From: Richard Purdie <richard.purdie@linuxfoundation.org>
To: Changqing Li <changqing.li@windriver.com>,
openembedded-core@lists.openembedded.org
Subject: Re: [OE-core] [V3][PATCH] rpm: fix CVE-2021-3521
Date: Tue, 04 Jan 2022 09:31:51 +0000 [thread overview]
Message-ID: <1bf471a6cbf96644c183735e06f4594a5acadd71.camel@linuxfoundation.org> (raw)
In-Reply-To: <5119f0f4-ccf3-60c6-8d35-b301a0f8a499@windriver.com>
On Tue, 2022-01-04 at 09:48 +0800, Changqing Li wrote:
> On 12/31/21 11:38 PM, Richard Purdie wrote:
> > [Please note: This e-mail is from an EXTERNAL e-mail address]
> >
> > On Fri, 2021-12-31 at 10:21 +0800, Changqing Li wrote:
> > > From: Changqing Li <changqing.li@windriver.com>
> > >
> > > Signed-off-by: Changqing Li <changqing.li@windriver.com>
> > > ---
> > > .../rpm/files/0001-CVE-2021-3521.patch | 57 +++
> > > .../rpm/files/0002-CVE-2021-3521.patch | 64 ++++
> > > .../rpm/files/0003-CVE-2021-3521.patch | 329 ++++++++++++++++++
> > > meta/recipes-devtools/rpm/rpm_4.17.0.bb | 3 +
> > > 4 files changed, 453 insertions(+)
> > > create mode 100644 meta/recipes-devtools/rpm/files/0001-CVE-2021-3521.patch
> > > create mode 100644 meta/recipes-devtools/rpm/files/0002-CVE-2021-3521.patch
> > > create mode 100644 meta/recipes-devtools/rpm/files/0003-CVE-2021-3521.patch
> > >
> > > diff --git a/meta/recipes-devtools/rpm/files/0001-CVE-2021-3521.patch b/meta/recipes-devtools/rpm/files/0001-CVE-2021-3521.patch
> > > new file mode 100644
> > > index 0000000000..b374583017
> > > --- /dev/null
> > > +++ b/meta/recipes-devtools/rpm/files/0001-CVE-2021-3521.patch
> > > @@ -0,0 +1,57 @@
> > > +From 9a6871126f472feea057d5f803505ec8cc78f083 Mon Sep 17 00:00:00 2001
> > > +From: Panu Matilainen <pmatilai@redhat.com>
> > > +Date: Thu, 30 Sep 2021 09:56:20 +0300
> > > +Subject: [PATCH 1/3] Refactor pgpDigParams construction to helper function
> > > +
> > > +No functional changes, just to reduce code duplication and needed by
> > > +the following commits.
> > > +
> > > +CVE: CVE-2021-3521
> > > +Upstream-Status: Backport[https://github.com/rpm-software-management/rpm/commit/9f03f42e2]
> > > +
> > > +Signed-off-by: Changqing Li <changqing.li@windriver.com>
> > > +---
> > > + rpmio/rpmpgp.c | 13 +++++++++----
> > > + 1 file changed, 9 insertions(+), 4 deletions(-)
> > > +
> > > +diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
> > > +index d0688ebe9a..e472b5320f 100644
> > > +--- a/rpmio/rpmpgp.c
> > > ++++ b/rpmio/rpmpgp.c
> > > +@@ -1041,6 +1041,13 @@ unsigned int pgpDigParamsAlgo(pgpDigParams digp, unsigned int algotype)
> > > + return algo;
> > > + }
> > > +
> > > ++static pgpDigParams pgpDigParamsNew(uint8_t tag)
> > > ++{
> > > ++ pgpDigParams digp = xcalloc(1, sizeof(*digp));
> > > ++ digp->tag = tag;
> > > ++ return digp;
> > > ++}
> > > ++
> > > + int pgpPrtParams(const uint8_t * pkts, size_t pktlen, unsigned int pkttype,
> > > + pgpDigParams * ret)
> > > + {
> > > +@@ -1058,8 +1065,7 @@ int pgpPrtParams(const uint8_t * pkts, size_t pktlen, unsigned int pkttype,
> > > + if (pkttype && pkt.tag != pkttype) {
> > > + break;
> > > + } else {
> > > +- digp = xcalloc(1, sizeof(*digp));
> > > +- digp->tag = pkt.tag;
> > > ++ digp = pgpDigParamsNew(pkt.tag);
> > > + }
> > > + }
> > > +
> > > +@@ -1105,8 +1111,7 @@ int pgpPrtParamsSubkeys(const uint8_t *pkts, size_t pktlen,
> > > + digps = xrealloc(digps, alloced * sizeof(*digps));
> > > + }
> > > +
> > > +- digps[count] = xcalloc(1, sizeof(**digps));
> > > +- digps[count]->tag = PGPTAG_PUBLIC_SUBKEY;
> > > ++ digps[count] = pgpDigParamsNew(PGPTAG_PUBLIC_SUBKEY);
> > > + /* Copy UID from main key to subkey */
> > > + digps[count]->userid = xstrdup(mainkey->userid);
> > > +
> > > +--
> > > +2.17.1
> > > +
> > > diff --git a/meta/recipes-devtools/rpm/files/0002-CVE-2021-3521.patch b/meta/recipes-devtools/rpm/files/0002-CVE-2021-3521.patch
> > > new file mode 100644
> > > index 0000000000..b93a1d5404
> > > --- /dev/null
> > > +++ b/meta/recipes-devtools/rpm/files/0002-CVE-2021-3521.patch
> > > @@ -0,0 +1,64 @@
> > > +From c4b1bee51bbdd732b94b431a951481af99117703 Mon Sep 17 00:00:00 2001
> > > +From: Panu Matilainen <pmatilai@redhat.com>
> > > +Date: Thu, 30 Sep 2021 09:51:10 +0300
> > > +Subject: [PATCH 2/3] Process MPI's from all kinds of signatures
> > > +
> > > +No immediate effect but needed by the following commits.
> > > +
> > > +CVE: CVE-2021-3521
> > > +Upstream-Status: Backport[https://github.com/rpm-software-management/rpm/commit/b5e8bc74b]
> > > +
> > The new tests also trigger for the missing space above after Backport. It does
> > make me wonder why you don't see those test failures. I've tweaked the patches
> > in master-next to fix this.
> Thanks.
>
> I don't receive mail about the failure, seems the patchwork is not working.
You should have seen the error when you tried building/testing the patch
locally...
Cheers,
Richard
prev parent reply other threads:[~2022-01-04 9:31 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-31 2:21 [V3][PATCH] rpm: fix CVE-2021-3521 changqing.li
2021-12-31 15:38 ` [OE-core] " Richard Purdie
2022-01-04 1:48 ` Changqing Li
2022-01-04 9:31 ` Richard Purdie [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1bf471a6cbf96644c183735e06f4594a5acadd71.camel@linuxfoundation.org \
--to=richard.purdie@linuxfoundation.org \
--cc=changqing.li@windriver.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox