rpms/createrepo_c
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix double-free in --ignore-lock implementation

Browse Source 
Resolves: rhbz#1355720
Version: 0.10.0-9
This commit is contained in:
Pavel Raiskup 2017-01-24 06:30:17 +01:00
parent ff70ca764b
commit 6a445f4aa7
2 changed files with 79 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
createrepo_c-0.10.0-ignorelock-doublefree.patch Normal file
View File

@ -0,0 +1,72 @@
From 3519f493ce51bac53d178f7ff9e5b84ca98a158a Mon Sep 17 00:00:00 2001
From: Tomas Mlcoch <tmlcoch@redhat.com>
Date: Fri, 19 Aug 2016 14:59:26 +0200
Subject: [PATCH 1/2] cr_lock_repo: Fix segfault caused by freed
tmp_repodata_dir variable
---
src/createrepo_shared.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/src/createrepo_shared.c b/src/createrepo_shared.c
index 5872029..d4df86c 100644
--- a/src/createrepo_shared.c
+++ b/src/createrepo_shared.c
@@ -258,12 +258,11 @@ cr_lock_repo(const gchar *repo_dir,
g_debug("(--ignore-lock enabled) For data generation is used: %s",
tmp_repodata_dir);
}
- }
- if (tmp_repodata_dir)
*tmp_repodata_dir_p = g_strdup(tmp_repodata_dir);
- else
+ } else {
*tmp_repodata_dir_p = g_strdup(lock_dir);
+ }
return TRUE;
}
--
2.9.3
From 07f5cce3eff5c62f0c16143c7eaab64eb0e3ebf8 Mon Sep 17 00:00:00 2001
From: Tomas Mlcoch <tmlcoch@redhat.com>
Date: Thu, 8 Sep 2016 09:45:38 +0200
Subject: [PATCH 2/2] cr_lock_repo: Fix double free (RhBz: 1355720)
---
src/createrepo_shared.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/createrepo_shared.c b/src/createrepo_shared.c
index d4df86c..8a26787 100644
--- a/src/createrepo_shared.c
+++ b/src/createrepo_shared.c
@@ -188,7 +188,6 @@ cr_lock_repo(const gchar *repo_dir,
assert(!err || *err == NULL);
_cleanup_free_ gchar *lock_dir = NULL;
- _cleanup_free_ gchar *tmp_repodata_dir = NULL;
_cleanup_error_free_ GError *tmp_err = NULL;
lock_dir = g_build_filename(repo_dir, ".repodata/", NULL);
@@ -242,10 +241,11 @@ cr_lock_repo(const gchar *repo_dir,
}
// To data generation use a different one
+ _cleanup_free_ gchar *tmp_repodata_dir = NULL;
_cleanup_free_ gchar *tmp = NULL;
- tmp_repodata_dir = g_build_filename(repo_dir, ".repodata.", NULL);
- tmp = cr_append_pid_and_datetime(tmp_repodata_dir, "/");
- tmp_repodata_dir = tmp;
+
+ tmp = g_build_filename(repo_dir, ".repodata.", NULL);
+ tmp_repodata_dir = cr_append_pid_and_datetime(tmp, "/");
if (g_mkdir(tmp_repodata_dir, S_IRWXU | S_IRWXG | S_IROTH | S_IXOTH)) {
g_critical("(--ignore-lock enabled) Cannot create %s: %s",
--
2.9.3

9
createrepo_c.spec
View File

@ -20,11 +20,13 @@
Summary: Creates a common metadata repository Summary: Creates a common metadata repository
Name: createrepo_c Name: createrepo_c
Version: 0.10.0 Version: 0.10.0
Release: 8%{?dist} Release: 9%{?dist}
License: GPLv2+ License: GPLv2+
URL: https://github.com/rpm-software-management/createrepo_c URL: https://github.com/rpm-software-management/createrepo_c
Source0: %{url}/archive/%{version}/%{name}-%{version}.tar.gz Source0: %{url}/archive/%{version}/%{name}-%{version}.tar.gz
Patch0: createrepo_c-0.10.0-ignorelock-doublefree.patch
BuildRequires: cmake BuildRequires: cmake
BuildRequires: gcc BuildRequires: gcc
BuildRequires: bzip2-devel BuildRequires: bzip2-devel
@ -96,7 +98,7 @@ Python 3 bindings for the createrepo_c library.
%endif %endif
%prep %prep
%setup -q %autosetup -p1
mkdir build mkdir build
%if %{with python3} %if %{with python3}
mkdir build-py3 mkdir build-py3
@ -186,6 +188,9 @@ popd
%endif %endif
%changelog %changelog
* Mon Feb 13 2017 Pavel Raiskup <praiskup@redhat.com> - 0.10.0-9
- backport patches for double-free in --ignore-lock (rhbz#1355720)
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.10.0-8 * Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.10.0-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild