diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2010-05-26 14:08:36 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2010-05-26 14:17:36 +0000 |
commit | 049665fd6611b487a6430d3d5bcf75e0864e2a8c (patch) | |
tree | 5970baa0105542401be4b68a3088bf6c2bfa902a | |
parent | ed22a255ac22d056bade9e7b3da6333dcc0d5c2d (diff) | |
download | alpine_aports-049665fd6611b487a6430d3d5bcf75e0864e2a8c.tar.bz2 alpine_aports-049665fd6611b487a6430d3d5bcf75e0864e2a8c.tar.xz alpine_aports-049665fd6611b487a6430d3d5bcf75e0864e2a8c.zip |
main/apk-tools: fix fd leak
-rw-r--r-- | main/apk-tools/0001-package-don-t-leak-signing-key-file-fd.patch | 27 | ||||
-rw-r--r-- | main/apk-tools/APKBUILD | 6 |
2 files changed, 31 insertions, 2 deletions
diff --git a/main/apk-tools/0001-package-don-t-leak-signing-key-file-fd.patch b/main/apk-tools/0001-package-don-t-leak-signing-key-file-fd.patch new file mode 100644 index 0000000000..6ff88a312c --- /dev/null +++ b/main/apk-tools/0001-package-don-t-leak-signing-key-file-fd.patch | |||
@@ -0,0 +1,27 @@ | |||
1 | From fe55da70741621f7bac2cd943b64cc13e25f9427 Mon Sep 17 00:00:00 2001 | ||
2 | From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> | ||
3 | Date: Wed, 26 May 2010 14:30:08 +0300 | ||
4 | Subject: [PATCH] package: don't leak signing key file fd | ||
5 | |||
6 | openssl BIO does not close the fd unless we explicitly tell it to | ||
7 | do so. | ||
8 | --- | ||
9 | src/package.c | 2 +- | ||
10 | 1 files changed, 1 insertions(+), 1 deletions(-) | ||
11 | |||
12 | diff --git a/src/package.c b/src/package.c | ||
13 | index b265468..b97c412 100644 | ||
14 | --- a/src/package.c | ||
15 | +++ b/src/package.c | ||
16 | @@ -441,7 +441,7 @@ int apk_sign_ctx_process_file(struct apk_sign_ctx *ctx, | ||
17 | if (fd < 0) | ||
18 | return 0; | ||
19 | |||
20 | - bio = BIO_new_fp(fdopen(fd, "r"), 0); | ||
21 | + bio = BIO_new_fp(fdopen(fd, "r"), BIO_CLOSE); | ||
22 | ctx->signature.pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL); | ||
23 | if (ctx->signature.pkey != NULL) { | ||
24 | if (fi->name[6] == 'R') | ||
25 | -- | ||
26 | 1.7.1 | ||
27 | |||
diff --git a/main/apk-tools/APKBUILD b/main/apk-tools/APKBUILD index 65b299d94f..836494d51e 100644 --- a/main/apk-tools/APKBUILD +++ b/main/apk-tools/APKBUILD | |||
@@ -1,13 +1,14 @@ | |||
1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> | 1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> |
2 | pkgname=apk-tools | 2 | pkgname=apk-tools |
3 | pkgver=2.0.2 | 3 | pkgver=2.0.2 |
4 | pkgrel=1 | 4 | pkgrel=2 |
5 | pkgdesc="Alpine Package Keeper - package manager for alpine" | 5 | pkgdesc="Alpine Package Keeper - package manager for alpine" |
6 | subpackages="$pkgname-static" | 6 | subpackages="$pkgname-static" |
7 | depends= | 7 | depends= |
8 | makedepends="zlib-dev openssl-dev pkgconfig" | 8 | makedepends="zlib-dev openssl-dev pkgconfig" |
9 | source="http://git.alpinelinux.org/cgit/$pkgname/snapshot/$pkgname-$pkgver.tar.bz2 | 9 | source="http://git.alpinelinux.org/cgit/$pkgname/snapshot/$pkgname-$pkgver.tar.bz2 |
10 | info-segfault.patch | 10 | info-segfault.patch |
11 | 0001-package-don-t-leak-signing-key-file-fd.patch | ||
11 | " | 12 | " |
12 | 13 | ||
13 | 14 | ||
@@ -45,4 +46,5 @@ static() { | |||
45 | } | 46 | } |
46 | 47 | ||
47 | md5sums="c87cb88f90eb8d7021d37e3b5386863d apk-tools-2.0.2.tar.bz2 | 48 | md5sums="c87cb88f90eb8d7021d37e3b5386863d apk-tools-2.0.2.tar.bz2 |
48 | aeab86a00119f9945edd6d3c3a8bb9c1 info-segfault.patch" | 49 | aeab86a00119f9945edd6d3c3a8bb9c1 info-segfault.patch |
50 | ac2ddef3f82f700c9eb536a54050cca6 0001-package-don-t-leak-signing-key-file-fd.patch" | ||