Accepting request 719783 from home:Vogtinator:boo1139463

- Add patches to fix crash with some invalid metainfo (boo#1139463): * 0001-Fix-possible-NULL-dereference.patch * 0002-Don-t-ignore-xmlNodeDump-return-code.patch * 0003-Fix-infinite-recursion-if-component-has-itself-liste.patch - Update build requirements - Add %check section OBS-URL: https://build.opensuse.org/request/show/719783 OBS-URL: https://build.opensuse.org/package/show/KDE:Frameworks5/AppStream?expand=0&rev=50
2019-07-30 08:48:39 +00:00 · 2019-07-30 08:48:39 +00:00 · 58c1118431
commit 58c1118431
parent e6f2b0f97f
5 changed files with 161 additions and 10 deletions
--- a/0001-Fix-possible-NULL-dereference.patch
+++ b/0001-Fix-possible-NULL-dereference.patch
@ -0,0 +1,29 @@
+From 9dbdb8257e95a1f657dc043028a354ac17091875 Mon Sep 17 00:00:00 2001
+From: Matthias Klumpp <matthias@tenstral.net>
+Date: Sat, 13 Jul 2019 16:03:47 +0200
+Subject: [PATCH 1/3] Fix possible NULL dereference
+
+An error check was missing here. Thanks Coverity for pointing this out!
+---
+ src/as-cache.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/src/as-cache.c b/src/as-cache.c
+index 41f78a8b..50b42193 100644
+--- a/src/as-cache.c
+++ b/src/as-cache.c
+@@ -1589,6 +1589,11 @@ as_cache_register_addons_for_component (AsCache *cache, MDB_txn *txn, AsComponen
+ 		return TRUE;
+ 
+ 	addons = as_cache_components_by_hash_list (cache, txn, dval.mv_data, dval.mv_size, &tmp_error);
+	if (addons == NULL) {
+		g_propagate_error (error, tmp_error);
+		return FALSE;
+	}
+
+ 	for (guint i = 0; i < addons->len; i++)
+ 		as_component_add_addon (cpt, AS_COMPONENT (g_ptr_array_index (addons, i)));
+ 
+-- 
+2.22.0
+
--- a/0002-Don-t-ignore-xmlNodeDump-return-code.patch
+++ b/0002-Don-t-ignore-xmlNodeDump-return-code.patch
@ -0,0 +1,44 @@
+From 993ea2bc6917327f3f4de421cd8f9594f550ff98 Mon Sep 17 00:00:00 2001
+From: Matthias Klumpp <matthias@tenstral.net>
+Date: Tue, 30 Jul 2019 02:14:53 +0200
+Subject: [PATCH 2/3] Don't ignore xmlNodeDump return code
+
+This should not fail, ever, unless we run out of memory. But since I was
+looking at that code, having a sanity check here is better in case this
+does become more relevant in future (and simply because not checking it
+was not good prectice).
+---
+ src/as-xml.c | 13 ++++++++++---
+ 1 file changed, 10 insertions(+), 3 deletions(-)
+
+diff --git a/src/as-xml.c b/src/as-xml.c
+index 2ba64743..bfa90e72 100644
+--- a/src/as-xml.c
+++ b/src/as-xml.c
+@@ -94,13 +94,20 @@ as_xml_dump_node_children (xmlNode *node)
+ 
+ 	str = g_string_new ("");
+ 	for (iter = node->children; iter != NULL; iter = iter->next) {
+		gint r;
+
+ 		/* discard spaces */
+ 		if (iter->type != XML_ELEMENT_NODE) {
+-					continue;
+			continue;
+ 		}
+ 
+-		nodeBuf = xmlBufferCreate();
+-		xmlNodeDump (nodeBuf, NULL, iter, 0, 1);
+		nodeBuf = xmlBufferCreate ();
+		r = xmlNodeDump (nodeBuf, NULL, iter, 0, 1);
+		if (r < 0) {
+			xmlBufferFree (nodeBuf);
+			g_warning ("xmlNodeDump failed (%i) while serializing node children.", r);
+			continue;
+		}
+ 		if (str->len > 0)
+ 			g_string_append (str, "\n");
+ 		g_string_append_printf (str, "%s", (const gchar*) nodeBuf->content);
+-- 
+2.22.0
+
--- a/0003-Fix-infinite-recursion-if-component-has-itself-liste.patch
+++ b/0003-Fix-infinite-recursion-if-component-has-itself-liste.patch
@ -0,0 +1,72 @@
+From 823d7065ffcaec57bdbef479dce49ae97ff08640 Mon Sep 17 00:00:00 2001
+From: Matthias Klumpp <matthias@tenstral.net>
+Date: Tue, 30 Jul 2019 02:38:47 +0200
+Subject: [PATCH 3/3] Fix infinite recursion if component has itself listed as
+ an addon
+
+This particular case of a component being an addon to itself is
+nonsense, but people may make that mistake and we shouldn't crash in
+that case.
+With this patch the cache will be resilient against such cases and
+simply ignore components depending on themselves.
+We could still get nasty dependency loops though, with A depending on B
+depending on A. This is a bit more complicated to resolve and will be
+fixed in a future commit.
+Resolves: #243
+---
+ src/as-cache.c | 31 +++++++++++++++++++++++--------
+ 1 file changed, 23 insertions(+), 8 deletions(-)
+
+diff --git a/src/as-cache.c b/src/as-cache.c
+index 50b42193..3afabda7 100644
+--- a/src/as-cache.c
+++ b/src/as-cache.c
+@@ -1573,7 +1573,7 @@ as_cache_register_addons_for_component (AsCache *cache, MDB_txn *txn, AsComponen
+ {
+ 	AsCachePrivate *priv = GET_PRIVATE (cache);
+ 	MDB_val dval;
+-	g_autoptr(GPtrArray) addons = NULL;
+	g_autofree guint8 *cpt_checksum = NULL;
+ 	GError *tmp_error = NULL;
+ 
+ 	dval = as_cache_txn_get_value (cache,
+@@ -1588,14 +1588,29 @@ as_cache_register_addons_for_component (AsCache *cache, MDB_txn *txn, AsComponen
+ 	if (dval.mv_size == 0)
+ 		return TRUE;
+ 
+-	addons = as_cache_components_by_hash_list (cache, txn, dval.mv_data, dval.mv_size, &tmp_error);
+-	if (addons == NULL) {
+-		g_propagate_error (error, tmp_error);
+-		return FALSE;
+-	}
+	/* retrieve cache checksum of this component */
+	as_generate_cache_checksum (as_component_get_data_id (cpt),
+				    -1,
+				    &cpt_checksum,
+				    NULL);
+
+	g_assert_cmpint (dval.mv_size % AS_CACHE_CHECKSUM_LEN, ==, 0);
+	for (gsize i = 0; i < dval.mv_size; i += AS_CACHE_CHECKSUM_LEN) {
+		const guint8 *chash = dval.mv_data + i;
+		AsComponent *addon;
+
+		/* ignore addon that extends itself to prevent infinite recursion */
+		if (memcmp (chash, cpt_checksum, AS_CACHE_CHECKSUM_LEN) == 0)
+			continue;
+ 
+-	for (guint i = 0; i < addons->len; i++)
+-		as_component_add_addon (cpt, AS_COMPONENT (g_ptr_array_index (addons, i)));
+		addon = as_cache_component_by_hash (cache, txn, chash, &tmp_error);
+		if (tmp_error != NULL) {
+			g_propagate_prefixed_error (error, tmp_error, "Failed to retrieve addon component data: ");
+			return FALSE;
+		}
+		if (addon != NULL)
+			as_component_add_addon (cpt, addon);
+	}
+ 
+ 	return TRUE;
+ }
+-- 
+2.22.0
+
--- a/AppStream.changes
+++ b/AppStream.changes
@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Tue Jul 30 07:56:11 UTC 2019 - Fabian Vogt <fabian@ritter-vogt.de>
+
+- Add patches to fix crash with some invalid metainfo (boo#1139463):
+  * 0001-Fix-possible-NULL-dereference.patch
+  * 0002-Don-t-ignore-xmlNodeDump-return-code.patch
+  * 0003-Fix-infinite-recursion-if-component-has-itself-liste.patch
+- Update build requirements
+- Add %check section
+
 -------------------------------------------------------------------
 Mon Jul 29 18:52:40 UTC 2019 - Fabian Vogt <fabian@ritter-vogt.de>

--- a/AppStream.spec
+++ b/AppStream.spec
@ -30,11 +30,13 @@ Source1:        http://www.freedesktop.org/software/appstream/releases/%{name}-%
 Source2:        %{name}.keyring
 # PATCH-FIX-UPSTREAM
 Patch1:         0001-Restore-compatibility-with-GLib-2.58.patch
+Patch2:         0001-Fix-possible-NULL-dereference.patch
+Patch3:         0002-Don-t-ignore-xmlNodeDump-return-code.patch
+Patch4:         0003-Fix-infinite-recursion-if-component-has-itself-liste.patch
 # PATCH-FIX-UPSTREAM (https://github.com/ximion/appstream/issues/239)
 Patch1000:      find-lmdb.patch
 BuildRequires:  gettext
 BuildRequires:  gperf
-BuildRequires:  intltool
 BuildRequires:  itstool
 BuildRequires:  lmdb-devel
 BuildRequires:  meson >= 0.42
@ -46,10 +48,7 @@ BuildRequires:  pkgconfig(gio-2.0)
 BuildRequires:  pkgconfig(glib-2.0) >= 2.46
 BuildRequires:  pkgconfig(gobject-introspection-1.0)
 BuildRequires:  pkgconfig(libxml-2.0)
-BuildRequires:  pkgconfig(packagekit-glib2)
-BuildRequires:  pkgconfig(protobuf)
 BuildRequires:  pkgconfig(vapigen)
-BuildRequires:  pkgconfig(xapian-core)
 BuildRequires:  pkgconfig(yaml-0.1)
 Recommends:     curl

@ -121,12 +120,6 @@ GObject introspection bindings for interfaces provided by AppStream.
 %autosetup -p1

 %build
-%if "%{?_lib}" == "lib64"
-SUFFIX="64"
-%else
-SUFFIX=""
-%endif
-
 %meson -Dqt=true \
       -Dvapi=true \
       -Ddocs=false \
@ -137,6 +130,9 @@ SUFFIX=""
 %install
 %meson_install

+%check
+%meson_test
+
 %find_lang appstream %{name}.lang

 %post