diff options
author | Julian Andres Klode <jak@debian.org> | 2016-09-18 13:24:35 +0200 |
---|---|---|
committer | Julian Andres Klode <jak@debian.org> | 2016-10-05 21:53:39 +0200 |
commit | f54a4774ea901f861de96b13a4d952b8ea6c2976 (patch) | |
tree | 0a9b235aa0ee9dda9c0af9bae85c056fc90b9892 | |
parent | 420871ad79e85480d1ac34f2d9da1c706f1ea6f4 (diff) | |
download | apt-f54a4774ea901f861de96b13a4d952b8ea6c2976.tar.gz |
VersionHash: Do not skip too long dependency lines
If the dependency line does not contain spaces in the repository
but does in the dpkg status file (because dpkg normalized the
dependency list), the dpkg line might be longer than the line
in the repository. If it now happens to be longer than 1024
characters, it would be skipped, causing the hashes to be
out of date.
Note that we have to bump the minor cache version again as
this changes the format slightly, and we might get mismatches
with an older src cache otherwise.
Fixes Debian/apt#23
(cherry picked from commit 708e2f1fe99e6f067292bc909f03f12c181e4798)
-rw-r--r-- | apt-pkg/deb/deblistparser.cc | 4 | ||||
-rw-r--r-- | apt-pkg/pkgcache.cc | 2 | ||||
-rw-r--r-- | test/integration/Packages-github-23-too-long-dependency-line | 17 | ||||
-rw-r--r-- | test/integration/status-github-23-too-long-dependency-line | 12 | ||||
-rwxr-xr-x | test/integration/test-github-23-too-long-dependency-line | 17 |
5 files changed, 49 insertions, 3 deletions
diff --git a/apt-pkg/deb/deblistparser.cc b/apt-pkg/deb/deblistparser.cc index f7f64debd..99e806470 100644 --- a/apt-pkg/deb/deblistparser.cc +++ b/apt-pkg/deb/deblistparser.cc @@ -344,14 +344,14 @@ unsigned short debListParser::VersionHash() { const char *Start; const char *End; - if (Section.Find(I,Start,End) == false || End - Start >= (signed)sizeof(S)) + if (Section.Find(I,Start,End) == false) continue; /* Strip out any spaces from the text, this undoes dpkgs reformatting of certain fields. dpkg also has the rather interesting notion of reformatting depends operators < -> <= */ char *J = S; - for (; Start != End; ++Start) + for (; Start != End && (J - S) < sizeof(S); ++Start) { if (isspace_ascii(*Start) != 0) continue; diff --git a/apt-pkg/pkgcache.cc b/apt-pkg/pkgcache.cc index 27a0ba035..b4c232f8c 100644 --- a/apt-pkg/pkgcache.cc +++ b/apt-pkg/pkgcache.cc @@ -59,7 +59,7 @@ pkgCache::Header::Header() /* Whenever the structures change the major version should be bumped, whenever the generator changes the minor version should be bumped. */ APT_HEADER_SET(MajorVersion, 10); - APT_HEADER_SET(MinorVersion, 6); + APT_HEADER_SET(MinorVersion, 7); APT_HEADER_SET(Dirty, false); APT_HEADER_SET(HeaderSz, sizeof(pkgCache::Header)); diff --git a/test/integration/Packages-github-23-too-long-dependency-line b/test/integration/Packages-github-23-too-long-dependency-line new file mode 100644 index 000000000..967d6edce --- /dev/null +++ b/test/integration/Packages-github-23-too-long-dependency-line @@ -0,0 +1,17 @@ +Package: network-manager-strongswan +Architecture: amd64 +Version: 1.3.1-14 +Priority: extra +Section: net +Maintainer: Jean-Christophe Manciot <manciot.jeanchristophe@gmail.com> +Installed-Size: 256 +Provides: network-manager-strongswan +Depends: libart-2.0-2,libatk1.0-0,libavahi-client3,libavahi-common3,libavahi-glib1,libbonobo2-0,libbonoboui2-0,libc6,libcairo2,libcanberra0,libdatrie1,libdbus-1-3,libdbus-glib-1-2,libexpat1,libffi6,libfontconfig1,libfreetype6,libgail18,libgconf-2-4,libgcrypt20,libgdk-pixbuf2.0-0,libglib2.0-0,libglib2.0-0-dbg,libglib2.0-0-refdbg,libgmp10,libgnome-2-0,libgnomecanvas2-0,libgnome-keyring0,libgnomeui-0,libgnomevfs2-0,libgnutls30,libgpg-error0,libgraphite2-3,libgtk2.0-0,libharfbuzz0b,libhogweed4,libice6,libidn11,libltdl7,liblzma5,libnettle6,libnm-glib-vpn1,libnm-util2,libogg0,liborbit-2-0,libp11-kit0,libpango-1.0-0,libpangocairo-1.0-0,libpangoft2-1.0-0,libpcre3,libpixman-1-0,libpng12-0,libpopt0,libselinux1,libsm6,libsystemd0,libtasn1-6,libtdb1,libthai0,libuuid1,libvorbis0a,libvorbisfile3,libx11-6,libxau6,libxcb1,libxcb-render0,libxcb-shm0,libxcomposite1,libxcursor1,libxdamage1,libxdmcp6,libxext6,libxfixes3,libxi6,libxinerama1,libxml2,libxrandr2,libxrender1,zlib1g +Filename: dists/xenial/stable/binary-amd64/network-manager-strongswan_1.3.1-14_amd64.deb +Size: 34642 +MD5sum: 6f4482cb417e4c884a6715f315695937 +SHA1: 07dc0377c365f6ccb67d8e135ab32f27b5b5774d +SHA256: e526bc8c6c8b29dc28e5783ad076119d3be0e804779b3ca3a68959b7ac23f163 +SHA512: 6e2eb65023301dcaf1813a3c5686a82bdb61bdd3597e1976e067e06a0b0eee96e6d2a2d8b890bf37b8120eb9ff671a5ac4ee49de83feb3199afeab2893b8dec6 +Description: This package provides an IKEv2 IPSec VPN plugin for strongswan +Description-md5: 31abf1e375284c7ee36f25bf936125f1 diff --git a/test/integration/status-github-23-too-long-dependency-line b/test/integration/status-github-23-too-long-dependency-line new file mode 100644 index 000000000..7378c99d9 --- /dev/null +++ b/test/integration/status-github-23-too-long-dependency-line @@ -0,0 +1,12 @@ +Package: network-manager-strongswan +Status: install ok installed +Priority: extra +Section: net +Installed-Size: 256 +Maintainer: Jean-Christophe Manciot <manciot.jeanchristophe@gmail.com> +Architecture: amd64 +Version: 1.3.1-14 +Provides: network-manager-strongswan +Depends: libart-2.0-2, libatk1.0-0, libavahi-client3, libavahi-common3, libavahi-glib1, libbonobo2-0, libbonoboui2-0, libc6, libcairo2, libcanberra0, libdatrie1, libdbus-1-3, libdbus-glib-1-2, libexpat1, libffi6, libfontconfig1, libfreetype6, libgail18, libgconf-2-4, libgcrypt20, libgdk-pixbuf2.0-0, libglib2.0-0, libglib2.0-0-dbg, libglib2.0-0-refdbg, libgmp10, libgnome-2-0, libgnomecanvas2-0, libgnome-keyring0, libgnomeui-0, libgnomevfs2-0, libgnutls30, libgpg-error0, libgraphite2-3, libgtk2.0-0, libharfbuzz0b, libhogweed4, libice6, libidn11, libltdl7, liblzma5, libnettle6, libnm-glib-vpn1, libnm-util2, libogg0, liborbit-2-0, libp11-kit0, libpango-1.0-0, libpangocairo-1.0-0, libpangoft2-1.0-0, libpcre3, libpixman-1-0, libpng12-0, libpopt0, libselinux1, libsm6, libsystemd0, libtasn1-6, libtdb1, libthai0, libuuid1, libvorbis0a, libvorbisfile3, libx11-6, libxau6, libxcb1, libxcb-render0, libxcb-shm0, libxcomposite1, libxcursor1, libxdamage1, libxdmcp6, libxext6, libxfixes3, libxi6, libxinerama1, libxml2, libxrandr2, libxrender1, zlib1g +Description: This package provides an IKEv2 IPSec VPN plugin for strongswan +Description-md5: 31abf1e375284c7ee36f25bf936125f1 diff --git a/test/integration/test-github-23-too-long-dependency-line b/test/integration/test-github-23-too-long-dependency-line new file mode 100755 index 000000000..d514303db --- /dev/null +++ b/test/integration/test-github-23-too-long-dependency-line @@ -0,0 +1,17 @@ +#!/bin/sh +set -e + +TESTDIR="$(readlink -f "$(dirname "$0")")" +. "$TESTDIR/framework" +setupenvironment +configarchitecture "amd64" +setupaptarchive + + +testsuccessequal "network-manager-strongswan: + Installed: 1.3.1-14 + Candidate: 1.3.1-14 + Version table: + *** 1.3.1-14 500 + 500 file:${TMPWORKINGDIRECTORY}/aptarchive Packages + 100 ${TMPWORKINGDIRECTORY}/rootdir/var/lib/dpkg/status" aptcache policy network-manager-strongswan |