Skip to content

Commit

Permalink
Fix possible package corruption on --delsign/resign/addsign
Browse files Browse the repository at this point in the history 
Make sure we don't overrun the original signature header when
adjusting reserved size. Fixes a brainfart introduced in commit
be950ea: the count reservation
size is relative to the size of the new header, obviously.

Fixes: rpm-software-management#3469
  • Loading branch information
@pmatilai
pmatilai committed Nov 29, 2024
1 parent 16278c3 commit 55aba78
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
5 changes: 3 additions & 2 deletions sign/rpmgensig.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -745,12 +745,13 @@ static int rpmSign(const char *rpm, int deleting, int flags)

/* Adjust reserved size for added/removed signatures */
if (headerGet(sigh, reserveTag, &utd, HEADERGET_MINMEM)) {
int diff = headerSizeof(sigh, HEADER_MAGIC_YES) - origSigSize;
unsigned newSize = headerSizeof(sigh, HEADER_MAGIC_YES);
int diff = newSize - origSigSize;

/* diff can be zero if nothing was added or removed */
if (diff) {
utd.count -= diff;
if (utd.count > 0 && utd.count < origSigSize) {
if (utd.count > 0 && newSize + utd.count <= origSigSize) {
uint8_t *zeros = (uint8_t *)xcalloc(utd.count, sizeof(*zeros));
utd.data = zeros;
headerMod(sigh, &utd);
Expand Down
1 change: 0 additions & 1 deletion tests/rpmsigdig.at
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1847,7 +1847,6 @@ RPMTEST_CLEANUP

AT_SETUP([--delsign with misplaced ima signature])
AT_KEYWORDS([rpmsign file signature])
AT_XFAIL_IF([test $RPM_XFAIL -ne 0])
RPMTEST_CHECK([
cp /data/RPMS/hello-2.0-1.x86_64-badima.rpm .
rpmsign --delsign hello-2.0-1.x86_64-badima.rpm
Expand Down

0 comments on commit 55aba78

Please sign in to comment.