rpms/rpm
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix plugin code for the new fsm implementation

Browse Source 
Resolves: RHEL-9561 RHEL-9563 RHEL-9565
This commit is contained in:
Florian Festi 2023-11-07 14:02:41 +01:00
parent 0408f935ff
commit e91f7f791b
2 changed files with 95 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
0001-Swap-over-to-dirfd-basename-based-operation-within-t.patch Normal file
View File

@ -0,0 +1,90 @@
From 6dd62720fe84f7e2ad902c915b952fc0b29e3dcd Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Tue, 15 Feb 2022 11:34:37 +0200
Subject: [PATCH] Swap over to dirfd+basename based operation within the fsm
Within fsm this is just a matter of adjusting error messages to include
the directory... if it only wasn't for the plugins requiring absolute
paths for outside users. For the plugins, we need to assemble absolute
paths as needed, both in ensureDir() and plugin file slots.
---
lib/rpmplugins.c | 20 +++++++++++++++++---
2 files changed, 36 insertions(+), 14 deletions(-)
diff --git a/lib/rpmplugins.c b/lib/rpmplugins.c
index 703368c0d..f06fd7895 100644
--- a/lib/rpmplugins.c
+++ b/lib/rpmplugins.c
@@ -350,21 +350,31 @@ rpmRC rpmpluginsCallScriptletPost(rpmPlugins plugins, const char *s_name, int ty
return rc;
}
+static char *abspath(rpmfi fi, const char *path)
+{
+ if (*path == '/')
+ return xstrdup(path);
+ else
+ return rstrscat(NULL, rpmfiDN(fi), path, NULL);
+}
+
rpmRC rpmpluginsCallFsmFilePre(rpmPlugins plugins, rpmfi fi, const char *path,
mode_t file_mode, rpmFsmOp op)
{
plugin_fsm_file_pre_func hookFunc;
int i;
rpmRC rc = RPMRC_OK;
+ char *apath = abspath(fi, path);
for (i = 0; i < plugins->count; i++) {
rpmPlugin plugin = plugins->plugins[i];
RPMPLUGINS_SET_HOOK_FUNC(fsm_file_pre);
- if (hookFunc && hookFunc(plugin, fi, path, file_mode, op) == RPMRC_FAIL) {
+ if (hookFunc && hookFunc(plugin, fi, apath, file_mode, op) == RPMRC_FAIL) {
rpmlog(RPMLOG_ERR, "Plugin %s: hook fsm_file_pre failed\n", plugin->name);
rc = RPMRC_FAIL;
}
}
+ free(apath);
return rc;
}
@@ -375,14 +385,16 @@ rpmRC rpmpluginsCallFsmFilePost(rpmPlugins plugins, rpmfi fi, const char *path,
plugin_fsm_file_post_func hookFunc;
int i;
rpmRC rc = RPMRC_OK;
+ char *apath = abspath(fi, path);
for (i = 0; i < plugins->count; i++) {
rpmPlugin plugin = plugins->plugins[i];
RPMPLUGINS_SET_HOOK_FUNC(fsm_file_post);
- if (hookFunc && hookFunc(plugin, fi, path, file_mode, op, res) == RPMRC_FAIL) {
+ if (hookFunc && hookFunc(plugin, fi, apath, file_mode, op, res) == RPMRC_FAIL) {
rpmlog(RPMLOG_WARNING, "Plugin %s: hook fsm_file_post failed\n", plugin->name);
}
}
+ free(apath);
return rc;
}
@@ -394,15 +406,17 @@ rpmRC rpmpluginsCallFsmFilePrepare(rpmPlugins plugins, rpmfi fi,
plugin_fsm_file_prepare_func hookFunc;
int i;
rpmRC rc = RPMRC_OK;
+ char *apath = abspath(fi, path);
for (i = 0; i < plugins->count; i++) {
rpmPlugin plugin = plugins->plugins[i];
RPMPLUGINS_SET_HOOK_FUNC(fsm_file_prepare);
- if (hookFunc && hookFunc(plugin, fi, fd, path, dest, file_mode, op) == RPMRC_FAIL) {
+ if (hookFunc && hookFunc(plugin, fi, fd, apath, dest, file_mode, op) == RPMRC_FAIL) {
rpmlog(RPMLOG_ERR, "Plugin %s: hook fsm_file_prepare failed\n", plugin->name);
rc = RPMRC_FAIL;
}
}
+ free(apath);
return rc;
}
--
2.41.0

7
rpm.spec
View File

@ -32,7 +32,7 @@
%global rpmver 4.14.3 %global rpmver 4.14.3
#global snapver rc2 #global snapver rc2
%global rel 28 %global rel 29
%global srcver %{version}%{?snapver:-%{snapver}} %global srcver %{version}%{?snapver:-%{snapver}}
%global srcdir %{?snapver:testing}%{!?snapver:%{name}-%(echo %{version} | cut -d'.' -f1-2).x} %global srcdir %{?snapver:testing}%{!?snapver:%{name}-%(echo %{version} | cut -d'.' -f1-2).x}
@ -123,7 +123,8 @@ Patch168: rpm-4.14.3-rpm2archive-Don-t-print-usage.patch
Patch169: 0001-Eliminate-code-duplication-from-rpmfiNext.patch Patch169: 0001-Eliminate-code-duplication-from-rpmfiNext.patch
Patch170: 0001-Add-optional-callback-on-directory-changes-during-rp.patch Patch170: 0001-Add-optional-callback-on-directory-changes-during-rp.patch
Patch171: 0001-Pass-file-descriptor-to-file-prepare-plugin-hook-use.patch Patch171: 0001-Pass-file-descriptor-to-file-prepare-plugin-hook-use.patch
Patch172: 0001-Use-file-state-machine-from-rpm-4.19.patch Patch172: 0001-Swap-over-to-dirfd-basename-based-operation-within-t.patch
Patch173: 0001-Use-file-state-machine-from-rpm-4.19.patch
# Python 3 string API sanity # Python 3 string API sanity
Patch500: 0001-In-Python-3-return-all-our-string-data-as-surrogate-.patch Patch500: 0001-In-Python-3-return-all-our-string-data-as-surrogate-.patch
@ -706,7 +707,7 @@ make check || cat tests/rpmtests.log
%doc doc/librpm/html/* %doc doc/librpm/html/*
%changelog %changelog
* Fri Oct 13 2023 Florian Festi <ffesti@redhat.com> - 4.14.3-28 * Tue Nov 07 2023 Florian Festi <ffesti@redhat.com> - 4.14.3-29
- Backport file handling code from rpm-4.19 to fix CVE-2021-35937, - Backport file handling code from rpm-4.19 to fix CVE-2021-35937,
CVE-2021-35938 and CVE-2021-35939 CVE-2021-35938 and CVE-2021-35939