!7 fix return value bug when parsing wrong formed metalink file
From: @hubin95 Reviewed-by: @xiezhipeng1 Signed-off-by: @xiezhipeng1
This commit is contained in:
openeuler-ci-bot
Gitee
commit
024641b8c5
@ -1,21 +0,0 @@
|
||||
diff -urp libmetalink-0.1.3.orig/lib/metalink_pstate.c libmetalink-0.1.3/lib/metalink_pstate.c
|
||||
--- libmetalink-0.1.3.orig/lib/metalink_pstate.c 2012-08-12 04:43:53.000000000 -0400
|
||||
+++ libmetalink-0.1.3/lib/metalink_pstate.c 2020-07-22 17:03:21.205852103 -0400
|
||||
@@ -100,7 +100,7 @@ void initial_state_start_fun(metalink_ps
|
||||
const char** attrs)
|
||||
{
|
||||
if(strcmp("metalink", name) == 0) {
|
||||
- if (strcmp(METALINK_V3_NS_URI, ns_uri) == 0) {
|
||||
+ if (ns_uri && strcmp(METALINK_V3_NS_URI, ns_uri) == 0) {
|
||||
const char* type;
|
||||
const char* origin;
|
||||
metalink_pctrl_set_version(stm->ctrl, METALINK_VERSION_3);
|
||||
@@ -116,7 +116,7 @@ void initial_state_start_fun(metalink_ps
|
||||
|
||||
metalink_pstm_enter_metalink_state(stm);
|
||||
}
|
||||
- else if (strcmp(METALINK_V4_NS_URI, ns_uri) == 0) {
|
||||
+ else if (ns_uri && strcmp(METALINK_V4_NS_URI, ns_uri) == 0) {
|
||||
metalink_pctrl_set_version(stm->ctrl, METALINK_VERSION_4);
|
||||
metalink_pstm_enter_metalink_state_v4(stm);
|
||||
} else {
|
||||
35
0004-fix-NULL-ptr-deref-in-initial_state_start_fun.patch
Normal file
35
0004-fix-NULL-ptr-deref-in-initial_state_start_fun.patch
Normal file
@ -0,0 +1,35 @@
|
||||
From 5d419fa4d4144c63a2b8458ab1871167a44bf490 Mon Sep 17 00:00:00 2001
|
||||
From: Bin Hu <hubin73@huawei.com>
|
||||
Date: Sat, 26 Mar 2022 14:19:50 +0800
|
||||
Subject: [PATCH 4/6] fix NULL pointer dereference in initial_state_start_fun
|
||||
|
||||
Signed-off-by: Bin Hu <hubin73@huawei.com>
|
||||
---
|
||||
lib/metalink_pstate.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/lib/metalink_pstate.c b/lib/metalink_pstate.c
|
||||
index 0a32461..3078338 100644
|
||||
--- a/lib/metalink_pstate.c
|
||||
+++ b/lib/metalink_pstate.c
|
||||
@@ -100,7 +100,7 @@ void initial_state_start_fun(metalink_pstm_t* stm,
|
||||
const char** attrs)
|
||||
{
|
||||
if(strcmp("metalink", name) == 0) {
|
||||
- if (strcmp(METALINK_V3_NS_URI, ns_uri) == 0) {
|
||||
+ if (ns_uri && strcmp(METALINK_V3_NS_URI, ns_uri) == 0) {
|
||||
const char* type;
|
||||
const char* origin;
|
||||
metalink_pctrl_set_version(stm->ctrl, METALINK_VERSION_3);
|
||||
@@ -116,7 +116,7 @@ void initial_state_start_fun(metalink_pstm_t* stm,
|
||||
|
||||
metalink_pstm_enter_metalink_state(stm);
|
||||
}
|
||||
- else if (strcmp(METALINK_V4_NS_URI, ns_uri) == 0) {
|
||||
+ else if (ns_uri && strcmp(METALINK_V4_NS_URI, ns_uri) == 0) {
|
||||
metalink_pctrl_set_version(stm->ctrl, METALINK_VERSION_4);
|
||||
metalink_pstm_enter_metalink_state_v4(stm);
|
||||
} else {
|
||||
--
|
||||
2.28.0.windows.1
|
||||
|
||||
@ -0,0 +1,37 @@
|
||||
From 868a2b79547a879d00ae9a0c2a6c46a2b6184226 Mon Sep 17 00:00:00 2001
|
||||
From: Bin Hu <hubin73@huawei.com>
|
||||
Date: Sat, 26 Mar 2022 14:27:22 +0800
|
||||
Subject: [PATCH 5/6] fix return value of parsing wrong formed metalink file
|
||||
|
||||
Signed-off-by: Bin Hu <hubin73@huawei.com>
|
||||
---
|
||||
lib/libexpat_metalink_parser.c | 6 +++++-
|
||||
1 file changed, 5 insertions(+), 1 deletions(-)
|
||||
|
||||
diff --git a/lib/libexpat_metalink_parser.c b/lib/libexpat_metalink_parser.c
|
||||
index 79b091c..11a8eee 100644
|
||||
--- a/lib/libexpat_metalink_parser.c
|
||||
+++ b/lib/libexpat_metalink_parser.c
|
||||
@@ -149,6 +149,7 @@ metalink_parse_fp(FILE* docfp, metalink_t** res)
|
||||
metalink_error_t r = 0,
|
||||
retval;
|
||||
XML_Parser parser;
|
||||
+ int isFinal = 0;
|
||||
|
||||
session_data = metalink_session_data_new();
|
||||
|
||||
@@ -172,7 +173,10 @@ metalink_parse_fp(FILE* docfp, metalink_t** res)
|
||||
assert(0);
|
||||
}
|
||||
}
|
||||
- if(!XML_ParseBuffer(parser, num_read, 0)) {
|
||||
+ if(feof(docfp)) {
|
||||
+ isFinal = 1;
|
||||
+ }
|
||||
+ if(!XML_ParseBuffer(parser, num_read, isFinal)) {
|
||||
r = METALINK_ERR_PARSER_ERROR;
|
||||
break;
|
||||
}
|
||||
--
|
||||
2.28.0.windows.1
|
||||
|
||||
@ -0,0 +1,59 @@
|
||||
From b1135f7e81ddb1889399800037891cf0df58f443 Mon Sep 17 00:00:00 2001
|
||||
From: Bin Hu <hubin73@huawei.com>
|
||||
Date: Sat, 26 Mar 2022 14:38:52 +0800
|
||||
Subject: [PATCH 6/6] return error code when metalink file misses required file
|
||||
attributes
|
||||
|
||||
Signed-off-by: Bin Hu <hubin73@huawei.com>
|
||||
---
|
||||
lib/metalink_pstate.c | 2 +-
|
||||
lib/metalink_pstate_v3.c | 4 ++++
|
||||
lib/metalink_pstate_v4.c | 4 ++++
|
||||
3 files changed, 9 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/lib/metalink_pstate.c b/lib/metalink_pstate.c
|
||||
index 3078338..49f48ba 100644
|
||||
--- a/lib/metalink_pstate.c
|
||||
+++ b/lib/metalink_pstate.c
|
||||
@@ -121,7 +121,7 @@ void initial_state_start_fun(metalink_pstm_t* stm,
|
||||
metalink_pstm_enter_metalink_state_v4(stm);
|
||||
} else {
|
||||
metalink_pctrl_set_version(stm->ctrl, METALINK_VERSION_UNKNOWN);
|
||||
- metalink_pstm_enter_skip_state(stm);
|
||||
+ error_handler(stm, METALINK_ERR_NAMESPACE_ERROR);
|
||||
}
|
||||
} else {
|
||||
metalink_pstm_enter_skip_state(stm);
|
||||
diff --git a/lib/metalink_pstate_v3.c b/lib/metalink_pstate_v3.c
|
||||
index 7a3c25a..129a54d 100644
|
||||
--- a/lib/metalink_pstate_v3.c
|
||||
+++ b/lib/metalink_pstate_v3.c
|
||||
@@ -53,6 +53,10 @@ void metalink_state_end_fun_v3(metalink_pstm_t* stm,
|
||||
const char* name, const char* ns_uri,
|
||||
const char* characters)
|
||||
{
|
||||
+ if(!stm->ctrl->metalink->files || !(*stm->ctrl->metalink->files)) {
|
||||
+ error_handler(stm, METALINK_ERR_MISSING_REQUIRED_ATTR);
|
||||
+ return;
|
||||
+ }
|
||||
metalink_pstm_enter_fin_state(stm);
|
||||
}
|
||||
|
||||
diff --git a/lib/metalink_pstate_v4.c b/lib/metalink_pstate_v4.c
|
||||
index f096d97..36d8a09 100644
|
||||
--- a/lib/metalink_pstate_v4.c
|
||||
+++ b/lib/metalink_pstate_v4.c
|
||||
@@ -163,6 +163,10 @@ void metalink_state_end_fun_v4(metalink_pstm_t* stm,
|
||||
error_handler(stm, r);
|
||||
return;
|
||||
}
|
||||
+ if(!stm->ctrl->metalink->files || !(*stm->ctrl->metalink->files)) {
|
||||
+ error_handler(stm, METALINK_ERR_MISSING_REQUIRED_ATTR);
|
||||
+ return;
|
||||
+ }
|
||||
metalink_pstm_enter_fin_state(stm);
|
||||
}
|
||||
|
||||
--
|
||||
2.28.0.windows.1
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
Name: libmetalink
|
||||
Version: 0.1.3
|
||||
Release: 11
|
||||
Release: 12
|
||||
Summary: Metalink library written in C
|
||||
License: MIT
|
||||
URL: https://launchpad.net/libmetalink
|
||||
@ -11,7 +11,9 @@ BuildRequires: gcc expat-devel libxml2-devel CUnit-devel autoconf automake libto
|
||||
Patch001:0001-fix-warning-_BSD_SOURCE-and-_SVID_SOURCE-are-depreca.patch
|
||||
Patch002:0002-add-libmetalink-testcases-for-api-and-error-handling.patch
|
||||
Patch003:0003-backport-fix-covscan-issues.patch
|
||||
Patch004:0004-backport-fix-NULL-ptr-deref-in-initial_state_start_fun.patch
|
||||
Patch004:0004-fix-NULL-ptr-deref-in-initial_state_start_fun.patch
|
||||
Patch005:0005-fix-return-value-of-parsing-wrong-formed-metalink-fi.patch
|
||||
Patch006:0006-return-error-code-when-metalink-file-misses-required.patch
|
||||
|
||||
%description
|
||||
libmetalink is a Metalink library written in C language. It is intended to
|
||||
@ -66,7 +68,13 @@ make check
|
||||
%{_mandir}/man3/*
|
||||
|
||||
%changelog
|
||||
* Fri Mar 23 2022 Hu Bin <hubin73@huawei.com> - 0.1.3-11
|
||||
* Sat Mar 26 2022 Hu Bin <hubin73@huawei.com> - 0.1.3-12
|
||||
- Type:bugfix
|
||||
- ID:NA
|
||||
- SUG:NA
|
||||
- DESC:fix return value bug when parsing wrong formed metalink file
|
||||
|
||||
* Wed Mar 23 2022 Hu Bin <hubin73@huawei.com> - 0.1.3-11
|
||||
- Type:bugfix
|
||||
- ID:NA
|
||||
- SUG:NA
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user