1.1 --- a/librazor/rpm.c Fri Oct 17 10:10:57 2014 +0100
1.2 +++ b/librazor/rpm.c Fri Apr 15 16:58:07 2016 +0100
1.3 @@ -1,7 +1,7 @@
1.4 /*
1.5 * Copyright (C) 2008 Kristian Høgsberg <krh@redhat.com>
1.6 * Copyright (C) 2008 Red Hat, Inc
1.7 - * Copyright (C) 2009, 2011, 2012 J. Ali Harlow <ali@juiblex.co.uk>
1.8 + * Copyright (C) 2009, 2011, 2012, 2014 J. Ali Harlow <ali@juiblex.co.uk>
1.9 *
1.10 * This program is free software; you can redistribute it and/or modify
1.11 * it under the terms of the GNU General Public License as published by
1.12 @@ -49,7 +49,19 @@
1.13 #define O_BINARY 0
1.14 #endif
1.15
1.16 -#define RPM_LEAD_SIZE 96
1.17 +struct rpm_lead {
1.18 + unsigned char magic[4];
1.19 + unsigned char major, minor;
1.20 + short type;
1.21 + short archnum;
1.22 + char name[66];
1.23 + short osnum;
1.24 + short signature_type;
1.25 + char reserved[16];
1.26 +};
1.27 +
1.28 +#define RPM_LEAD_SIZE sizeof(struct rpm_lead)
1.29 +#define RPM_LEAD_MAGIC "\xED\xAB\xEE\xDB"
1.30
1.31 enum {
1.32 PIPE = 1, /*!< pipe/fifo */
1.33 @@ -610,6 +622,7 @@
1.34 RAZOR_EXPORT struct razor_rpm *
1.35 razor_rpm_open(const char *filename, struct razor_error **error)
1.36 {
1.37 + struct rpm_lead *lead;
1.38 struct razor_rpm *rpm;
1.39 struct rpm_header_index *base, *index;
1.40 unsigned int count, i, nindex, hsize;
1.41 @@ -631,6 +644,16 @@
1.42 return NULL;
1.43 }
1.44
1.45 + lead = rpm->map;
1.46 + if (rpm->size < RPM_LEAD_SIZE ||
1.47 + strncmp(lead->magic,RPM_LEAD_MAGIC,4) || lead->major != 3) {
1.48 + razor_rpm_close(rpm);
1.49 + razor_set_error(error, RAZOR_GENERAL_ERROR,
1.50 + RAZOR_GENERAL_ERROR_RPM_UNSUPPORTED,
1.51 + filename, "Not a recognized RPM format file");
1.52 + return NULL;
1.53 + }
1.54 +
1.55 rpm->signature = rpm->map + RPM_LEAD_SIZE;
1.56 nindex = ntohl(rpm->signature->nindex);
1.57 hsize = ntohl(rpm->signature->hsize);