summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorPanu Matilainen <pmatilai@redhat.com>2008-05-08 07:48:51 +0300
committerPanu Matilainen <pmatilai@redhat.com>2008-05-08 07:48:51 +0300
commitcb36d48351ea944d445db29635750042f445ec3d (patch)
tree4b8dead6f48a215d7b2620c4d67561dde6c58b66 /lib
parent79dd50f94d94158e03fd57a72a896f8fc20f61ec (diff)
downloadrpm-cb36d48351ea944d445db29635750042f445ec3d.tar.gz
rpm-cb36d48351ea944d445db29635750042f445ec3d.tar.bz2
rpm-cb36d48351ea944d445db29635750042f445ec3d.zip
Check rpmAddSignature() return codes (rhbz#442761)
- headerGetEntry() on RPMTAG_HEADERIMMUTABLE already caught the corrupted package, we just didn't paying attention - make the hge failed error message a bit more meaningful
Diffstat (limited to 'lib')
-rw-r--r--lib/rpmchecksig.c26
-rw-r--r--lib/signature.c3
2 files changed, 21 insertions, 8 deletions
diff --git a/lib/rpmchecksig.c b/lib/rpmchecksig.c
index 560028b8e..5a31962c0 100644
--- a/lib/rpmchecksig.c
+++ b/lib/rpmchecksig.c
@@ -247,12 +247,18 @@ static int rpmReSign(rpmts ts, QVA_t qva, ARGV_const_t argv)
xx = headerRemoveEntry(sigh, RPMSIGTAG_BADSHA1_2);
/* Toss and recalculate header+payload size and digests. */
- xx = headerRemoveEntry(sigh, RPMSIGTAG_SIZE);
- xx = rpmAddSignature(sigh, sigtarget, RPMSIGTAG_SIZE, qva->passPhrase);
- xx = headerRemoveEntry(sigh, RPMSIGTAG_MD5);
- xx = rpmAddSignature(sigh, sigtarget, RPMSIGTAG_MD5, qva->passPhrase);
- xx = headerRemoveEntry(sigh, RPMSIGTAG_SHA1);
- xx = rpmAddSignature(sigh, sigtarget, RPMSIGTAG_SHA1, qva->passPhrase);
+ {
+ rpmSigTag const sigs[] = { RPMSIGTAG_SIZE,
+ RPMSIGTAG_MD5,
+ RPMSIGTAG_SHA1,
+ };
+ int nsigs = sizeof(sigs) / sizeof(rpmSigTag);
+ for (int i = 0; i < nsigs; i++) {
+ (void) headerRemoveEntry(sigh, sigs[i]);
+ if (rpmAddSignature(sigh, sigtarget, sigs[i], qva->passPhrase))
+ goto exit;
+ }
+ }
if (deleting) { /* Nuke all the signature tags. */
xx = headerRemoveEntry(sigh, RPMSIGTAG_GPG);
@@ -294,7 +300,9 @@ static int rpmReSign(rpmts ts, QVA_t qva, ARGV_const_t argv)
}
xx = headerRemoveEntry(sigh, sigtag);
- xx = rpmAddSignature(sigh, sigtarget, sigtag, qva->passPhrase);
+ if (rpmAddSignature(sigh, sigtarget, sigtag, qva->passPhrase)) {
+ goto exit;
+ }
/* If package was previously signed, check for same signer. */
memset(newsignid, 0, sizeof(newsignid));
@@ -483,7 +491,9 @@ static int readFile(FD_t fd, const char * fn, pgpDig dig)
|| uh == NULL)
{
h = headerFree(h);
- rpmlog(RPMLOG_ERR, _("%s: headerGetEntry failed\n"), fn);
+ rpmlog(RPMLOG_ERR,
+ _("%s: Immutable header region could not be read. "
+ "Corrupted package?\n"), fn);
goto exit;
}
dig->hdrsha1ctx = rpmDigestInit(PGPHASHALGO_SHA1, RPMDIGEST_NONE);
diff --git a/lib/signature.c b/lib/signature.c
index 4dd3f4279..953c1bb30 100644
--- a/lib/signature.c
+++ b/lib/signature.c
@@ -669,6 +669,9 @@ static int makeHDRSignature(Header sigh, const char * file, rpmSigTag sigTag,
if (!headerGetEntry(h, RPMTAG_HEADERIMMUTABLE, &uht, &uh, &uhc)
|| uh == NULL)
{
+ rpmlog(RPMLOG_ERR,
+ _("Immutable header region could not be read. "
+ "Corrupted package?\n"));
h = headerFree(h);
goto exit;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-01 09:41:58 +0000