diff options
author | Panu Matilainen <pmatilai@redhat.com> | 2023-02-22 12:01:59 +0200 |
---|---|---|
committer | Michal Domonkos <mdomonko@redhat.com> | 2023-03-13 15:32:25 +0100 |
commit | a94e971dbb10e8bc929108a65c7bb1d5b1d9e77e (patch) | |
tree | 0a3e7f3658fa5eb689ac9bab4a698abaa9587b8b | |
parent | e5592b233c1fe4d3e66597055e40f0b5ff043b47 (diff) | |
download | rpm-a94e971dbb10e8bc929108a65c7bb1d5b1d9e77e.tar.gz |
Fix signature reserved space not restored on --delsign (#2382)
Fixes a regression from commit 5c279fb149a44a1bc4d19e11c3c01942732b8486
simplifying this a bit too much, and failing to restore the reclaimed
reserved signature space on after --delsign. Add a test-case to ensure
--addsign + --delsign returns the package to its original state
bit-by-bit.
Fixes: #2382
(cherry picked from commit be950eabb84a88e5773e096435c37b92e3d47ebb)
-rw-r--r-- | sign/rpmgensig.c | 14 | ||||
-rw-r--r-- | tests/rpmsigdig.at | 19 |
2 files changed, 29 insertions, 4 deletions
diff --git a/sign/rpmgensig.c b/sign/rpmgensig.c index 553a58ec1..33a48f8f0 100644 --- a/sign/rpmgensig.c +++ b/sign/rpmgensig.c @@ -639,14 +639,20 @@ static int rpmSign(const char *rpm, int deleting, int flags) res = -1; } - /* Try to make new signature smaller to have size of original signature */ + /* Adjust reserved size for added/removed signatures */ if (headerGet(sigh, RPMSIGTAG_RESERVEDSPACE, &utd, HEADERGET_MINMEM)) { int diff = headerSizeof(sigh, HEADER_MAGIC_YES) - origSigSize; - if (diff > 0 && diff < utd.count) { + /* diff can be zero if nothing was added or removed */ + if (diff) { utd.count -= diff; - headerMod(sigh, &utd); - insSig = 1; + if (utd.count > 0 && utd.count < origSigSize) { + char *zeros = xcalloc(utd.count, sizeof(*zeros)); + utd.data = zeros; + headerMod(sigh, &utd); + insSig = 1; + free(zeros); + } } } diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at index da8321091..8de7f4bc4 100644 --- a/tests/rpmsigdig.at +++ b/tests/rpmsigdig.at @@ -781,6 +781,25 @@ POST-DELSIGN ], []) +# test --delsign restores the old package bit-per-bit +AT_CHECK([ +RPMDB_INIT + +ORIG="${RPMTEST}/data/RPMS/hello-2.0-1.x86_64.rpm" +NEW="${RPMTEST}/tmp/hello-2.0-1.x86_64.rpm" + +cp ${ORIG} "${RPMTEST}"/tmp/ +run rpmsign --key-id 1964C5FC --addsign ${NEW} > /dev/null +cmp -s ${ORIG} ${NEW}; echo $? +run rpmsign --delsign ${NEW} > /dev/null +cmp -s ${ORIG} ${NEW}; echo $? +], +[ignore], +[1 +0 +], +[]) + # rpmsign --addsign <signed> AT_CHECK([ RPMDB_INIT |