Re: [Rpm-maint] [rpm-software-management/rpm] Forbid tag data with count zero (#1496)
@DemiMarie pushed 1 commit. 678a8986de95b945c70508054d844d11b41f1bd8 Tag data must have count greater than zero -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/rpm-software-management/rpm/pull/1496/files/a136f9d70f207c7b75e47a05f0f2aabe612c874e..678a8986de95b945c70508054d844d11b41f1bd8 ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Check that count and data length are reasonable (#1492)
@DemiMarie pushed 1 commit. 3ce3e85d61caae81d94afcff6afa5046bc2d5f65 Use int64_t for lengths -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/rpm-software-management/rpm/pull/1492/files/8f0c8600f1bc25dd9b724ee4d4086fc0bf91827c..3ce3e85d61caae81d94afcff6afa5046bc2d5f65 ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Forbid headers with only a region (#1495)
What about checking that a header/region is non-empty if (and only if) the `regionTag` passed to `hdrblobVerifyRegion` is non-zero? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1495#issuecomment-763203471___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Forbid tag data with count zero (#1496)
Good point! -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1496#issuecomment-763202339___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Forbid tag data with count zero (#1496)
@DemiMarie pushed 1 commit. a136f9d70f207c7b75e47a05f0f2aabe612c874e Tag data must have count greater than zero -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/rpm-software-management/rpm/pull/1496/files/282ff55d448f85cfdbd94348badea14cd8cac9bb..a136f9d70f207c7b75e47a05f0f2aabe612c874e ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Built-in %{S:...} and %{P:...} macro stupidity in 4.16 (#1206)
This also breaks rpm for spec files with scripts that might try to use date formatting -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1206#issuecomment-763125245___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Check that count and data length are reasonable (#1492)
"int" is (at least) 32 bits on all platforms rpm supports, that's not an issue. The rough idea is that explicitly sized types are used for "physical" data of that size, and abstract types for abstractions, such as results of calculation. In fact this (and various other similar places) would probably be better off using a 64bit type so it's not possible to overflow it with the data we're dealing with. Overflow checks all over the place hurt readability, it's better to eliminate the problem entirely if at all possible. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1492#issuecomment-762810239___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Translations update from Weblate (#1432)
Merged #1432 into master. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1432#event-4222151859___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Document dependency qualifiers (#1089)
Closed #1089 via #1508. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1089#event-4221981517___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Document dependency qualifiers (#1089) (#1508)
Merged #1508 into master. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1508#event-4221981506___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Document dependency qualifiers (#1089) (#1508)
Clarified the erasure behavior, documented it for pretrans and posttrans too, plus some formatting added. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1508#issuecomment-762756555___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Document dependency qualifiers (#1089) (#1508)
@pmatilai pushed 1 commit. b8ac6a43dc78d47fc52770d2cfe920189ff888f7 Document dependency qualifiers (#1089) -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/rpm-software-management/rpm/pull/1508/files/7864289532949e4e426245b831803ae8d6aaa7ae..b8ac6a43dc78d47fc52770d2cfe920189ff888f7 ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Document dependency qualifiers (#1089) (#1508)
@pmatilai pushed 1 commit. 7864289532949e4e426245b831803ae8d6aaa7ae Document dependency qualifiers (#1089) -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/rpm-software-management/rpm/pull/1508/files/72b7d32e6a3e317b089a31b66f9e4100b49bd61a..7864289532949e4e426245b831803ae8d6aaa7ae ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Forbid headers with only a region (#1495)
Oh, right, I'd forgotten about that. That existing check is wrong in it's current habitat, it got moved around in the last big refactoring. A header is fundamentally nothing but an abstract data container, and being empty is an entirely valid condition for it to be in. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1495#issuecomment-762731650___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Verify that data does not overlap region trailer (#1498)
Merged #1498 into master. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1498#event-4221638147___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Verify that data does not overlap region trailer (#1498)
Thanks for the patch! -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1498#issuecomment-762728268___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Document dependency qualifiers (#1089) (#1508)
%preun and %postun qualifiers also prevent removal, as does %verify, and maybe something else too. We should actually make meta combined with any order-relevant qualifier an error... -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1508#issuecomment-762726058___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Forbid tag data with count zero (#1496)
Header entry count is an unsigned integer, there cannot be any negative entries. There's a reason I told you to only check against zero and nothing else ;) -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1496#issuecomment-762712935___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] rpm2archive: Better error handling and better handling for URLs (#1510)
Merged #1510 into master. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1510#event-4221483889___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] rpm2archive segfaults if URL is given (#1091)
Closed #1091 via #1510. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1091#event-4221483899___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] rpm2archive: Better error handling and better handling for URLs (#1510)
@pmatilai approved this pull request. I would've initialized the "output" variable to NULL on declaration but it's not an actual issue in the code (it always gets initialized anyway), just a belt-and-suspenders thing. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1510#pullrequestreview-571038809___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Fix out of bounds read when parsing the xz thread number (#1509)
/me notes that we have the same exact bug in the xz code (this is on zstd, not xz as the commit says) #1478 and sighs. We have three places that do this kind of parsing, we should only have one. Any takers? :innocent: -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1509#issuecomment-762706389___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Document dependency qualifiers (#1089) (#1508)
Looks good over all. May be there should be a more explicit emphasis that no qualifier (other than `meta`) is the "strongest" dependency as it does not allow the package to be removed. The only way to combine this with other qualifiers is to have two separate dependency statements. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1508#issuecomment-762706033___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Fix out of bounds read when parsing the xz thread number (#1509)
Nice catch! -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1509#issuecomment-762702723___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Fix out of bounds read when parsing the xz thread number (#1509)
Merged #1509 into master. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1509#event-4221436905___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Dynamic Spec generation (#1485)
@ffesti pushed 3 commits. b7b472b3e4ff284e260a581749c6fb30f24f38cc Parse spec snippets before running %check 3e4d486e415f603b2403eae7faa8a5325eedf39e Use __rpmbuild_*.specpart in BUILDDIR instead of __rpm sub dir ce3c6e97be69c6febcd3fd2f6424099eb8e7bdd2 Add support for --generate-subpackages to find_lang.sh -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/rpm-software-management/rpm/pull/1485/files/89402a09e08d19c93cbd800e7ba53814f0c90aac..ce3c6e97be69c6febcd3fd2f6424099eb8e7bdd2 ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
