* <update from="rel-eng@fedoraproject.org" status="stable" type="security" version="1.4">
* <id>FEDORA-2007-4594</id>
* <title>imlib-1.9.15-6.fc8</title>
+ * <severity>Important</severity>
* <release>Fedora 8</release>
+ * <rights>Copyright 2007 Company Inc</rights>
* <issued date="2007-12-28 16:42:30"/>
+ * <updated date="2008-03-14 12:00:00"/>
* <references>
* <reference href="https://bugzilla.redhat.com/show_bug.cgi?id=426091" id="426091" title="CVE-2007-3568 imlib: infinite loop DoS using crafted BMP image" type="bugzilla"/>
* </references>
enum state {
STATE_START,
- STATE_UPDATES, /* 1 */
- STATE_UPDATE, /* 2 */
- STATE_ID, /* 3 */
- STATE_TITLE, /* 4 */
- STATE_RELEASE, /* 5 */
- STATE_ISSUED, /* 6 */
- STATE_MESSAGE, /* 7 */
- STATE_REFERENCES, /* 8 */
- STATE_REFERENCE, /* 9 */
- STATE_DESCRIPTION, /* 10 */
- STATE_PKGLIST, /* 11 */
- STATE_COLLECTION, /* 12 */
- STATE_NAME, /* 13 */
- STATE_PACKAGE, /* 14 */
- STATE_FILENAME, /* 15 */
- STATE_REBOOT, /* 16 */
- STATE_RESTART, /* 17 */
- STATE_RELOGIN, /* 18 */
+ STATE_UPDATES,
+ STATE_UPDATE,
+ STATE_ID,
+ STATE_TITLE,
+ STATE_RELEASE,
+ STATE_ISSUED,
+ STATE_UPDATED,
+ STATE_MESSAGE,
+ STATE_REFERENCES,
+ STATE_REFERENCE,
+ STATE_DESCRIPTION,
+ STATE_PKGLIST,
+ STATE_COLLECTION,
+ STATE_NAME,
+ STATE_PACKAGE,
+ STATE_FILENAME,
+ STATE_REBOOT,
+ STATE_RESTART,
+ STATE_RELOGIN,
+ STATE_RIGHTS,
+ STATE_SEVERITY,
NUMSTATES
};
{ STATE_UPDATES, "update", STATE_UPDATE, 0 },
{ STATE_UPDATE, "id", STATE_ID, 1 },
{ STATE_UPDATE, "title", STATE_TITLE, 1 },
+ { STATE_UPDATE, "severity", STATE_SEVERITY, 1 },
+ { STATE_UPDATE, "rights", STATE_RIGHTS, 1 },
{ STATE_UPDATE, "release", STATE_RELEASE, 1 },
- { STATE_UPDATE, "issued", STATE_ISSUED, 1 },
+ { STATE_UPDATE, "issued", STATE_ISSUED, 0 },
+ { STATE_UPDATE, "updated", STATE_UPDATED, 0 },
{ STATE_UPDATE, "description", STATE_DESCRIPTION, 1 },
{ STATE_UPDATE, "message", STATE_MESSAGE , 1 },
{ STATE_UPDATE, "references", STATE_REFERENCES, 0 },
Repodata *data;
unsigned int datanum;
Solvable *solvable;
+ time_t buildtime;
Id collhandle;
+ struct joindata jd;
struct stateswitch *swtab[NUMSTATES];
enum state sbtab[NUMSTATES];
#if 0
fprintf(stderr, "evr: %s\n", pd->content);
#endif
- return str2id(pool, pd->content, 1);
+ return pool_str2id(pool, pd->content, 1);
}
*/
case STATE_UPDATE:
{
- const char *from = 0, *status = 0, *type = 0, *version = 0;
+ const char *from = 0, *type = 0, *version = 0;
for (; *atts; atts += 2)
{
if (!strcmp(*atts, "from"))
from = atts[1];
- else if (!strcmp(*atts, "status"))
- status = atts[1];
else if (!strcmp(*atts, "type"))
type = atts[1];
else if (!strcmp(*atts, "version"))
solvable = pd->solvable = pool_id2solvable(pool, repo_add_solvable(pd->repo));
pd->datanum = pd->solvable - pool->solvables;
- solvable->vendor = str2id(pool, from, 1);
- solvable->evr = str2id(pool, version, 1);
+ solvable->vendor = pool_str2id(pool, from, 1);
+ solvable->evr = pool_str2id(pool, version, 1);
solvable->arch = ARCH_NOARCH;
if (type)
repodata_set_str(pd->data, pd->datanum, SOLVABLE_PATCHCATEGORY, type);
+ pd->buildtime = (time_t)0;
}
break;
/* <id>FEDORA-2007-4594</id> */
/* <issued date="2008-03-21 21:36:55"/>
*/
case STATE_ISSUED:
+ case STATE_UPDATED:
{
const char *date = 0;
for (; *atts; atts += 2)
if (date)
{
time_t t = datestr2timestamp(date);
- if (t)
- repodata_set_num(pd->data, pd->datanum, SOLVABLE_BUILDTIME, t);
+ if (t && t > pd->buildtime)
+ pd->buildtime = t;
}
}
break;
*/
case STATE_PACKAGE:
{
- const char *arch = 0, *name = 0, *src = 0;
+ const char *arch = 0, *name = 0;
Id evr = makeevr_atts(pool, pd, atts); /* parse "epoch", "version", "release" */
Id n, a = 0;
Id rel_id;
arch = atts[1];
else if (!strcmp(*atts, "name"))
name = atts[1];
- else if (!strcmp(*atts, "src"))
- src = atts[1];
}
/* generated Id for name */
- n = str2id(pool, name, 1);
+ n = pool_str2id(pool, name, 1);
rel_id = n;
if (arch)
{
/* generate Id for arch and combine with name */
- a = str2id(pool, arch, 1);
- rel_id = rel2id(pool, n, a, REL_ARCH, 1);
+ a = pool_str2id(pool, arch, 1);
+ rel_id = pool_rel2id(pool, n, a, REL_ARCH, 1);
}
- rel_id = rel2id(pool, rel_id, evr, REL_LT, 1);
+ rel_id = pool_rel2id(pool, rel_id, evr, REL_LT, 1);
solvable->conflicts = repo_addid_dep(pd->repo, solvable->conflicts, rel_id, 0);
case STATE_UPDATES:
break;
case STATE_UPDATE:
- s->provides = repo_addid_dep(repo, s->provides, rel2id(pool, s->name, s->evr, REL_EQ, 1), 0);
+ s->provides = repo_addid_dep(repo, s->provides, pool_rel2id(pool, s->name, s->evr, REL_EQ, 1), 0);
+ if (pd->buildtime)
+ {
+ repodata_set_num(pd->data, pd->datanum, SOLVABLE_BUILDTIME, pd->buildtime);
+ pd->buildtime = (time_t)0;
+ }
break;
case STATE_ID:
- s->name = str2id(pool, join2("patch", ":", pd->content), 1);
+ s->name = pool_str2id(pool, join2(&pd->jd, "patch", ":", pd->content), 1);
break;
/* <title>imlib-1.9.15-6.fc8</title> */
case STATE_TITLE:
pd->content[--pd->lcontent] = 0;
repodata_set_str(pd->data, pd->datanum, SOLVABLE_SUMMARY, pd->content);
break;
+ case STATE_SEVERITY:
+ repodata_set_poolstr(pd->data, pd->datanum, UPDATE_SEVERITY, pd->content);
+ break;
+ case STATE_RIGHTS:
+ repodata_set_poolstr(pd->data, pd->datanum, UPDATE_RIGHTS, pd->content);
+ break;
/*
* <release>Fedora 8</release>
*/
#define BUFF_SIZE 8192
-void
+int
repo_add_updateinfoxml(Repo *repo, FILE *fp, int flags)
{
Pool *pool = repo->pool;
int i, l;
struct stateswitch *sw;
Repodata *data;
+ XML_Parser parser;
data = repo_add_repodata(repo, flags);
pd.content = malloc(256);
pd.acontent = 256;
pd.lcontent = 0;
- XML_Parser parser = XML_ParserCreate(NULL);
+ parser = XML_ParserCreate(NULL);
XML_SetUserData(parser, &pd);
XML_SetElementHandler(parser, startElement, endElement);
XML_SetCharacterDataHandler(parser, characterData);
l = fread(buf, 1, sizeof(buf), fp);
if (XML_Parse(parser, buf, l, l == 0) == XML_STATUS_ERROR)
{
- pool_debug(pool, SAT_FATAL, "repo_updateinfoxml: %s at line %u:%u\n", XML_ErrorString(XML_GetErrorCode(parser)), (unsigned int)XML_GetCurrentLineNumber(parser), (unsigned int)XML_GetCurrentColumnNumber(parser));
+ pool_debug(pool, SOLV_FATAL, "repo_updateinfoxml: %s at line %u:%u\n", XML_ErrorString(XML_GetErrorCode(parser)), (unsigned int)XML_GetCurrentLineNumber(parser), (unsigned int)XML_GetCurrentColumnNumber(parser));
exit(1);
}
if (l == 0)
}
XML_ParserFree(parser);
free(pd.content);
- join_freemem();
+ join_freemem(&pd.jd);
if (!(flags & REPO_NO_INTERNALIZE))
repodata_internalize(data);
+ return 0;
}
-/* EOF */