From a57fd6ea589e4dc77be39d5f10cf70c004a76dbd Mon Sep 17 00:00:00 2001
From: hugel <2712504175@qq.com>
Date: Tue, 3 Sep 2024 09:13:35 +0800
Subject: [PATCH] Backport some patches from upstream

(cherry picked from commit 98e23cf086aae61f875bce4d105746a670279c0e)
---
 ...ion-by-zero-in-elfdeps-RhBug-2299414.patch | 30 +++++++
 ...et-recursion-depth-for-error-message.patch | 81 +++++++++++++++++++
 rpm.spec                                      |  7 +-
 3 files changed, 117 insertions(+), 1 deletion(-)
 create mode 100644 backport-Fix-division-by-zero-in-elfdeps-RhBug-2299414.patch
 create mode 100644 backport-Reset-recursion-depth-for-error-message.patch

diff --git a/backport-Fix-division-by-zero-in-elfdeps-RhBug-2299414.patch b/backport-Fix-division-by-zero-in-elfdeps-RhBug-2299414.patch
new file mode 100644
index 0000000..48b114e
--- /dev/null
+++ b/backport-Fix-division-by-zero-in-elfdeps-RhBug-2299414.patch
@@ -0,0 +1,30 @@
+From 02ffc5158d1ad270e0b5c7ce6dfe4414a6ec029f Mon Sep 17 00:00:00 2001
+From: Michal Domonkos <mdomonko@redhat.com>
+Date: Wed, 31 Jul 2024 16:19:40 +0200
+Subject: [PATCH] Fix division by zero in elfdeps (RhBug:2299414)
+
+Conflict:NA
+Reference:https://github.com/rpm-software-management/rpm/commit/02ffc5158d1ad270e0b5c7ce6dfe4414a6ec029f
+
+Assume that the section does not hold a table if sh_entsize is 0 (as
+specified in the elf(5) man page) and just skip it if that's the case.
+---
+ tools/elfdeps.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/tools/elfdeps.c b/tools/elfdeps.c
+index cb388f08d..822359ab9 100644
+--- a/tools/elfdeps.c
++++ b/tools/elfdeps.c
+@@ -196,6 +196,8 @@ static void processVerNeed(Elf_Scn *scn, GElf_Shdr *shdr, elfInfo *ei)
+ static void processDynamic(Elf_Scn *scn, GElf_Shdr *shdr, elfInfo *ei)
+ {
+     Elf_Data *data = NULL;
++    if (shdr->sh_entsize == 0)
++	return;
+     while ((data = elf_getdata(scn, data)) != NULL) {
+ 	for (int i = 0; i < (shdr->sh_size / shdr->sh_entsize); i++) {
+ 	    const char *s = NULL;
+-- 
+2.33.0
+
diff --git a/backport-Reset-recursion-depth-for-error-message.patch b/backport-Reset-recursion-depth-for-error-message.patch
new file mode 100644
index 0000000..4b5baee
--- /dev/null
+++ b/backport-Reset-recursion-depth-for-error-message.patch
@@ -0,0 +1,81 @@
+From ef87d2503498f65577b5d7af07cd453d622fe02c Mon Sep 17 00:00:00 2001
+From: Florian Festi <ffesti@redhat.com>
+Date: Thu, 18 Jul 2024 13:04:28 +0200
+Subject: [PATCH] Reset recursion depth for error message
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Conflict:adapt context
+Reference:https://github.com/rpm-software-management/rpm/commit/ef87d2503498f65577b5d7af07cd453d622fe02c
+
+$ rpm --define 'aaa %[%aaa]' --eval '%aaa'
+
+let to a core dump due to a stack overflow. This was cause by the
+generation of the error message failing due to being too deep in the
+recursion of the macro expansion - creating more error messages.
+
+Resetting the depth counter allows rendering the error message. As we are
+failing and breaking off the parse run this is fine to do.
+
+Thanks to Miro Hrončok for reporting
+
+Resolves: #3197
+---
+ rpmio/macro.c     |  4 +++-
+ tests/rpmmacro.at | 22 ++++++++++++++++++++++
+ 2 files changed, 25 insertions(+), 1 deletion(-)
+
+diff --git a/rpmio/macro.c b/rpmio/macro.c
+index b2fb1326d..3f34f718e 100644
+--- a/rpmio/macro.c
++++ b/rpmio/macro.c
+@@ -447,9 +447,11 @@ static int mbInit(rpmMacroBuf mb, MacroExpansionData *med, size_t slen)
+     if (mb->buf == NULL)
+ 	mbAllocBuf(mb, slen);
+     if (++mb->depth > max_macro_depth) {
++	mb->depth--;
++	/* ensure error message can be rendered */
++	mb->mc->depth = 0;
+ 	mbErr(mb, 1,
+ 		_("Too many levels of recursion in macro expansion. It is likely caused by recursive macro declaration.\n"));
+-	mb->depth--;
+ 	return -1;
+     }
+     med->tpos = mb->tpos; /* save expansion pointer for printExpand */
+diff --git a/tests/rpmmacro.at b/tests/rpmmacro.at
+index 372cfa3ed..3adf48b61 100644
+--- a/tests/rpmmacro.at
++++ b/tests/rpmmacro.at
+@@ -133,6 +133,28 @@ runroot rpm --define "this that" --define "that_that foo" --eval '%{expand:%{%{t
+ ])
+ RPMTEST_CLEANUP
+ 
++AT_SETUP([recursive macro])
++AT_KEYWORDS([macros])
++RPMTEST_CHECK([
++runroot rpm --define 'aaa %aaa' --eval '%aaa'
++],
++[1],
++[],
++[error: Too many levels of recursion in macro expansion. It is likely caused by recursive macro declaration.
++])
++RPMTEST_CLEANUP
++
++AT_SETUP([recursive expression])
++AT_KEYWORDS([macros])
++RPMTEST_CHECK([
++runroot rpm --define 'aaa %\\[%aaa\\]' --eval '%aaa'
++],
++[1],
++[],
++[error: Too many levels of recursion in macro expansion. It is likely caused by recursive macro declaration.
++])
++RPMTEST_CLEANUP
++
+ AT_SETUP([parametrized macro 1])
+ AT_KEYWORDS([macros])
+ RPMTEST_CHECK([
+-- 
+2.33.0
+
diff --git a/rpm.spec b/rpm.spec
index 9442335..725a4de 100644
--- a/rpm.spec
+++ b/rpm.spec
@@ -1,6 +1,6 @@
 Name:          rpm
 Version:       4.18.2
-Release:       12
+Release:       13
 Summary:       RPM Package Manager
 License:       GPLv2+
 URL:           http://www.rpm.org/
@@ -39,6 +39,8 @@ Patch6017: backport-Fix-potential-use-of-uninitialized-pipe-array.patch
 Patch6018: backport-Fix-potential-use-of-uninitialized-pgp-struct.patch
 Patch6019: backport-Use-unsigned-integers-more-consistently-in-the-handl.patch
 Patch6020: backport-Use-proper-type-for-copyTagsFromMainDebug.patch
+Patch6021: backport-Reset-recursion-depth-for-error-message.patch
+Patch6022: backport-Fix-division-by-zero-in-elfdeps-RhBug-2299414.patch
 
 Patch9000: Add-digest-list-plugin.patch
 Patch9001: Add-IMA-digest-list-support.patch
@@ -337,6 +339,9 @@ make clean
 %exclude %{_mandir}/man8/rpmspec.8.gz
 
 %changelog
+* Tue Sep 3 2024 gengqihu<gengqihu2@h-partners.com> - 4.18.2-13
+- Backport some patches from upstream
+
 * Thu Aug 22 2024 luhuaxin <luhuaxin1@huawei.com> - 4.18.2-12
 - Fix the calculation of hdr size