From 5aeebe8d695471835a4984cb0e7e4f4c8d206d70 Mon Sep 17 00:00:00 2001 From: Panu Matilainen Date: Sat, 28 Jan 2012 15:17:02 +0200 Subject: [PATCH] Don't assume rpmteNew() always succeeds, part III - Return error from verifyscript if rpmteNew() fails. This can't currently happen but handling this error makes it possible to do sanity checks on the header contents, such as file list integrity etc. Unlikely to occur for installed packages, but verify can be run on non-installed packages as well, where failure is more of a possibility. --- lib/verify.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/lib/verify.c b/lib/verify.c index 48f749c..21289d1 100644 --- a/lib/verify.c +++ b/lib/verify.c @@ -263,12 +263,17 @@ static int rpmVerifyScript(rpmts ts, Header h) if (headerIsEntry(h, RPMTAG_VERIFYSCRIPT)) { /* fake up a erasure transaction element */ rpmte p = rpmteNew(ts, h, TR_REMOVED, NULL, NULL); - rpmteSetHeader(p, h); - rc = (rpmpsmRun(ts, p, PKG_VERIFY) != RPMRC_OK); + if (p != NULL) { + rpmteSetHeader(p, h); - /* clean up our fake transaction bits */ - rpmteFree(p); + rc = (rpmpsmRun(ts, p, PKG_VERIFY) != RPMRC_OK); + + /* clean up our fake transaction bits */ + rpmteFree(p); + } else { + rc = RPMRC_FAIL; + } } return rc; -- 2.7.4