summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHongxu Jia <hongxu.jia@windriver.com>2020-06-03 14:55:31 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2020-06-04 13:27:32 +0100
commit7adde4fa40d7ab15398c25504a7e3bd963ed1ca0 (patch)
treead9adad3b4fa8f840c78a0c9a962b7a885a90e90
parente4faf3b3d00ec11e39e76120617e5a782c322920 (diff)
downloadpoky-7adde4fa40d7ab15398c25504a7e3bd963ed1ca0.tar.gz
rpm: fix rpm -Kv xxx.rpm failed if signature header is larger than 64KB
Since commits [Place file signatures into the signature header where they belong][1] applied, run `rpm -Kv **.rpm' failed if signature header is larger than 64KB. Here are steps: 1) A unsigned rpm package, the size is 227560 bytes $ ls -al xz-src-5.2.5-r0.corei7_64.rpm -rw-------. 1 mockbuild 1000 227560 Jun 3 09:59 2) Sign the rpm package $ rpmsign --addsign ... xz-src-5.2.5-r0.corei7_64.rpm 3) The size of signed rpm is 312208 bytes $ ls -al xz-src-5.2.5-r0.corei7_64.rpm -rw-------. 1 mockbuild 1000 312208 Jun 3 09:48 4) Run `rpm -Kv' failed with signature hdr data out of range $ rpm -Kv xz-src-5.2.5-r0.corei7_64.rpm xz-src-5.2.5-r0.corei7_64.rpm: error: xz-src-5.2.5-r0.corei7_64.rpm: signature hdr data: BAD, no. of bytes(88864) out of range >From 1) and 3), the size of signed rpm package increased 312208 - 227560 = 84648, so the check of dl_max (64KB,65536) is not enough. As [1] said: This also means the signature header can be MUCH bigger than ever before,so bump up the limit (to 64MB, arbitrary something for now) So [1] missed to multiply by 1024. [1] https://github.com/rpm-software-management/rpm/commit/f558e886050c4e98f6cdde391df679a411b3f62c (From OE-Core rev: 8359bdd60afafd80d354f7f40ed648643d8db292) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-devtools/rpm/files/0001-Bump-up-the-limit-of-signature-header-to-64MB.patch62
-rw-r--r--meta/recipes-devtools/rpm/rpm_4.15.1.bb1
2 files changed, 63 insertions, 0 deletions
diff --git a/meta/recipes-devtools/rpm/files/0001-Bump-up-the-limit-of-signature-header-to-64MB.patch b/meta/recipes-devtools/rpm/files/0001-Bump-up-the-limit-of-signature-header-to-64MB.patch
new file mode 100644
index 0000000000..0a19c12a7a
--- /dev/null
+++ b/meta/recipes-devtools/rpm/files/0001-Bump-up-the-limit-of-signature-header-to-64MB.patch
@@ -0,0 +1,62 @@
1From e8bf0eba7143abb6e69db82ee747a0c6790dd00a Mon Sep 17 00:00:00 2001
2From: Hongxu Jia <hongxu.jia@windriver.com>
3Date: Wed, 3 Jun 2020 10:25:24 +0800
4Subject: [PATCH] Bump up the limit of signature header to 64MB
5
6Since commits [Place file signatures into the signature header where they
7belong][1] applied, run `rpm -Kv **.rpm' failed if signature header
8is larger than 64KB. Here are steps:
9
101) A unsigned rpm package, the size is 227560 bytes
11$ ls -al xz-src-5.2.5-r0.corei7_64.rpm
12-rw-------. 1 mockbuild 1000 227560 Jun 3 09:59
13
142) Sign the rpm package
15$ rpmsign --addsign ... xz-src-5.2.5-r0.corei7_64.rpm
16
173) The size of signed rpm is 312208 bytes
18$ ls -al xz-src-5.2.5-r0.corei7_64.rpm
19-rw-------. 1 mockbuild 1000 312208 Jun 3 09:48
20
214) Run `rpm -Kv' failed with signature hdr data out of range
22$ rpm -Kv xz-src-5.2.5-r0.corei7_64.rpm
23xz-src-5.2.5-r0.corei7_64.rpm:
24error: xz-src-5.2.5-r0.corei7_64.rpm: signature hdr data: BAD, no. of
25bytes(88864) out of range
26
27From 1) and 3), the size of signed rpm package increased
28312208 - 227560 = 84648, so the check of dl_max (64KB,65536)
29is not enough.
30
31As [1] said:
32
33 This also means the signature header can be MUCH bigger than ever
34 before,so bump up the limit (to 64MB, arbitrary something for now)
35
36So [1] missed to multiply by 1024.
37
38[1] https://github.com/rpm-software-management/rpm/commit/f558e886050c4e98f6cdde391df679a411b3f62c
39
40Upstream-Status: Backport [https://github.com/rpm-software-management/rpm/commit/486579912381ede82172dc6d0ff3941a6d0536b5]
41
42Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
43---
44 lib/header.c | 2 +-
45 1 file changed, 1 insertion(+), 1 deletion(-)
46
47diff --git a/lib/header.c b/lib/header.c
48index 9ec7ed0..cbf6890 100644
49--- a/lib/header.c
50+++ b/lib/header.c
51@@ -1906,7 +1906,7 @@ rpmRC hdrblobRead(FD_t fd, int magic, int exact_size, rpmTagVal regionTag, hdrbl
52
53 if (regionTag == RPMTAG_HEADERSIGNATURES) {
54 il_max = 32;
55- dl_max = 64 * 1024;
56+ dl_max = 64 * 1024 * 1024;
57 }
58
59 memset(block, 0, sizeof(block));
60--
612.25.4
62
diff --git a/meta/recipes-devtools/rpm/rpm_4.15.1.bb b/meta/recipes-devtools/rpm/rpm_4.15.1.bb
index 8add142461..cbe1acffe2 100644
--- a/meta/recipes-devtools/rpm/rpm_4.15.1.bb
+++ b/meta/recipes-devtools/rpm/rpm_4.15.1.bb
@@ -40,6 +40,7 @@ SRC_URI = "git://github.com/rpm-software-management/rpm;branch=rpm-4.15.x \
40 file://0001-rpmplugins.c-call-dlerror-prior-to-dlsym.patch \ 40 file://0001-rpmplugins.c-call-dlerror-prior-to-dlsym.patch \
41 file://0001-rpmfc.c-do-not-run-file-classification-in-parallel.patch \ 41 file://0001-rpmfc.c-do-not-run-file-classification-in-parallel.patch \
42 file://0001-lib-transaction.c-fix-file-conflicts-for-MIPS64-N32.patch \ 42 file://0001-lib-transaction.c-fix-file-conflicts-for-MIPS64-N32.patch \
43 file://0001-Bump-up-the-limit-of-signature-header-to-64MB.patch \
43 " 44 "
44 45
45PE = "1" 46PE = "1"