main/apk-tools: fix fd leak

author: Natanael Copa <ncopa@alpinelinux.org> 2010-05-26 14:08:36 +0000
committer: Natanael Copa <ncopa@alpinelinux.org> 2010-05-26 14:17:36 +0000
commit: 049665fd6611b487a6430d3d5bcf75e0864e2a8c (patch)
tree: 5970baa0105542401be4b68a3088bf6c2bfa902a
parent: ed22a255ac22d056bade9e7b3da6333dcc0d5c2d (diff)
download: alpine_aports-049665fd6611b487a6430d3d5bcf75e0864e2a8c.tar.bz2
alpine_aports-049665fd6611b487a6430d3d5bcf75e0864e2a8c.tar.xz
alpine_aports-049665fd6611b487a6430d3d5bcf75e0864e2a8c.zip
2 files changed, 31 insertions, 2 deletions
diff --git a/main/apk-tools/0001-package-don-t-leak-signing-key-file-fd.patch b/main/apk-tools/0001-package-don-t-leak-signing-key-file-fd.patch
new file mode 100644
index 0000000000..6ff88a312c
--- /dev/null
+++ b/main/apk-tools/0001-package-don-t-leak-signing-key-file-fd.patch
@@ -0,0 +1,27 @@
+From fe55da70741621f7bac2cd943b64cc13e25f9427 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
+Date: Wed, 26 May 2010 14:30:08 +0300
+Subject: [PATCH] package: don't leak signing key file fd
+openssl BIO does not close the fd unless we explicitly tell it to
+do so.
+---
+ src/package.c |    2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+diff --git a/src/package.c b/src/package.c
+index b265468..b97c412 100644
+--- a/src/package.c
+++ b/src/package.c
+@@ -441,7 +441,7 @@ int apk_sign_ctx_process_file(struct apk_sign_ctx *ctx,
+                if (fd < 0)
+                        return 0;
+ 
+-               bio  = BIO_new_fp(fdopen(fd, "r"), 0);
+               bio = BIO_new_fp(fdopen(fd, "r"), BIO_CLOSE);
+                ctx->signature.pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
+                if (ctx->signature.pkey != NULL) {
+                        if (fi->name[6] == 'R')
+-- 
+1.7.1
diff --git a/main/apk-tools/APKBUILD b/main/apk-tools/APKBUILD
index 65b299d94f..836494d51e 100644
--- a/main/apk-tools/APKBUILD
+++ b/main/apk-tools/APKBUILD
@@ -1,13 +1,14 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=apk-tools
 pkgver=2.0.2
-pkgrel=1
+pkgrel=2
 pkgdesc="Alpine Package Keeper - package manager for alpine"
 subpackages="$pkgname-static"
 depends=
 makedepends="zlib-dev openssl-dev pkgconfig"
 source="http://git.alpinelinux.org/cgit/$pkgname/snapshot/$pkgname-$pkgver.tar.bz2
        info-segfault.patch
+        0001-package-don-t-leak-signing-key-file-fd.patch
        "
@@ -45,4 +46,5 @@ static() {
 }
 md5sums="c87cb88f90eb8d7021d37e3b5386863d  apk-tools-2.0.2.tar.bz2
-aeab86a00119f9945edd6d3c3a8bb9c1  info-segfault.patch"
+aeab86a00119f9945edd6d3c3a8bb9c1  info-segfault.patch
+ac2ddef3f82f700c9eb536a54050cca6  0001-package-don-t-leak-signing-key-file-fd.patch"
author	Natanael Copa <ncopa@alpinelinux.org>	2010-05-26 14:08:36 +0000
committer	Natanael Copa <ncopa@alpinelinux.org>	2010-05-26 14:17:36 +0000
commit	049665fd6611b487a6430d3d5bcf75e0864e2a8c (patch)
tree	5970baa0105542401be4b68a3088bf6c2bfa902a
parent	ed22a255ac22d056bade9e7b3da6333dcc0d5c2d (diff)
download	alpine_aports-049665fd6611b487a6430d3d5bcf75e0864e2a8c.tar.bz2 alpine_aports-049665fd6611b487a6430d3d5bcf75e0864e2a8c.tar.xz alpine_aports-049665fd6611b487a6430d3d5bcf75e0864e2a8c.zip

diff --git a/main/apk-tools/0001-package-don-t-leak-signing-key-file-fd.patch b/main/apk-tools/0001-package-don-t-leak-signing-key-file-fd.patch new file mode 100644 index 0000000000..6ff88a312c --- /dev/null +++ b/main/apk-tools/0001-package-don-t-leak-signing-key-file-fd.patch
@@ -0,0 +1,27 @@
		1	From fe55da70741621f7bac2cd943b64cc13e25f9427 Mon Sep 17 00:00:00 2001
		2	From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
		3	Date: Wed, 26 May 2010 14:30:08 +0300
		4	Subject: [PATCH] package: don't leak signing key file fd
		5
		6	openssl BIO does not close the fd unless we explicitly tell it to
		7	do so.
		8	---
		9	src/package.c \| 2 +-
		10	1 files changed, 1 insertions(+), 1 deletions(-)
		11
		12	diff --git a/src/package.c b/src/package.c
		13	index b265468..b97c412 100644
		14	--- a/src/package.c
		15	+++ b/src/package.c
		16	@@ -441,7 +441,7 @@ int apk_sign_ctx_process_file(struct apk_sign_ctx *ctx,
		17	if (fd < 0)
		18	return 0;
		19
		20	- bio = BIO_new_fp(fdopen(fd, "r"), 0);
		21	+ bio = BIO_new_fp(fdopen(fd, "r"), BIO_CLOSE);
		22	ctx->signature.pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
		23	if (ctx->signature.pkey != NULL) {
		24	if (fi->name[6] == 'R')
		25	--
		26	1.7.1
		27


diff --git a/main/apk-tools/APKBUILD b/main/apk-tools/APKBUILD index 65b299d94f..836494d51e 100644 --- a/main/apk-tools/APKBUILD +++ b/main/apk-tools/APKBUILD
@@ -1,13 +1,14 @@
1	# Maintainer: Natanael Copa <ncopa@alpinelinux.org>	1	# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2	pkgname=apk-tools	2	pkgname=apk-tools
3	pkgver=2.0.2	3	pkgver=2.0.2
4	pkgrel=1	4	pkgrel=2
5	pkgdesc="Alpine Package Keeper - package manager for alpine"	5	pkgdesc="Alpine Package Keeper - package manager for alpine"
6	subpackages="$pkgname-static"	6	subpackages="$pkgname-static"
7	depends=	7	depends=
8	makedepends="zlib-dev openssl-dev pkgconfig"	8	makedepends="zlib-dev openssl-dev pkgconfig"
9	source="http://git.alpinelinux.org/cgit/$pkgname/snapshot/$pkgname-$pkgver.tar.bz2	9	source="http://git.alpinelinux.org/cgit/$pkgname/snapshot/$pkgname-$pkgver.tar.bz2
10	info-segfault.patch	10	info-segfault.patch
		11	0001-package-don-t-leak-signing-key-file-fd.patch
11	"	12	"
12		13
13		14
@@ -45,4 +46,5 @@ static() {
45	}	46	}
46		47
47	md5sums="c87cb88f90eb8d7021d37e3b5386863d apk-tools-2.0.2.tar.bz2	48	md5sums="c87cb88f90eb8d7021d37e3b5386863d apk-tools-2.0.2.tar.bz2
48	aeab86a00119f9945edd6d3c3a8bb9c1 info-segfault.patch"	49	aeab86a00119f9945edd6d3c3a8bb9c1 info-segfault.patch
		50	ac2ddef3f82f700c9eb536a54050cca6 0001-package-don-t-leak-signing-key-file-fd.patch"