automatic import of rpm

1 files changed, 35 insertions, 0 deletions

diff --git a/backport-Fix-potential-use-of-uninitialized-pgp-struct.patch b/backport-Fix-potential-use-of-uninitialized-pgp-struct.patch
new file mode 100644
index 0000000..4595196
--- /dev/null
+++ b/backport-Fix-potential-use-of-uninitialized-pgp-struct.patch
@@ -0,0 +1,35 @@
+From 1b90b8c7d176026b669ce28c6e185724a4b208b0 Mon Sep 17 00:00:00 2001
+From: Michal Domonkos <mdomonko@redhat.com>
+Date: Fri, 7 Jun 2024 10:14:25 +0200
+Subject: [PATCH] Fix potential use of uninitialized pgp struct
+
+Conflict:NA
+Reference:https://github.com/rpm-software-management/rpm/commit/1b90b8c7d176026b669ce28c6e185724a4b208b0
+
+We only call initPgpData() after base64 encoding the pubkey so if the
+latter fails, the kd struct will be left uninitialized and subsequently
+read from after skipping to the exit label.  Fix by initializing it.
+
+Found by Coverity.
+
+Fixes: RHEL-22605
+---
+ lib/rpmts.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/lib/rpmts.c b/lib/rpmts.c
+index 3070b97e6..76964c60a 100644
+--- a/lib/rpmts.c
++++ b/lib/rpmts.c
+@@ -508,6 +508,8 @@ static int makePubkeyHeader(rpmts ts, rpmPubkey key, rpmPubkey *subkeys,
+     int rc = -1;
+     int i;
+ 
++    memset(&kd, 0, sizeof(kd));
++
+     if ((enc = rpmPubkeyBase64(key)) == NULL)
+ 	goto exit;
+ 
+-- 
+2.33.0
+