| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
No code changes since rc1 at all, just a version bump.
|
| |
|
|
|
|
|
|
| |
The plugin announces start and end of transactions
(cherry picked from commit 2a03b8fa12319d4650ee3cd1c48d1cd3ab8afe56)
|
|
|
|
|
|
|
|
|
|
| |
We now only invalidate the cache if the cached entry gets written
or deleted. This is needed for the code in rpmdbNextIterator()
which first reads the next header and then writes the modified
old header to the database. Therefore we must not free the cached
entry if a modified header with a different id is written.
(cherry picked from commit 297b7be14be7a5182ada2246b5c15802a88475a1)
|
|
|
|
|
|
|
|
|
| |
Bump the Lua minimum version to 5.3.
The 986be669fb037ae0e2049a2022c4fdfa05da6747 commit introduced a use of
lua_rotate(), which is not available in Lua 5.2, unintentionally causing a dependency on 5.3. Rather than work around it, just bump the requirement to 5.3, it's almost seven years old by now...
(cherry picked from commit 24b6c4542367aa251007497eb5595df24835d91b)
|
|
|
|
|
|
|
| |
Add brief introduction, section about comments and commit messages
Bit more details on code formatting
(cherry picked from commit 3cb4b8b051032d33d1a52f48468cc543d90f7f3c)
|
|
|
|
| |
(cherry picked from commit 7af8691e58967e5027b1b52691a01e03a0ee28a9)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Otherwise SecureBoot signatures may be stripped too.
We used to exclude shared libraries from this strip as they were
supposed to be covered by another brp script (brp-strip-shared), however
it turned out the latter was never really used, so we removed the
exclusion in commit 0ab151ab138fd4fb6d3176fd0270d9cc6f4623f3.
As it turns out, that was a little too ambitious, since we may now
inadvertently strip SecureBoot signatures from kernel modules too,
provided that they're made during the build, prior to the invocation of
brp-strip.
Note that this regression currently does *not* affect the following two
cases on Fedora/RHEL systems with redhat-rpm-config installed:
- in-tree kernel modules; these are built from kernel.spec which
already contains a hack ensuring that module signing only happens
*after* any stripping (see %__modsign_install_post in kernel.spec)
- out-of-tree kernel modules built with debuginfo enabled; this is
because brp-strip is only called when %debug_package is set to
%{nil}
Any other combinations may be affected, depending on the macros and
.spec files used, so let's fix this by effectively "reverting" said
commit for .ko files only.
Fixes: rhbz#1967291
(cherry picked from commit cfdb8300f6e3aed0abc41406a3c4737eb1192067)
|
|
|
|
|
|
|
|
|
| |
We must avoid the "database is locked" errors at every cost because
otherwise the rpmdb gets corrupted and system ends up in inconsistent
state.
Resolves: rhbz#1946046
(cherry picked from commit 513d04db9f0cb49e35829d521ffcf7455bfa8a7c)
|
|
|
|
|
|
|
| |
The d6a86b5e69e46cc283b1e06c92343319beb42e21 commit introduced
a new variable that is only used internally by headerMergeLegacySigs().
(cherry picked from commit 822c3dc2046c29718e34ac2da16a9757a9be11da)
|
|
|
|
|
|
|
|
|
|
|
|
| |
This covers the following usage:
expr = rex.newPOSIX(<regex>)
expr:match(<string>) # A leak occurred here
expr:gmatch(<string>, <func>) # A leak occurred here
Found by Coverity.
(cherry picked from commit b7a1e996326ee29a163d67ceb1e6127fdc251c14)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We permit two equivalent forms of specifying a list of languages per
file:
%lang(xx,yy,zz) /path/to/file
%lang(xx) %lang(yy) %lang(zz) /path/to/file
The leak was when parsing the second form.
Found by Coverity.
(cherry picked from commit 590b2fc06252567eb7d57197dc361a8b459d62a3)
|
|
|
|
|
|
| |
Found by Coverity.
(cherry picked from commit 9c093c4f092dd6bd1e0c8d2b852a72b74db076c2)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Turns out this leak is already fixed in glibc's current version of fts.c
(where our copy originates from), so let's just backport that.
Original commit in glibc:
https://sourceware.org/git/?p=glibc.git;\
a=commit;h=db67c2c98b89a5723af44df54f38b779de8d4a65
Found by Coverity.
(cherry picked from commit 39b7bf8579e0522cf16347b3a7e332d3b6d742c6)
|
|
|
|
|
|
|
|
|
|
| |
This function is not used anywhere within our codebase (and neither is
it part of the public API) so it's basically a no-op... Still, rather
than yanking it completely, let's just silence the Coverity error here.
Found by Coverity.
(cherry picked from commit 3c8b01b67ec907afaaffe71691fa41b878578527)
|
|
|
|
|
|
|
|
|
|
|
|
| |
Even though the actual implementation of rpmGlob() does not allocate the
passed arg list (av) if the return code (rc) is non-zero or arg count
(ac) is 0, it's the responsibility of the caller (rpmInstall() here) to
free that memory, so make sure we do that irrespectively of the above
conditions.
Found by Coverity.
(cherry picked from commit 5baf73feb4951cc3b3f553a4b18d3b3599cbf87c)
|
|
|
|
|
|
|
|
|
| |
Callers are supposed to free the error strings themselves:
https://www.sqlite.org/capi3ref.html#sqlite3_exec
Found by Coverity.
(cherry picked from commit d8dc4fd37b1d90cd97de7fcf484d449ec132c9b3)
|
|
|
|
|
|
|
|
|
|
|
|
| |
These curly brackets are already treated as literals by the shell, so
let's make that explicit for clarity, and silence a ShellCheck warning
at the same time.
More info: https://github.com/koalaman/shellcheck/wiki/SC1083
Found by ShellCheck.
(cherry picked from commit c7d7c5acd0c14d0450016887cba1d86483086794)
|
|
|
|
|
|
|
|
|
| |
just create them. Otherwise their date messes up the man page
genenration and triggers a rebuild when on wanted (e.g. when building
form the tar ball)
Resolves: #1729
(cherry picked from commit 89eb448b6c5941921acdc7e8b5e18050900e9f20)
|
|
|
|
| |
(cherry picked from commit 9772abc058ae7183dbfb2356ec0af0a3d610c2c9)
|
| |
|
|
|
|
|
|
|
|
| |
An RPATH or RUNPATH pointing to directories owned by a package in /usr/libexec/*
is a valid case and should be allowed by the check-rpath script.
Related: #1719
(cherry picked from commit 2cfd1a1fde281259daffb1b9dd1f9638d6be803f)
|
|
|
|
|
|
|
|
|
|
|
|
| |
Besides rpm version string length, the file offsets also depend on
at least libmagic version and probably something else I'm missing now,
this is just too fragile to be useful. Use a pre-built package to
avoid delaying 4.17 beta just because of such a dumb thing, figure out
something better later (pre-built is not ideal as inevitably the
pre-built will need to be re-built too and that gets difficult
sometimes)
(cherry picked from commit d71cfc276d6a1196273c7d1e65bffa0eb4c7a01a)
|
|
|
|
|
|
|
|
|
| |
This didn't actually cure the thing it was supposed to, and there are
more factors at play anyhow (libmagic strings and all).
This reverts commit 9db0b6fbc3636c8ac0e455fb15d717af5785e0fe.
(cherry picked from commit 8e2a488c914de99af81bf5076ae0768cba80a3dd)
|
|
|
|
|
|
|
|
|
| |
This requires generating all man pages even those not going to be
installed as their plugin in not going to be built.
As a result building from the tarball should not need pandoc for
generating the man pages.
(cherry picked from commit 3fd35871f300effd6c588884db91005297cb7fb2)
|
|
|
|
|
|
| |
to avoid rebuilding the man pages over and over again
(cherry picked from commit 3080254024ec60c625a0e8652608661d55991bda)
|
|
|
|
|
|
| |
Calculate $lower from the actual match
(cherry picked from commit 5417bffe37a9dfbfd33734f3f46d82adb927463b)
|
|
|
|
|
|
|
| |
by adding -W
Related: #1713
(cherry picked from commit e2b4fdda316a6270935ab792774c4b4264d68630)
|
|
|
|
|
|
|
| |
using RPM_BUILD_NCPUS
Related: #1713
(cherry picked from commit 9b94a9a8f1e41a8a65843652c3e5b7b7580f14e4)
|
|
|
|
|
|
|
|
|
| |
A nice little WTF this one: changing the version string length affects
the manipulated offsets in the built package. The offsets were done with
the development time 4.16.90 version, but with eg 4.17.0-beta1 the
offsets are different and the test fails.
(cherry picked from commit 9db0b6fbc3636c8ac0e455fb15d717af5785e0fe)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently translated at 53.3% (473 of 886 strings)
Translation: rpm/master
Translate-URL: https://translate.fedoraproject.org/projects/rpm/master/tr/
Translated using Weblate (Turkish)
Currently translated at 50.9% (451 of 886 strings)
Translation: rpm/master
Translate-URL: https://translate.fedoraproject.org/projects/rpm/master/tr/
(cherry picked from commit 5f0a1162e6dbf624382eec0b07b82318799dc61e)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently translated at 69.1% (613 of 886 strings)
Translation: rpm/master
Translate-URL: https://translate.fedoraproject.org/projects/rpm/master/fi/
Translated using Weblate (Finnish)
Currently translated at 67.4% (598 of 886 strings)
Translation: rpm/master
Translate-URL: https://translate.fedoraproject.org/projects/rpm/master/fi/
Translated using Weblate (Finnish)
Currently translated at 67.2% (596 of 886 strings)
Translation: rpm/master
Translate-URL: https://translate.fedoraproject.org/projects/rpm/master/fi/
Translated using Weblate (Finnish)
Currently translated at 64.8% (575 of 886 strings)
Translation: rpm/master
Translate-URL: https://translate.fedoraproject.org/projects/rpm/master/fi/
(cherry picked from commit 680087b2cf59d69cbddc9fb3239958557dd18333)
|
|
|
|
|
|
| |
We've only added APIs so no soname bump required.
(cherry picked from commit 4e688653dfe96df94bdb845eed6ca0b920941e0c)
|
|
|
|
|
|
|
| |
The undefined behavior is not an issue on modern GCC, but the new code
is easier to read.
(cherry picked from commit 56917aaffe65978779129a294af7ddc0afc98f55)
|
|
|
|
|
|
| |
instead of recomputing it four places.
(cherry picked from commit 1dc59e028ca4af7af42c9ca84084bff124af1d16)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There's been an increasing interest in the wider community to use
the debuginfo tooling outside rpm context, and deep ELF format
internals are not rpm's core business anyhow, the reasons for it
being here are entirely historical. So without further ado, remove
the debuginfo tooling from rpm and rely on the external debugedit
project from now on.
Update INSTALL to document the new dependency, and add conditionals
to relevant debuginfo build tests. The lower-level debugedit and
sepdebugcrcfix tools are tested in the external project, no need
to duplicate that here.
|
|
|
|
|
| |
Makes it easier to handle varying paths, mainly in preparation for the
next step.
|
|
|
|
|
|
| |
This is mostly for the benefit of fuzzers and other automated tools, and
for compilers other than GCC. On modern versions of GCC with
-fno-strict-overflow, this is harmless.
|
|
|
|
|
|
|
| |
This will be used to replace incorrect checks in the calling code.
The new pgpGet() avoids undefined pointer arithmetic, too. One
call-site of pgpGet() is broken by this change, so replace it with a
direct bounds-check.
|
|
|
|
|
|
| |
According to RFC 4880 § 11.4, a detached signature is “simply a
Signature packet”. Therefore, extra packets following a detached
signature are not allowed.
|
|
|
|
|
|
|
| |
There are cases where "apply 'em all" doesn't cut it, and passing
-m and -M is cumbersome for individual patches. Add support for
applying individual patches by passing their numbers as arguments,
update documentation.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
As we allow dependeny flags like pre, post, ... in the spec syntax we
should not remove them when reading in the tags from a package.
Thanks to Michael Schröder for spotting this.
Resolves: #1703
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bit 7 of the subpacket type is the "critical" bit. If set, it
denotes that the subpacket is one that is critical for the evaluator
of the signature to recognize. If a subpacket is encountered that is
marked critical but is unknown to the evaluating software, the
evaluator SHOULD consider the signature to be in error.
We only implement creation time and issuer keyid, everything else is
unimplemented and should be flagged as an error if critical as per above.
Initial patch by Demi Marie Obenour.
|
|
|
|
|
| |
No functional changes here, but makes easier to flag different errors
in the next commits.
|
|
|
|
|
|
| |
Check that the buffer can actually hold the computed number of bytes.
Initial patch by Demi Marie Obenour.
|
|
|
|
|
|
|
|
|
| |
Two-octet packets are recognized by first octet being in range 192-223,
not 192-255. Partial body lengths, which are not supported, use the
224-254 range. A valid five-octet length requires the first octet to
be 255, this was not checked.
Initial patch by Demi Marie Obenour.
|
|
|
|
| |
No change in behavior
|
|
|
|
| |
so the correct wording should be used in the warning.
|