rpm: opendb before rpmverifyscript to avoid null point input

If the command is "rpm -V" and the return value of (headerIsEntry(h, RPMTAG_VERIFYSCRIPT)
|| headerIsEntry(h, RPMTAG_SANITYCHECK)) located in /lib/verify.c is true, it will call
rpmpsmStage function(rpmVerifyScript->rpmpsmScriptStage->rpmpsmStage) and occur segment
fault because of null point(rpmtsGetRdb(ts) == NULL and rpmtsGetRdb(ts)->db_txn).
So we open rpmdb to avoid bad input when find headerIsEntry true.

workflow:
main()->rpmcliVerify()->rpmcliArgIter()->rpmQueryVerify()->rpmgiShowMatches()->showVerifyPackage()->
          rpmqv.c         verify.c        query.c             query.c           verify.c(headerIsEntry)
rpmVerifyScript()->rpmpsmScriptStage()->rpmpsmStage()->    rpmtxnCommit(rpmtsGetRdb(ts)->db_txn);
      verify.c            psm.c             psm.c                 psm.c

(From OE-Core rev: 91945b7fcb0c83ca72543e5327e965eca9c269c4)

Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2 files changed, 25 insertions, 0 deletions

diff --git a/meta/recipes-devtools/rpm/rpm/rpm-opendb-before-verifyscript-to-avoid-null-point.patch b/meta/recipes-devtools/rpm/rpm/rpm-opendb-before-verifyscript-to-avoid-null-point.patch
new file mode 100644
index 0000000000..07d586a3ab
--- /dev/null
+++ b/meta/recipes-devtools/rpm/rpm/rpm-opendb-before-verifyscript-to-avoid-null-point.patch
@@ -0,0 +1,24 @@
+rpm: opendb before rpmverifyscript to avoid null point input
+
+If the command is "rpm -V" and the return value of (headerIsEntry(h, RPMTAG_VERIFYSCRIPT) 
+|| headerIsEntry(h, RPMTAG_SANITYCHECK)) located in /lib/verify.c is true, it will call
+rpmpsmStage function(rpmVerifyScript->rpmpsmScriptStage->rpmpsmStage) and occur segment
+fault because of null point(rpmtsGetRdb(ts) == NULL and rpmtsGetRdb(ts)->db_txn).
+So we open rpmdb to avoid bad input when find headerIsEntry true.
+
+Upstream-Status: Pending
+
+Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
+Index: rpm-5.4.14/lib/verify.c
+===================================================================
+--- rpm-5.4.14.orig/lib/verify.c        2015-07-22 22:09:59.992895355 +0800
++++ rpm-5.4.14/lib/verify.c     2015-08-13 10:20:33.752177906 +0800
+@@ -613,6 +613,8 @@
+        {
+            FD_t fdo = fdDup(STDOUT_FILENO);
+ 
++           rpmtsOpenDB(ts, O_RDONLY);            /*Open the DB to avoid null point input in function rpmpsmStage()*/
++
+            rc = rpmfiSetHeader(fi, h);
+            if ((rc = rpmVerifyScript(qva, ts, fi, fdo)) != 0)
+                ec += rc;
diff --git a/meta/recipes-devtools/rpm/rpm_5.4.14.bb b/meta/recipes-devtools/rpm/rpm_5.4.14.bb
index ddbdcb94ee..1f4d9d2e0c 100644
--- a/meta/recipes-devtools/rpm/rpm_5.4.14.bb
+++ b/meta/recipes-devtools/rpm/rpm_5.4.14.bb
@@ -95,6 +95,7 @@ SRC_URI = "http://www.rpm5.org/files/rpm/rpm-5.4/rpm-5.4.14-0.20131024.src.rpm;e
            file://rpm-lua-fix-print.patch \
            file://rpm-check-rootpath-reasonableness.patch \
            file://rpm-macros.in-disable-external-key-server.patch \
+           file://rpm-opendb-before-verifyscript-to-avoid-null-point.patch \
           "
 
 # Uncomment the following line to enable platform score debugging