Attachment 12839 Details for Bug 29167 – libsolv mga7 update diff

[patch] libsolv mga7 update diff

libsolv-mga7.diff (text/plain), 3.02 KB, created by Neal Gompa on 2021-07-02 14:23:40 CEST

(hide)

Description:

Filename:

MIME Type:

Creator: Neal Gompa

Created: 2021-07-02 14:23:40 CEST

Size: 3.02 KB

patch

obsolete

>Index: SOURCES/0001-testcase_read-error-out-if-repos-are-added-or-the-sy.patch
>===================================================================
>--- SOURCES/0001-testcase_read-error-out-if-repos-are-added-or-the-sy.patch	(nonexistent)
>+++ SOURCES/0001-testcase_read-error-out-if-repos-are-added-or-the-sy.patch	(working copy)
>@@ -0,0 +1,65 @@
>+From 0077ef29eb46d2e1df2f230fc95a1d9748d49dec Mon Sep 17 00:00:00 2001
>+From: Michael Schroeder <mls@suse.de>
>+Date: Mon, 14 Dec 2020 11:12:00 +0100
>+Subject: [PATCH] testcase_read: error out if repos are added or the system is
>+ changed too late
>+
>+We must not add new solvables after the considered map was created, the solver
>+was created, or jobs were added. We may not changed the system after jobs have
>+been added.
>+
>+(Jobs may point inside the whatproviedes array, so we must not invalidate this
>+area.)
>+---
>+ ext/testcase.c | 21 +++++++++++++++++++++
>+ 1 file changed, 21 insertions(+)
>+
>+diff --git a/ext/testcase.c b/ext/testcase.c
>+index 0be7a213..8fb6d793 100644
>+--- a/ext/testcase.c
>++++ b/ext/testcase.c
>+@@ -1991,6 +1991,7 @@ testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **res
>+   Id *genid = 0;
>+   int ngenid = 0;
>+   Queue autoinstq;
>++  int oldjobsize = job ? job->count : 0;
>+ 
>+   if (resultp)
>+     *resultp = 0;
>+@@ -2065,6 +2066,21 @@ testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **res
>+ 	  int prio, subprio;
>+ 	  const char *rdata;
>+ 
>++	  if (pool->considered)
>++	    {
>++	      pool_error(pool, 0, "testcase_read: cannot add repos after packages were disabled");
>++	      continue;
>++	    }
>++	  if (solv)
>++	    {
>++	      pool_error(pool, 0, "testcase_read: cannot add repos after the solver was created");
>++	      continue;
>++	    }
>++	  if (job && job->count != oldjobsize)
>++	    {
>++	      pool_error(pool, 0, "testcase_read: cannot add repos after jobs have been created");
>++	      continue;
>++	    }
>+ 	  prepared = 0;
>+           if (!poolflagsreset)
>+ 	    {
>+@@ -2125,6 +2141,11 @@ testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **res
>+ 	  int i;
>+ 
>+ 	  /* must set the disttype before the arch */
>++	  if (job && job->count != oldjobsize)
>++	    {
>++	      pool_error(pool, 0, "testcase_read: cannot change the system after jobs have been created");
>++	      continue;
>++	    }
>+ 	  prepared = 0;
>+ 	  if (strcmp(pieces[2], "*") != 0)
>+ 	    {
>+-- 
>+2.31.1
>+
>Index: SPECS/libsolv.spec
>===================================================================
>--- SPECS/libsolv.spec	(revision 1734447)
>+++ SPECS/libsolv.spec	(working copy)
>@@ -3,7 +3,7 @@
> %define libname %mklibname %shortname %major
> %define devname %mklibname -d %shortname
> 
>-%define subrel 1
>+%define subrel 2
> 
> Name:   libsolv
> Version:  0.7.4
>@@ -14,6 +14,8 @@
> 
> # Backport to fix CVE-2019-20387
> Patch0:  0001-repodata_schema2id-fix-heap-buffer-overflow-in-memcm.patch
>+# Backport to fix CVE-2021-3200
>+Patch1:  0001-testcase_read-error-out-if-repos-are-added-or-the-sy.patch
> 
> Group:    System/Libraries
> Summary:  Package dependency solver

Index: SOURCES/0001-testcase_read-error-out-if-repos-are-added-or-the-sy.patch
===================================================================
--- SOURCES/0001-testcase_read-error-out-if-repos-are-added-or-the-sy.patch	(nonexistent)
+++ SOURCES/0001-testcase_read-error-out-if-repos-are-added-or-the-sy.patch	(working copy)
@@ -0,0 +1,65 @@
+From 0077ef29eb46d2e1df2f230fc95a1d9748d49dec Mon Sep 17 00:00:00 2001
+From: Michael Schroeder <mls@suse.de>
+Date: Mon, 14 Dec 2020 11:12:00 +0100
+Subject: [PATCH] testcase_read: error out if repos are added or the system is
+ changed too late
+
+We must not add new solvables after the considered map was created, the solver
+was created, or jobs were added. We may not changed the system after jobs have
+been added.
+
+(Jobs may point inside the whatproviedes array, so we must not invalidate this
+area.)
+---
+ ext/testcase.c | 21 +++++++++++++++++++++
+ 1 file changed, 21 insertions(+)
+
+diff --git a/ext/testcase.c b/ext/testcase.c
+index 0be7a213..8fb6d793 100644
+--- a/ext/testcase.c
++++ b/ext/testcase.c
+@@ -1991,6 +1991,7 @@ testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **res
+   Id *genid = 0;
+   int ngenid = 0;
+   Queue autoinstq;
++  int oldjobsize = job ? job->count : 0;
+ 
+   if (resultp)
+     *resultp = 0;
+@@ -2065,6 +2066,21 @@ testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **res
+ 	  int prio, subprio;
+ 	  const char *rdata;
+ 
++	  if (pool->considered)
++	    {
++	      pool_error(pool, 0, "testcase_read: cannot add repos after packages were disabled");
++	      continue;
++	    }
++	  if (solv)
++	    {
++	      pool_error(pool, 0, "testcase_read: cannot add repos after the solver was created");
++	      continue;
++	    }
++	  if (job && job->count != oldjobsize)
++	    {
++	      pool_error(pool, 0, "testcase_read: cannot add repos after jobs have been created");
++	      continue;
++	    }
+ 	  prepared = 0;
+           if (!poolflagsreset)
+ 	    {
+@@ -2125,6 +2141,11 @@ testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **res
+ 	  int i;
+ 
+ 	  /* must set the disttype before the arch */
++	  if (job && job->count != oldjobsize)
++	    {
++	      pool_error(pool, 0, "testcase_read: cannot change the system after jobs have been created");
++	      continue;
++	    }
+ 	  prepared = 0;
+ 	  if (strcmp(pieces[2], "*") != 0)
+ 	    {
+-- 
+2.31.1
+
Index: SPECS/libsolv.spec
===================================================================
--- SPECS/libsolv.spec	(revision 1734447)
+++ SPECS/libsolv.spec	(working copy)
@@ -3,7 +3,7 @@
 %define libname %mklibname %shortname %major
 %define devname %mklibname -d %shortname
 
-%define subrel 1
+%define subrel 2
 
 Name:   libsolv
 Version:  0.7.4
@@ -14,6 +14,8 @@
 
 # Backport to fix CVE-2019-20387
 Patch0:  0001-repodata_schema2id-fix-heap-buffer-overflow-in-memcm.patch
+# Backport to fix CVE-2021-3200
+Patch1:  0001-testcase_read-error-out-if-repos-are-added-or-the-sy.patch
 
 Group:    System/Libraries
 Summary:  Package dependency solver

Actions: View | Diff

Attachments on bug 29167: 12839 | 12858