[pacman-dev] [PATCH 1/2] libalpm: fix segfault when -Qip'ing a package
The dummy checksigs function never sets count to 0, leaving it unitialized. This caused the siglist cleanup to try and free the empty list. diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index 30d057a3..4cb31e7c 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -802,6 +802,7 @@ int _alpm_key_import(alpm_handle_t UNUSED *handle, const char UNUSED *uid, int _alpm_gpgme_checksig(alpm_handle_t UNUSED *handle, const char UNUSED *path, const char UNUSED *base64_sig, alpm_siglist_t UNUSED *siglist) { + siglist->count = 0; return -1; } #endif /* HAVE_LIBGPGME */ -- 2.23.0
This allows pacman to print the correct error message when checking keys and libalpm has been compiled without gpgme support. diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index 4cb31e7c..8522e049 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -790,12 +790,14 @@ error: #else /* HAVE_LIBGPGME */ int _alpm_key_in_keychain(alpm_handle_t UNUSED *handle, const char UNUSED *fpr) { + handle->pm_errno = ALPM_ERR_MISSING_CAPABILITY_SIGNATURES; return -1; } int _alpm_key_import(alpm_handle_t UNUSED *handle, const char UNUSED *uid, const char UNUSED *fpr) { + handle->pm_errno = ALPM_ERR_MISSING_CAPABILITY_SIGNATURES; return -1; } @@ -803,6 +805,7 @@ int _alpm_gpgme_checksig(alpm_handle_t UNUSED *handle, const char UNUSED *path, const char UNUSED *base64_sig, alpm_siglist_t UNUSED *siglist) { siglist->count = 0; + handle->pm_errno = ALPM_ERR_MISSING_CAPABILITY_SIGNATURES; return -1; } #endif /* HAVE_LIBGPGME */ -- 2.23.0
The dummy checksigs function never sets count to 0, leaving it unitialized. This caused the siglist cleanup to try and free the empty list. --- v2: remove UNUSED diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index 30d057a3..fc537dd3 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -800,8 +800,9 @@ int _alpm_key_import(alpm_handle_t UNUSED *handle, const char UNUSED *uid, } int _alpm_gpgme_checksig(alpm_handle_t UNUSED *handle, const char UNUSED *path, - const char UNUSED *base64_sig, alpm_siglist_t UNUSED *siglist) + const char UNUSED *base64_sig, alpm_siglist_t *siglist) { + siglist->count = 0; return -1; } #endif /* HAVE_LIBGPGME */ -- 2.23.0
This allows pacman to print the correct error message when checking keys and libalpm has been compiled without gpgme support. --- v2: remove UNUSED diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index fc537dd3..7fed862e 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -788,21 +788,24 @@ error: } #else /* HAVE_LIBGPGME */ -int _alpm_key_in_keychain(alpm_handle_t UNUSED *handle, const char UNUSED *fpr) +int _alpm_key_in_keychain(alpm_handle_t *handle, const char UNUSED *fpr) { + handle->pm_errno = ALPM_ERR_MISSING_CAPABILITY_SIGNATURES; return -1; } -int _alpm_key_import(alpm_handle_t UNUSED *handle, const char UNUSED *uid, +int _alpm_key_import(alpm_handle_t *handle, const char UNUSED *uid, const char UNUSED *fpr) { + handle->pm_errno = ALPM_ERR_MISSING_CAPABILITY_SIGNATURES; return -1; } -int _alpm_gpgme_checksig(alpm_handle_t UNUSED *handle, const char UNUSED *path, +int _alpm_gpgme_checksig(alpm_handle_t *handle, const char UNUSED *path, const char UNUSED *base64_sig, alpm_siglist_t *siglist) { siglist->count = 0; + handle->pm_errno = ALPM_ERR_MISSING_CAPABILITY_SIGNATURES; return -1; } #endif /* HAVE_LIBGPGME */ -- 2.23.0
On 15/10/19 7:30 pm, morganamilo wrote:
This allows pacman to print the correct error message when checking keys and libalpm has been compiled without gpgme support. ---
Thanks, Both patches look good and will be pushed before release. Allan
participants (2)
-
Allan McRae
-
morganamilo