From f27d9231a395f01cb50141316e43c9672073963d Mon Sep 17 00:00:00 2001 From: Florian Festi Date: Mon, 5 Dec 2022 11:43:13 +0100 Subject: [PATCH] Fix db queries with carets Resolves: #2129468 --- rpm-4.16.1.3-caret-query.patch | 24 ++++++++++++++++++++++++ rpm-4.16.1.3-caret-query2.patch | 24 ++++++++++++++++++++++++ rpm.spec | 3 +++ 3 files changed, 51 insertions(+) create mode 100644 rpm-4.16.1.3-caret-query.patch create mode 100644 rpm-4.16.1.3-caret-query2.patch diff --git a/rpm-4.16.1.3-caret-query.patch b/rpm-4.16.1.3-caret-query.patch new file mode 100644 index 0000000..c1aed06 --- /dev/null +++ b/rpm-4.16.1.3-caret-query.patch @@ -0,0 +1,24 @@ +From 4420c78beb86cc67392274bf351478a3375626a2 Mon Sep 17 00:00:00 2001 +From: yangchenguang <89123114+yangchenguang94@users.noreply.github.com> +Date: Wed, 13 Jul 2022 16:52:07 +0800 +Subject: [PATCH] Fix query arguments with ^ not working + +when querying packages in the RPM database. + +Rersolves: #2104 +--- + lib/rpmdb.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/lib/rpmdb.c b/lib/rpmdb.c +index fa8f3c9b9c..fd2b0671ae 100644 +--- a/lib/rpmdb.c ++++ b/lib/rpmdb.c +@@ -1133,6 +1133,7 @@ static char * mireDup(rpmTagVal tag, rpmMireMode *modep, + switch (*s) { + case '.': + case '+': ++ case '^': + if (!brackets) *t++ = '\\'; + break; + case '*': diff --git a/rpm-4.16.1.3-caret-query2.patch b/rpm-4.16.1.3-caret-query2.patch new file mode 100644 index 0000000..5983a40 --- /dev/null +++ b/rpm-4.16.1.3-caret-query2.patch @@ -0,0 +1,24 @@ +From 19d73f67883c011cc74326a5dc34f7009efa60e1 Mon Sep 17 00:00:00 2001 +From: Panu Matilainen +Date: Tue, 6 Sep 2022 13:15:44 +0300 +Subject: [PATCH] Fix buffer overrun from commit + 4420c78beb86cc67392274bf351478a3375626a2 + +The newly handled ^ needs to be accounted for when allocating memory. +Found when testing #1936, goes to show what a useful thing that is. +--- + lib/rpmdb.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/lib/rpmdb.c b/lib/rpmdb.c +index fd2b0671ae..b3c5da62d5 100644 +--- a/lib/rpmdb.c ++++ b/lib/rpmdb.c +@@ -1107,6 +1107,7 @@ static char * mireDup(rpmTagVal tag, rpmMireMode *modep, + case '.': + case '+': + case '*': ++ case '^': + if (!brackets) nb++; + break; + case '\\': diff --git a/rpm.spec b/rpm.spec index 0d7678a..12206b4 100644 --- a/rpm.spec +++ b/rpm.spec @@ -85,6 +85,8 @@ Patch113: rpm-4.16.1.3-fix-spurious-transfiletriggerpostun-execution.patch Patch114: rpm-4.16.1.3-Make-rpm2cpio.sh-more-robust.patch Patch115: rpm-4.16.1.3-fapolicyd-make-write-nonblocking.patch Patch116: rpm-4.16.1.3-bcond-macros.patch +Patch117: rpm-4.16.1.3-caret-query.patch +Patch118: rpm-4.16.1.3-caret-query2.patch # These are not yet upstream Patch906: rpm-4.7.1-geode-i686.patch @@ -618,6 +620,7 @@ fi %changelog * Mon Nov 07 2022 Florian Festi - 4.16.1.3-20 - Add bcond macros (#2129060) +- Fix db queries with carets (#2129468) * Fri Oct 21 2022 Michal Domonkos - 4.16.1.3-19 - Bump release for rebuild