Skip to content

only check signature job error if signature job exists#6118

Merged
poettering merged 1 commit intosystemd:masterfrom
tblume:fix-no-signature-job-handling
Jun 21, 2017
Merged

only check signature job error if signature job exists#6118
poettering merged 1 commit intosystemd:masterfrom
tblume:fix-no-signature-job-handling

Conversation

@tblume
Copy link
Contributor

@tblume tblume commented Jun 13, 2017

otherwise it will segfault when accessing signature jobs error status

poettering
poettering reviewed Jun 15, 2017
View reviewed changes
src/import/pull-tar.c Outdated
if (i->checksum_job->style == VERIFICATION_PER_DIRECTORY && i->signature_job->error != 0) {
log_error_errno(j->error, "Failed to retrieve signature file, cannot verify. (Try --verify=no?)");
if (i->signature_job) {
if (i->checksum_job->style == VERIFICATION_PER_DIRECTORY && i->signature_job->error != 0) {
Copy link
Member

@poettering poettering Jun 15, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hmm, not sure i follow. how can this even happen? if style is VERIFICATION_PER_DIRECTORY, then we really should have a signature job, no?

Copy link
Contributor Author

@tblume tblume Jun 16, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This happens when verify=no is used, so there is no signature job started. I didn't consider this case when checking for: signature_job->error.

Copy link
Member

@poettering poettering Jun 16, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok, but don't you also have to check whether checksum_job is != NULL too?

Also I think it would be nicer to just add this to the if check, but only place one if check here. i.e. instead of:

if (i->signature_job) {
        if (i->checksum_job->&& i->signature_job…) {
                …

do:

if (i->signature_job && i->checksum_job->&& i->signature_job…) {
        …

That saves one level of indentation..

Copy link
Contributor Author

@tblume tblume Jun 19, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

According to pull-common.c a checksum job is always started unless verify is IMPORT_VERIFY_NO. A signature job is only started when verify is IMPORT_VERIFY_SIGNATURE in which case a checksum job is also started, because verify isn't IMPORT_VERIFY_NO. In other words, a signature job implies the presence of a checksum job, so I guess I only have to check for the signature job.

Otherwise, I have updated my patch. Could you please review again?

@poettering poettering added import needs-reporter-feedback ❓ There's an unanswered question, the reporter needs to answer labels Jun 15, 2017
@tblume
only check signature job error if signature job exists
c1abd9f 
otherwise it will segfault when accessing signature jobs error status
@poettering poettering merged commit c9fb8c7 into systemd:master Jun 21, 2017
@tblume tblume deleted the fix-no-signature-job-handling branch June 22, 2017 06:39
Werkov pushed a commit to Werkov/systemd that referenced this pull request Oct 23, 2017
@tblume @fbuihuu
only check signature job error if signature job exists (systemd#6118)
d75f370 
otherwise it will segfault when accessing signature jobs error status

(cherry picked from commit c9fb8c7)

[tblume: fixes boo#1043758]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@poettering poettering poettering left review comments

Assignees

No one assigned

Labels

import needs-reporter-feedback ❓ There's an unanswered question, the reporter needs to answer

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@tblume @poettering