SOURCES: rpm-CVE-2006-5466.patch (NEW) - backport

qboosh qboosh at pld-linux.org
Fri Dec 1 11:18:50 CET 2006 

Author: qboosh                       Date: Fri Dec  1 10:18:49 2006 GMT
Module: SOURCES                       Tag: HEAD
---- Log message:
- backport

---- Files affected:
SOURCES:
   rpm-CVE-2006-5466.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: SOURCES/rpm-CVE-2006-5466.patch
diff -u /dev/null SOURCES/rpm-CVE-2006-5466.patch:1.1
--- /dev/null	Fri Dec  1 11:18:49 2006
+++ SOURCES/rpm-CVE-2006-5466.patch	Fri Dec  1 11:18:44 2006
@@ -0,0 +1,95 @@
+Index: lib/query.c
+===================================================================
+RCS file: /cvs/devel/rpm/lib/query.c,v
+retrieving revision 2.173.2.15
+retrieving revision 2.173.2.16
+diff -a -u -r2.173.2.15 -r2.173.2.16
+--- lib/query.c	8 Oct 2006 21:41:45 -0000	2.173.2.15
++++ lib/query.c	30 Oct 2006 02:50:53 -0000	2.173.2.16
+@@ -124,6 +124,28 @@
+     return str;
+ }
+ 
++/**
++ */
++static void flushBuffer(char ** tp, char ** tep, int nonewline)
++	/*@ modifies *tp, *tep @*/
++{
++    char *t, *te;
++
++    t = *tp;
++    te = *tep;
++    if (te > t) {
++	if (!nonewline) {
++	    *te++ = '\n';
++	    *te = '\0';
++	}
++	rpmMessage(RPMMESS_NORMAL, "%s", t);
++	te = t;
++	*t = '\0';
++    }
++    *tp = t;
++    *tep = te;
++}
++
+ int showQueryPackage(QVA_t qva, rpmts ts, Header h)
+ {
+     int scareMem = 0;
+@@ -131,7 +153,6 @@
+     char * t, * te;
+     char * prefix = NULL;
+     int rc = 0;		/* XXX FIXME: need real return code */
+-    int nonewline = 0;
+     int i;
+ 
+     te = t = xmalloc(BUFSIZ);
+@@ -141,7 +162,6 @@
+ 
+     if (qva->qva_queryFormat != NULL) {
+ 	const char * str = queryHeader(h, qva->qva_queryFormat);
+-	nonewline = 1;
+ 	/*@-branchstate@*/
+ 	if (str) {
+ 	    size_t tb = (te - t);
+@@ -157,6 +177,7 @@
+ 	    /*@=usereleased@*/
+ /*@=boundswrite@*/
+ 	    str = _free(str);
++	    flushBuffer(&t, &te, 1);
+ 	}
+ 	/*@=branchstate@*/
+     }
+@@ -312,31 +333,13 @@
+ 			_("package has neither file owner or id lists\n"));
+ 	    }
+ 	}
+-/*@-branchstate@*/
+-	if (te > t) {
+-/*@-boundswrite@*/
+-	    *te++ = '\n';
+-	    *te = '\0';
+-	    rpmMessage(RPMMESS_NORMAL, "%s", t);
+-	    te = t;
+-	    *t = '\0';
+-/*@=boundswrite@*/
+-	}
+-/*@=branchstate@*/
++	flushBuffer(&t, &te, 0);
+     }
+ 	    
+     rc = 0;
+ 
+ exit:
+-    if (te > t) {
+-	if (!nonewline) {
+-/*@-boundswrite@*/
+-	    *te++ = '\n';
+-	    *te = '\0';
+-/*@=boundswrite@*/
+-	}
+-	rpmMessage(RPMMESS_NORMAL, "%s", t);
+-    }
++    flushBuffer(&t, &te, 0);
+     t = _free(t);
+ 
+     fi = rpmfiFree(fi);
================================================================

More information about the pld-cvs-commit mailing list