Bug 277161 - Fault when querying against DSAHEADER
Summary: Fault when querying against DSAHEADER
Alias: None
Product: Fedora
Classification: Fedora
Component: rpm
Version: rawhide
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Panu Matilainen
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2007-09-04 19:31 UTC by Ignacio Vazquez-Abrams
Modified: 2007-11-30 22:12 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2007-10-24 07:14:08 UTC
Type: ---

Attachments (Terms of Use)
rpmq fault (4.71 KB, text/plain)
2007-09-04 19:31 UTC, Ignacio Vazquez-Abrams
no flags Details
rpmq trace (4.40 KB, text/plain)
2007-09-04 19:32 UTC, Ignacio Vazquez-Abrams
no flags Details

Description Ignacio Vazquez-Abrams 2007-09-04 19:31:35 UTC
The following query results in a fault in rpm-

rpm -qa "dsaheader=*30c9ecf8*"

Fault and trace attached.

Comment 1 Ignacio Vazquez-Abrams 2007-09-04 19:31:35 UTC
Created attachment 186491 [details]
rpmq fault

Comment 2 Ignacio Vazquez-Abrams 2007-09-04 19:32:15 UTC
Created attachment 186501 [details]
rpmq trace

Comment 3 Panu Matilainen 2007-09-05 07:10:50 UTC
Easily reproduced. There are actually a number of bugs here, urgh...
- matching against "binary blob" type (such as dsaheader) isn't handled at all
- attempting matching against binary blobs segfaults
- matching produces false results if the header to be matched against isn't
present in package(s)

Comment 4 Panu Matilainen 2007-09-05 10:47:47 UTC
Fixed in rpm.org HEAD, needs backporting to

Comment 5 Jeff Johnson 2007-09-06 06:50:30 UTC
Sure there are any number of bugs retrieving a header tag by regex retrieval applied against
binary data, now converted to text. I will likely steal the patch soon, but implement rather differently.
headerGetExtension is ther to to coerce data types onto tags.

However, the functionality of the access itself makes no sense. Loading every header to retrieve
RPMTAG_DSAHEADER which is converted to hex so that a pattern can be applied to find which
packages were signed with the pubkey
    gpg(Fedora Project (Test Software) <rawhide>)
should be done with a --queryformat, not a regex. You won't be happy with the
false positives from the pattern match even if you are willing to live with the performance
cost of loading every installed header.

I.e. blocking regexes appled to binary data, rather than drilling the hex convert through
mireFoo() is likely more useful.  And if there is a need for retrieving packages signed with
a specific pubkey fingerprint, then an index (for highest performance), or a popt alias
to hide a complex --queryformat to be post filtered with --pipe needs doing.

Comment 6 Panu Matilainen 2007-09-06 07:26:34 UTC
Yup, retrieving by signing key is somewhat different issue and wants
queryformat, not hex dumps. Converting binary to hex and matching is mostly of
academical interest, there's probably just one case where it might actually be
useful (sourcepkgid to be exact)

Comment 7 Ignacio Vazquez-Abrams 2007-09-06 10:13:23 UTC
In that case go ahead and close the report if the fault is fixed. I'll worry
about the actual querying part some other way.

Comment 8 Jeff Johnson 2007-09-06 12:09:51 UTC
If Sourcepkgid: is the issue, its value in packages should be changed to a string.

Querying by pkgid is already drilled with an index for performance. Querying by
sourcepkgid is no harder than changing a tag.

Comment 9 Jeff Johnson 2007-09-06 12:36:29 UTC
Since sourcepkgid is not currently included in Fedora packages, pattern matching against
a non-existent tag is likely of academic interest only as well.

Comment 10 Panu Matilainen 2007-09-11 07:29:03 UTC
Fixed in next rawhide push by rpm

Comment 11 Fedora Update System 2007-10-12 20:02:36 UTC
rpm- has been pushed to the Fedora 7 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update rpm'

Comment 12 Fedora Update System 2007-10-24 07:13:56 UTC
rpm- has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.