import virt-v2v-1.42.0-21.module+el8.7.0+15868+7d816fcd

2022-09-20 23:08:07 +00:00 · 2022-09-20 23:08:07 +00:00 · 267be3daeb
commit 267be3daeb
parent 167e234e6b
3 changed files with 158 additions and 2 deletions
--- a/SOURCES/0051-convert-If-listing-RPM-applications-fails-rebuild-DB.patch
+++ b/SOURCES/0051-convert-If-listing-RPM-applications-fails-rebuild-DB.patch
@ -0,0 +1,98 @@
+From 87e5404d20ec54d16d22a7bb8f06ea91076c91f7 Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Wed, 25 May 2022 16:47:04 +0100
+Subject: [PATCH] convert: If listing RPM applications fails, rebuild DB and
+ retry
+
+In libguestfs before commit 488245ed6c ("daemon: rpm: Check return
+values from librpm calls") we didn't bother to check the return values
+from any librpm calls.  In some cases where the RPM database is
+faulty, this caused us to return a zero-length array of applications
+(but no error indication).  Libguestfs has subsequently been fixed so
+now it returns an error if the RPM database is corrupt.
+
+This commit changes virt-v2v behaviour so that if either
+guestfs_inspect_list_applications2 returns a zero-length list (ie. old
+libguestfs) or it throws an error (new libguestfs) then we attempt to
+rebuild the RPM database and retry the operation.  Rebuilding the
+database can recover from some but not all RPM DB corruption.
+
+See-also: https://bugzilla.redhat.com/show_bug.cgi?id=2089623#c12
+Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2089623
+Reported-by: Xiaodai Wang
+Reported-by: Ming Xie
+Reviewed-by: Laszlo Ersek <lersek@redhat.com>
+(cherry picked from commit 31bf5db25bcfd8a9f5a48cc0523abae28861de9a)
+---
+ v2v/inspect_source.ml | 34 ++++++++++++++++++++++++++++++++--
+ 1 file changed, 32 insertions(+), 2 deletions(-)
+
+diff --git a/v2v/inspect_source.ml b/v2v/inspect_source.ml
+index b8a3c8ad..554fde1d 100644
+--- a/v2v/inspect_source.ml
+++ b/v2v/inspect_source.ml
+@@ -34,6 +34,7 @@ let rec inspect_source root_choice g =
+   reject_if_not_installed_image g root;
+ 
+   let typ = g#inspect_get_type root in
+  let package_format = g#inspect_get_package_format root in
+ 
+   (* Mount up the filesystems. *)
+   let mps = g#inspect_get_mountpoints root in
+@@ -71,7 +72,7 @@ let rec inspect_source root_choice g =
+   ) mps;
+ 
+   (* Get list of applications/packages installed. *)
+-  let apps = g#inspect_list_applications2 root in
+  let apps = list_applications g root package_format in
+   let apps = Array.to_list apps in
+ 
+   (* A map of app2_name -> application2, for easier lookups.  Note
+@@ -106,7 +107,7 @@ let rec inspect_source root_choice g =
+     i_arch = g#inspect_get_arch root;
+     i_major_version = g#inspect_get_major_version root;
+     i_minor_version = g#inspect_get_minor_version root;
+-    i_package_format = g#inspect_get_package_format root;
+    i_package_format = package_format;
+     i_package_management = g#inspect_get_package_management root;
+     i_product_name = g#inspect_get_product_name root;
+     i_product_variant = g#inspect_get_product_variant root;
+@@ -186,6 +187,35 @@ and reject_if_not_installed_image g root =
+   if fmt <> "installed" then
+     error (f_"libguestfs thinks this is not an installed operating system (it might be, for example, an installer disk or live CD).  If this is wrong, it is probably a bug in libguestfs.  root=%s fmt=%s") root fmt
+ 
+(* Wrapper around g#inspect_list_applications2 which, for RPM
+ * guests, on failure tries to rebuild the RPM database before
+ * repeating the operation.
+ *)
+and list_applications g root = function
+  | "rpm" ->
+     (* RPM guest.
+      *
+      * In libguestfs before commit 488245ed6c ("daemon: rpm: Check
+      * return values from librpm calls"), a corrupt RPM database
+      * would return an empty array here with no exception.  Hence
+      * the check below which turns empty array => exception.  In
+      * libguestfs after that commit, inspect_list_applications2
+      * will raise an exception if it detects a corrupt RPM database.
+      *)
+     (try
+        let apps = g#inspect_list_applications2 root in
+        if apps = [||] then raise (G.Error "no applications returned");
+        apps
+      with G.Error msg ->
+        debug "%s" msg;
+        debug "rebuilding RPM database and retrying ...";
+        ignore (g#sh "rpmdb --rebuilddb");
+        g#inspect_list_applications2 root
+     )
+  | _ ->
+     (* Non-RPM guest, just do it. *)
+     g#inspect_list_applications2 root
+
+ (* See if this guest could use UEFI to boot.  It should use GPT and
+  * it should have an EFI System Partition (ESP).
+  *
+-- 
+2.31.1
+
--- a/SOURCES/0052-update-common-submodule-for-CVE-2022-2211-fix.patch
+++ b/SOURCES/0052-update-common-submodule-for-CVE-2022-2211-fix.patch
@ -0,0 +1,53 @@
+From 5852b85eaa174dfb87ce7a03b9f70e2bffac4ca4 Mon Sep 17 00:00:00 2001
+From: Laszlo Ersek <lersek@redhat.com>
+Date: Wed, 29 Jun 2022 15:44:27 +0200
+Subject: [PATCH] update common submodule for CVE-2022-2211 fix
+
+$ git shortlog 9e990f3e4530..35467027f657
+
+Laszlo Ersek (1):
+      options: fix buffer overflow in get_keys() [CVE-2022-2211]
+
+Signed-off-by: Laszlo Ersek <lersek@redhat.com>
+(cherry picked from commit 795d5dfcef77fc54fec4d237bda28571454a6d4e)
+---
+ common | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Submodule common be09523d..1174b443:
+diff --git a/common/options/keys.c b/common/options/keys.c
+index 798315c..d27a712 100644
+--- a/common/options/keys.c
+++ b/common/options/keys.c
+@@ -128,17 +128,23 @@ read_first_line_from_file (const char *filename)
+ char **
+ get_keys (struct key_store *ks, const char *device, const char *uuid)
+ {
+-  size_t i, j, len;
+  size_t i, j, nmemb;
+   char **r;
+   char *s;
+ 
+   /* We know the returned list must have at least one element and not
+    * more than ks->nr_keys.
+    */
+-  len = 1;
+-  if (ks)
+-    len = MIN (1, ks->nr_keys);
+-  r = calloc (len+1, sizeof (char *));
+  nmemb = 1;
+  if (ks && ks->nr_keys > nmemb)
+    nmemb = ks->nr_keys;
+
+  /* make room for the terminating NULL */
+  if (nmemb == (size_t)-1)
+    error (EXIT_FAILURE, 0, _("size_t overflow"));
+  nmemb++;
+
+  r = calloc (nmemb, sizeof (char *));
+   if (r == NULL)
+     error (EXIT_FAILURE, errno, "calloc");
+ 
+-- 
+2.31.1
+
--- a/SPECS/virt-v2v.spec
+++ b/SPECS/virt-v2v.spec
@ -10,7 +10,7 @@
 Name:          virt-v2v
 Epoch:         1
 Version:       1.42.0
-Release:       19%{?dist}
+Release:       21%{?dist}
 Summary:       Convert a virtual machine to run on KVM

 License:       GPLv2+
@ -86,6 +86,8 @@ Patch0047:     0047-v2v-Cope-with-libvirt-vpx-esx-driver-which-does-not-.patch
 Patch0048:     0048-o-rhv-upload-wait-for-VM-creation-task.patch
 Patch0049:     0049-tests-Add-test-of-i-ova-from-a-directory.patch
 Patch0050:     0050-v2v-i-ova-Fix-parsing-if-OVA-directory-name-has-a-tr.patch
+Patch0051:     0051-convert-If-listing-RPM-applications-fails-rebuild-DB.patch
+Patch0052:     0052-update-common-submodule-for-CVE-2022-2211-fix.patch

 # Patches which apply to the common/ submodule.
 # These have to be hand-modified.
@ -329,11 +331,14 @@ rm $RPM_BUILD_ROOT%{_mandir}/man1/virt-v2v-test-harness.1*


 %changelog
-* Tue Apr 26 2022 Richard W.M. Jones <rjones@redhat.com> - 1:1.42.0-19
+* Tue Jul 05 2022 Richard W.M. Jones <rjones@redhat.com> - 1:1.42.0-21
 - Fix assertion failure when parsing OVA dir with trailing slash
  resolves: rhbz#2028823
 - For -o rhv-upload wait for VM creation task
  resolves: rhbz#1985827
+- If listing RPM applications fails, rebuild DB and retry (2089623)
+- Fix CVE-2022-2211 Denial of Service in --key parameter
+  resolves: rhbz#2102720

 * Wed Nov 24 2021 Richard W.M. Jones <rjones@redhat.com> - 1:1.42.0-18
 - Additional fix for backing file specified without backing format