xbps: merge another patch from master to fix a user-after-free.
This commit is contained in:
parent
b4b839d8b1
commit
d12963549e
2 changed files with 31 additions and 1 deletions
|
@ -0,0 +1,30 @@
|
|||
From 7c4f20ba89bee94b5259df3b0b1af0bb1deeab0a Mon Sep 17 00:00:00 2001
|
||||
From: Juan RP <xtraeme@gmail.com>
|
||||
Date: Tue, 26 Mar 2013 10:35:20 +0100
|
||||
Subject: [PATCH] lib/transaction_commit.c: fix a use-after-free in state cb
|
||||
(found by ojab).
|
||||
|
||||
---
|
||||
lib/transaction_commit.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/lib/transaction_commit.c b/lib/transaction_commit.c
|
||||
index dd148b0..e1edf7b 100644
|
||||
--- lib/transaction_commit.c
|
||||
+++ lib/transaction_commit.c
|
||||
@@ -88,11 +88,11 @@ check_binpkgs_hash(struct xbps_handle *xhp, prop_object_iterator_t iter)
|
||||
rv = xbps_file_hash_check(binfile, sha256);
|
||||
if (rv != 0) {
|
||||
free(binfile);
|
||||
- free(filen);
|
||||
xbps_set_cb_state(xhp, XBPS_STATE_VERIFY_FAIL,
|
||||
rv, pkgver,
|
||||
"Failed to verify `%s' package integrity: %s",
|
||||
filen, strerror(rv));
|
||||
+ free(filen);
|
||||
break;
|
||||
}
|
||||
free(binfile);
|
||||
--
|
||||
1.8.2
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
# Template file for 'xbps'
|
||||
pkgname=xbps
|
||||
version=0.22
|
||||
revision=2
|
||||
revision=3
|
||||
build_style=configure
|
||||
configure_args="--prefix=/ --exec-prefix=/usr --sbindir=/usr/sbin
|
||||
--enable-static --enable-debug --enable-tests"
|
||||
|
|
Loading…
Reference in a new issue