Fix small security issues
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
This commit is contained in:
parent
849ea55b06
commit
a8624a983d
25
0001-Fix-Dereference-of-null-pointer.patch
Normal file
25
0001-Fix-Dereference-of-null-pointer.patch
Normal file
@ -0,0 +1,25 @@
|
||||
From c5883b20b7b021ee94111cb72777ab3ba3f50950 Mon Sep 17 00:00:00 2001
|
||||
From: Jaroslav Rohel <jrohel@redhat.com>
|
||||
Date: Fri, 7 Dec 2018 07:05:10 +0100
|
||||
Subject: [PATCH] Fix: Dereference of null pointer
|
||||
|
||||
---
|
||||
ext/repo_repomdxml.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/ext/repo_repomdxml.c b/ext/repo_repomdxml.c
|
||||
index fd46272b..46d83615 100644
|
||||
--- a/ext/repo_repomdxml.c
|
||||
+++ b/ext/repo_repomdxml.c
|
||||
@@ -181,7 +181,7 @@ startElement(struct solv_xmlparser *xmlp, int state, const char *name, const cha
|
||||
while (value)
|
||||
{
|
||||
char *p = strchr(value, ',');
|
||||
- if (*p)
|
||||
+ if (p)
|
||||
*p++ = 0;
|
||||
if (*value)
|
||||
repodata_add_poolstr_array(pd->data, SOLVID_META, REPOSITORY_UPDATES, value);
|
||||
--
|
||||
2.20.1
|
||||
|
32
0001-Fix-testsolv-segfault.patch
Normal file
32
0001-Fix-testsolv-segfault.patch
Normal file
@ -0,0 +1,32 @@
|
||||
From 95c3d1b3aad7a003d129b957cf449d11edaca67b Mon Sep 17 00:00:00 2001
|
||||
From: Jaroslav Rohel <jrohel@redhat.com>
|
||||
Date: Tue, 11 Dec 2018 10:22:09 +0100
|
||||
Subject: [PATCH] Fix: testsolv segfault
|
||||
|
||||
ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7fab0e11bf2b bp 0x7ffdfc044b70 sp 0x7ffdfc044a90 T0)
|
||||
0 0x7fab0e11bf2a in testcase_str2dep_complex /home/company/real_sanitize/libsolv-master/ext/testcase.c:577
|
||||
1 0x7fab0e11c80f in testcase_str2dep /home/company/real_sanitize/libsolv-master/ext/testcase.c:656
|
||||
2 0x7fab0e12e64a in testcase_read /home/company/real_sanitize/libsolv-master/ext/testcase.c:2952
|
||||
3 0x402aa5 in main /home/company/real_sanitize/libsolv-master/tools/testsolv.c:148
|
||||
4 0x7fab0d9d2a3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x20a3f)
|
||||
5 0x401bb8 in _start (/home/company/real_sanitize/libsolv-master/build/install/bin/testsolv+0x401bb8)
|
||||
---
|
||||
ext/testcase.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/ext/testcase.c b/ext/testcase.c
|
||||
index 33998d47..fe2636cb 100644
|
||||
--- a/ext/testcase.c
|
||||
+++ b/ext/testcase.c
|
||||
@@ -576,6 +576,8 @@ testcase_str2dep_complex(Pool *pool, const char **sp, int relop)
|
||||
Id flags, id, id2, namespaceid = 0;
|
||||
struct oplist *op;
|
||||
|
||||
+ if (!s)
|
||||
+ return 0;
|
||||
while (*s == ' ' || *s == '\t')
|
||||
s++;
|
||||
if (!strncmp(s, "namespace:", 10))
|
||||
--
|
||||
2.20.1
|
||||
|
38
0001-Fix-testsolv-segfaults.patch
Normal file
38
0001-Fix-testsolv-segfaults.patch
Normal file
@ -0,0 +1,38 @@
|
||||
From 6de825c4d27022e48570824f0be77132c5b6d45a Mon Sep 17 00:00:00 2001
|
||||
From: Jaroslav Rohel <jrohel@redhat.com>
|
||||
Date: Tue, 11 Dec 2018 10:27:15 +0100
|
||||
Subject: [PATCH] Fix: testsolv segfaults
|
||||
|
||||
ERROR: AddressSanitizer: SEGV on unknown address 0x0000000002f0 (pc 0x7f31501d3bd2 bp 0x7ffcfe4d4a50 sp 0x7ffcfe4d4a30 T0)
|
||||
0 0x7f31501d3bd1 in pool_whatprovides /home/company/real_sanitize/libsolv-master/src/pool.h:331
|
||||
1 0x7f31501d895e in testcase_str2solvid /home/company/real_sanitize/libsolv-master/ext/testcase.c:793
|
||||
2 0x7f31501e8388 in testcase_read /home/company/real_sanitize/libsolv-master/ext/testcase.c:2807
|
||||
3 0x402aa5 in main /home/company/real_sanitize/libsolv-master/tools/testsolv.c:148
|
||||
4 0x7f314fa8da3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x20a3f)
|
||||
5 0x401bb8 in _start (/home/company/real_sanitize/libsolv-master/build/install/bin/testsolv+0x401bb8)
|
||||
|
||||
ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f5af9e7815f bp 0x7ffc4c843a40 sp 0x7ffc4c8436c0 T0)
|
||||
0 0x7f5af9e7815e in testcase_read /home/company/real_sanitize/libsolv-master/ext/testcase.c:2799
|
||||
1 0x402aa5 in main /home/company/real_sanitize/libsolv-master/tools/testsolv.c:148
|
||||
2 0x7f5af971da3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x20a3f)
|
||||
3 0x401bb8 in _start (/home/company/real_sanitize/libsolv-master/build/install/bin/testsolv+0x401bb8)
|
||||
---
|
||||
ext/testcase.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/ext/testcase.c b/ext/testcase.c
|
||||
index fe2636cb..c8dd14ee 100644
|
||||
--- a/ext/testcase.c
|
||||
+++ b/ext/testcase.c
|
||||
@@ -2795,7 +2795,7 @@ testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **res
|
||||
{
|
||||
int i = strlen(pieces[1]);
|
||||
s = strchr(pieces[1], '(');
|
||||
- if (!s && pieces[1][i - 1] != ')')
|
||||
+ if (!s || pieces[1][i - 1] != ')')
|
||||
{
|
||||
pool_error(pool, 0, "testcase_read: bad namespace '%s'", pieces[1]);
|
||||
}
|
||||
--
|
||||
2.20.1
|
||||
|
10
libsolv.spec
10
libsolv.spec
@ -40,12 +40,17 @@
|
||||
|
||||
Name: lib%{libname}
|
||||
Version: 0.7.2
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}.test
|
||||
Summary: Package dependency solver
|
||||
|
||||
License: BSD
|
||||
URL: https://github.com/openSUSE/libsolv
|
||||
Source: %{url}/archive/%{version}/%{name}-%{version}.tar.gz
|
||||
Patch0001: 0001-Fix-Dereference-of-null-pointer.patch
|
||||
Patch0002: 0001-Fix-testsolv-segfault.patch
|
||||
Patch0003: 0001-Fix-testsolv-segfaults.patch
|
||||
|
||||
Patch666: test.diff
|
||||
|
||||
BuildRequires: cmake
|
||||
BuildRequires: gcc-c++
|
||||
@ -288,6 +293,9 @@ Python 3 version.
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Sat Jan 12 2019 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 0.7.2-2
|
||||
- Fix small security issues
|
||||
|
||||
* Mon Dec 10 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 0.7.2-1
|
||||
- Update to 0.7.2
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user