From c534ba14d9171df1a69c58db0870dbba4bad8283 Mon Sep 17 00:00:00 2001 From: panxiaohe Date: Tue, 28 Jun 2022 14:36:42 +0800 Subject: [PATCH] add check for device number in __check_lock_fn --- ...for-device-number-in-__check_lock_fn.patch | 55 +++++++++++++++++++ libdb.spec | 22 ++++---- 2 files changed, 67 insertions(+), 10 deletions(-) create mode 100644 add-check-for-device-number-in-__check_lock_fn.patch diff --git a/add-check-for-device-number-in-__check_lock_fn.patch b/add-check-for-device-number-in-__check_lock_fn.patch new file mode 100644 index 0000000..99e3a29 --- /dev/null +++ b/add-check-for-device-number-in-__check_lock_fn.patch @@ -0,0 +1,55 @@ +From ad2bb7182132f6d15c207a8c0d37d24e241eb468 Mon Sep 17 00:00:00 2001 +From: hanxinke +Date: Fri, 11 Feb 2022 11:08:18 +0800 +Subject: [PATCH] add check for device number in __check_lock_fn + +When a file with the same inode as the inode of /var/lib/rpm/.rpm.lock +exists on another partition, package updates will also execute correctly +because of check for device. + +--- + src/os/os_flock.c | 11 ++++++++++- + 1 file changed, 10 insertions(+), 1 deletion(-) + +diff --git a/src/os/os_flock.c b/src/os/os_flock.c +index 03aa3df..482dffa 100644 +--- a/src/os/os_flock.c ++++ b/src/os/os_flock.c +@@ -10,6 +10,8 @@ + + #include "db_int.h" + ++#include ++ + #if !defined(HAVE_FCNTL) || !defined(HAVE_FLOCK) + static int __os_filelocking_notsup __P((ENV *)); + #endif +@@ -34,6 +36,7 @@ int __check_lock_fn(fn, pid) + int i, inode; + struct stat st; + pid_t lpid = 0; ++ int f_major, f_minor, l_major, l_minor; + + if (!fn) + return -1; +@@ -59,10 +62,16 @@ int __check_lock_fn(fn, pid) + /* Check the inode */ + else if (i == 5) { + inode = 0; +- sscanf(token, "%*02x:%*02x:%d", &inode); ++ sscanf(token, "%02x:%02x:%d", &l_major, &l_minor, &inode); + /* Not the inode we are looking for */ + if (inode != st.st_ino) + continue; ++ ++ f_major = MAJOR(st.st_dev); ++ f_minor = MINOR(st.st_dev); ++ if ((f_major != l_major) || (f_minor != l_minor)) ++ continue; ++ + /* + * We have the correct file. + * We are either looking for a specific process or we do not care at all. +-- +2.23.0 + diff --git a/libdb.spec b/libdb.spec index c4f3175..5af3d03 100644 --- a/libdb.spec +++ b/libdb.spec @@ -1,6 +1,6 @@ Name: libdb Version: 5.3.28 -Release: 36 +Release: 37 Summary: The Berkeley DB database library for C License: BSD and LGPLv2 and Sleepycat URL: https://www.oracle.com/database/berkeley-db/ @@ -34,10 +34,10 @@ Patch35: checkpoint-opd-deadlock.patch Patch36: db-5.3.28-atomic_compare_exchange.patch Patch37: backport-CVE-2019-2708-Resolved-data-store-execution-which-led-to-partial-DoS.patch -Patch9000: bugfix-fix-deadlock-on-mempool-file-locks.patch - -Patch9001: libdb-limit-cpu.patch -patch9002: libdb-cbd-race.patch +Patch38: bugfix-fix-deadlock-on-mempool-file-locks.patch +Patch39: libdb-limit-cpu.patch +patch40: libdb-cbd-race.patch +Patch41: add-check-for-device-number-in-__check_lock_fn.patch BuildRequires: gcc gcc-c++ perl-interpreter libtool tcl-devel >= 8.5.2-3 BuildRequires: java-devel >= 1:1.6.0 chrpath zlib-devel @@ -114,11 +114,10 @@ popd %patch35 -p1 %patch36 -p1 %patch37 -p1 - -%patch9000 -p1 - -%patch9001 -p1 -%patch9002 -p1 +%patch38 -p1 +%patch39 -p1 +%patch40 -p1 +%patch41 -p1 pushd dist ./s_config @@ -211,6 +210,9 @@ mv man/* %{buildroot}%{_mandir}/man1/ %{_mandir}/man1 %changelog +* Tue Jun 28 2022 panxiaohe - 5.3.28-37 +- add check for device number in __check_lock_fn + * Mon Apr 19 2021 wangchen - 5.3.28-36 - Fix CVE-2019-2708 -- Gitee