From a022344f444f6b1611872ccd79881847c42dfee4 Mon Sep 17 00:00:00 2001 From: Panu Matilainen Date: Thu, 31 Oct 2019 11:29:32 +0200 Subject: [PATCH 1/3] Resurrect --prtpkts debug switch functionality Move the _print_pkts global to librpmio where the two relevant users can actually access it, and make them use it. This has been broken for years... --- lib/rpmchecksig.c | 2 -- rpmio/rpmkeyring.c | 6 ++++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/rpmchecksig.c b/lib/rpmchecksig.c index 0aa8719c8e..40a3ab83f9 100644 --- a/lib/rpmchecksig.c +++ b/lib/rpmchecksig.c @@ -24,8 +24,6 @@ #include "debug.h" -int _print_pkts = 0; - static int doImport(rpmts ts, const char *fn, char *buf, ssize_t blen) { char const * const pgpmark = "-----BEGIN PGP "; diff --git a/rpmio/rpmkeyring.c b/rpmio/rpmkeyring.c index bea04ff4b6..4fb01ecae3 100644 --- a/rpmio/rpmkeyring.c +++ b/rpmio/rpmkeyring.c @@ -13,6 +13,8 @@ #include "debug.h" +int _print_pkts = 0; + struct rpmPubkey_s { uint8_t *pkt; size_t pktlen; @@ -227,7 +229,7 @@ pgpDig rpmPubkeyDig(rpmPubkey key) dig = pgpNewDig(); pthread_rwlock_rdlock(&key->lock); - rc = pgpPrtPkts(key->pkt, key->pktlen, dig, 0); + rc = pgpPrtPkts(key->pkt, key->pktlen, dig, _print_pkts); pthread_rwlock_unlock(&key->lock); if (rc == 0) { @@ -302,7 +304,7 @@ rpmRC rpmKeyringLookup(rpmKeyring keyring, pgpDig sig) * on (successful) return, sigh. No need to check for return * here as this is validated at rpmPubkeyNew() already. */ - pgpPrtPkts(key->pkt, key->pktlen, sig, 0); + pgpPrtPkts(key->pkt, key->pktlen, sig, _print_pkts); res = RPMRC_OK; } From c258db3fd26b4d116c084a3c3968832eabf6721b Mon Sep 17 00:00:00 2001 From: Panu Matilainen Date: Thu, 31 Oct 2019 11:34:02 +0200 Subject: [PATCH 2/3] Replace uses of localtime() with the re-entrant variant LGTM flags localtime() as a "dangerous" function, which seems a bit over the top to me, but as we're flirting with threads, it certainly is not thread-safe. --- configure.ac | 2 +- lib/formats.c | 6 +++--- lib/query.c | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/configure.ac b/configure.ac index 6fb8d98fa4..0a3a9bbf49 100644 --- a/configure.ac +++ b/configure.ac @@ -813,7 +813,7 @@ AC_CHECK_FUNCS([secure_getenv __secure_getenv]) AC_CHECK_FUNCS( [mkstemp getcwd basename dirname realpath setenv unsetenv regcomp lchown \ - utimes getline], + utimes getline localtime_r ], [], [AC_MSG_ERROR([function required by rpm])]) AC_LIBOBJ(fnmatch) diff --git a/lib/formats.c b/lib/formats.c index ea1da21c2c..5fbffab88e 100644 --- a/lib/formats.c +++ b/lib/formats.c @@ -96,10 +96,10 @@ static char * hexFormat(rpmtd td, char **emsg) static char * realDateFormat(rpmtd td, const char * strftimeFormat, char **emsg) { char * val = NULL; - struct tm * tstruct; + struct tm * tstruct, _tm; char buf[1024]; time_t dateint = rpmtdGetNumber(td); - tstruct = localtime(&dateint); + tstruct = localtime_r(&dateint, &_tm); buf[0] = '\0'; if (tstruct) @@ -361,7 +361,7 @@ static char * pgpsigFormat(rpmtd td, char **emsg) char *keyid = pgpHexStr(sigp->signid, sizeof(sigp->signid)); unsigned int dateint = sigp->time; time_t date = dateint; - struct tm * tms = localtime(&date); + struct tm _tm, * tms = localtime_r(&date, &_tm); unsigned int key_algo = pgpDigParamsAlgo(sigp, PGPVAL_PUBKEYALGO); unsigned int hash_algo = pgpDigParamsAlgo(sigp, PGPVAL_HASHALGO); diff --git a/lib/query.c b/lib/query.c index a00bf60a50..9e68547662 100644 --- a/lib/query.c +++ b/lib/query.c @@ -37,7 +37,7 @@ static void printFileInfo(const char * name, char ownerfield[8+1], groupfield[8+1]; char timefield[100]; time_t when = mtime; /* important if sizeof(int32_t) ! sizeof(time_t) */ - struct tm * tm; + struct tm * tm, _tm; char * perms = rpmPermsString(mode); char *link = NULL; @@ -62,7 +62,7 @@ static void printFileInfo(const char * name, } /* Convert file mtime to display format */ - tm = localtime(&when); + tm = localtime_r(&when, &_tm); timefield[0] = '\0'; if (tm != NULL) { const char *fmt; From 72b177252886e91618114f065cb8ecfc63ceb95e Mon Sep 17 00:00:00 2001 From: Panu Matilainen Date: Thu, 31 Oct 2019 11:56:36 +0200 Subject: [PATCH 3/3] Replace use of obsolete ctime() with strftime() POSIX.1-2008 marked ctime() as obsolete and recommends strftime() instead. We get two flies on one stroke as ctime() is also classified "dangerous" by LGTM due to not being thread-safe. strftime(..., "%c"...) isn't exactly the same as ctime() but is consistent with what we use elsewhere and sufficient for debug purposes anyway. --- rpmio/rpmpgp.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c index 46cd0f31a1..7c3ac0e4a0 100644 --- a/rpmio/rpmpgp.c +++ b/rpmio/rpmpgp.c @@ -254,8 +254,11 @@ static void pgpPrtTime(const char * pre, const uint8_t *p, size_t plen) if (pre && *pre) fprintf(stderr, "%s", pre); if (plen == 4) { + char buf[1024]; time_t t = pgpGrab(p, plen); - fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t); + struct tm _tm, *tms = localtime_r(&t, &_tm); + if (strftime(buf, sizeof(buf), "%c", tms) > 0) + fprintf(stderr, " %-24.24s(0x%08x)", buf, (unsigned)t); } else { pgpPrtHex("", p+1, plen-1); }