marmarek
commented
2 years ago It fails to build for R4.0's dom0.
Closed DemiMarie closed 2 years ago
marmarek
commented
2 years ago It fails to build for R4.0's dom0.
The header-processing code assumes that tags are in order and unique. This should be enforced by the parser, but the parser failed to do so due to a logic error: the last_tag variable was never updated during the loop, so the tag was always checked to be greater than 99 instead of greater than the previous tag. This can result in a panic when processing an untrusted immutable header. Qubes OS and rpmcanon verify the signature on the main header before processing it, so they are not affected.
This commit also includes a unit test for headers with unsorted tag data entries, and a command-line tool that was vital to creating this test.