From de9f04066425bceb29d6ac5592fcd001c8d0f8e6 Mon Sep 17 00:00:00 2001 From: jbj Date: Fri, 25 Jun 1999 10:14:13 +0000 Subject: [PATCH] fix: --checksig segfault with odd pgp output (e.g. w/o ~/.pgp) (#3720) CVS patchset: 3110 CVS date: 1999/06/25 10:14:13 --- CHANGES | 3 ++- checksig.c | 23 +++++++++++------------ po/rpm.pot | 32 ++++++++++++++++---------------- rpm.spec | 2 +- 4 files changed, 30 insertions(+), 30 deletions(-) diff --git a/CHANGES b/CHANGES index a58af52..aba45d4 100644 --- a/CHANGES +++ b/CHANGES @@ -17,7 +17,8 @@ - MiNT port (Guido Flohr ). - fix: --rebuilddb with --root dinna remove directory (Michael Andres). - fix: false fingerprint stat cache hit -- "the tetex problem" (#2727). - - fix: bsearch needs macro table sorted after undefine. + - fix: bsearch needs macro table sorted after undefine. (#3713). + - fix: --checksig segfault with odd pgp output (e.g. w/o ~/.pgp) (#3720) 3.0 -> 3.0.1 - fix: %verifyscript resurrected (Shing-Gene Yung). diff --git a/checksig.c b/checksig.c index 318ff44..facebb4 100644 --- a/checksig.c +++ b/checksig.c @@ -153,7 +153,6 @@ int doCheckSig(int flags, const char **argv) unsigned char buffer[8192]; unsigned char missingKeys[7164]; unsigned char untrustedKeys[7164]; - char *tempKey; Header sig; HeaderIterator sigIter; int_32 tag, type, count; @@ -210,15 +209,12 @@ int doCheckSig(int flags, const char **argv) fdClose(fd); fdClose(ofd); - sigIter = headerInitIterator(sig); res2 = 0; missingKeys[0] = '\0'; untrustedKeys[0] = '\0'; - if (rpmIsVerbose()) { - sprintf(buffer, "%s:\n", rpm); - } else { - sprintf(buffer, "%s: ", rpm); - } + sprintf(buffer, "%s:%c", rpm, (rpmIsVerbose() ? '\n' : ' ') ); + + sigIter = headerInitIterator(sig); while (headerNextIterator(sigIter, &tag, &type, &ptr, &count)) { if ((tag == RPMSIGTAG_PGP || tag == RPMSIGTAG_PGP5) && !(flags & CHECKSIG_PGP)) @@ -237,6 +233,7 @@ int doCheckSig(int flags, const char **argv) strcat(buffer, result); res2 = 1; } else { + char *tempKey; switch (tag) { case RPMSIGTAG_SIZE: strcat(buffer, "SIZE "); @@ -255,17 +252,18 @@ int doCheckSig(int flags, const char **argv) int offset = 7; strcat(buffer, "(PGP) "); tempKey = strstr(result, "Key ID"); - if (!tempKey) - { + if (tempKey == NULL) { tempKey = strstr(result, "keyid:"); offset = 9; } - if (res3 == RPMSIG_NOKEY) { + if (tempKey) { + if (res3 == RPMSIG_NOKEY) { strcat(missingKeys, " PGP#"); strncat(missingKeys, tempKey + offset, 8); - } else { + } else { strcat(untrustedKeys, " PGP#"); strncat(untrustedKeys, tempKey + offset, 8); + } } } else { strcat(buffer, "PGP "); @@ -278,7 +276,8 @@ int doCheckSig(int flags, const char **argv) strcat(buffer, "(GPG) "); strcat(missingKeys, " GPG#"); tempKey = strstr(result, "key ID"); - strncat(missingKeys, tempKey+7, 8); + if (tempKey) + strncat(missingKeys, tempKey+7, 8); } else { strcat(buffer, "GPG "); res2 = 1; diff --git a/po/rpm.pot b/po/rpm.pot index 3a3d32b..46f738c 100644 --- a/po/rpm.pot +++ b/po/rpm.pot @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" -"POT-Creation-Date: 1999-06-24 17:12-0400\n" +"POT-Creation-Date: 1999-06-25 06:03-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -121,12 +121,12 @@ msgstr "" msgid "lookup I18N strings in specfile catalog" msgstr "" -#: ../checksig.c:27 ../checksig.c:166 +#: ../checksig.c:27 ../checksig.c:165 #, c-format msgid "%s: Open failed\n" msgstr "" -#: ../checksig.c:31 ../checksig.c:171 +#: ../checksig.c:31 ../checksig.c:170 #, c-format msgid "%s: readLead failed\n" msgstr "" @@ -141,12 +141,12 @@ msgstr "" msgid "%s: Can't re-sign v2.0 RPM\n" msgstr "" -#: ../checksig.c:43 ../checksig.c:181 +#: ../checksig.c:43 ../checksig.c:180 #, c-format msgid "%s: rpmReadSignature failed\n" msgstr "" -#: ../checksig.c:56 ../checksig.c:195 +#: ../checksig.c:56 ../checksig.c:194 msgid "Couldn't read the header/archive" msgstr "" @@ -167,42 +167,42 @@ msgstr "" msgid "Couldn't write package" msgstr "" -#: ../checksig.c:176 +#: ../checksig.c:175 #, c-format msgid "%s: No signature available (v1.0 RPM)\n" msgstr "" -#: ../checksig.c:186 +#: ../checksig.c:185 #, c-format msgid "%s: No signature available\n" msgstr "" -#: ../checksig.c:202 +#: ../checksig.c:201 #, c-format msgid "Unable to write %s" msgstr "" -#: ../checksig.c:328 +#: ../checksig.c:327 msgid "NOT OK" msgstr "" -#: ../checksig.c:329 ../checksig.c:343 +#: ../checksig.c:328 ../checksig.c:342 msgid " (MISSING KEYS:" msgstr "" -#: ../checksig.c:331 ../checksig.c:345 +#: ../checksig.c:330 ../checksig.c:344 msgid ") " msgstr "" -#: ../checksig.c:332 ../checksig.c:346 +#: ../checksig.c:331 ../checksig.c:345 msgid " (UNTRUSTED KEYS:" msgstr "" -#: ../checksig.c:334 ../checksig.c:348 +#: ../checksig.c:333 ../checksig.c:347 msgid ")" msgstr "" -#: ../checksig.c:342 +#: ../checksig.c:341 msgid "OK" msgstr "" @@ -2595,12 +2595,12 @@ msgstr "" msgid "Target buffer overflow" msgstr "" -#: ../lib/macro.c:1274 ../lib/macro.c:1282 +#: ../lib/macro.c:1278 ../lib/macro.c:1286 #, c-format msgid "File %s: %s" msgstr "" -#: ../lib/macro.c:1285 +#: ../lib/macro.c:1289 #, c-format msgid "File %s is smaller than %d bytes" msgstr "" diff --git a/rpm.spec b/rpm.spec index 4a85f3a..3724d8f 100644 --- a/rpm.spec +++ b/rpm.spec @@ -2,7 +2,7 @@ Summary: The Red Hat package management system. Name: rpm %define version 3.0.2 Version: %{version} -Release: 0.8 +Release: 0.9 Group: System Environment/Base Source: ftp://ftp.rpm.org/pub/rpm/dist/rpm-3.0.x/rpm-%{version}.tar.gz Copyright: GPL -- 2.7.4