dev/null 2>&1 || :
%{_datadir}/gtk-doc/html/PackageKit
%changelog
* Sat Mar 28 2015 Kalev Lember <kalevlember@gmail.com> - 1.0.5-2
- Backport a crash fix from upstream (#1185544)
* Sat Feb 21 2015 Kalev Lember <kalevlember@gmail.com> - 1.0.5-1
- Update to 1.0.5
- Backport new missing gstreamer codecs API