summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJulian Andres Klode <jak@debian.org>2016-09-18 13:24:35 +0200
committerJulian Andres Klode <jak@debian.org>2016-10-05 21:53:39 +0200
commitf54a4774ea901f861de96b13a4d952b8ea6c2976 (patch)
tree0a9b235aa0ee9dda9c0af9bae85c056fc90b9892
parent420871ad79e85480d1ac34f2d9da1c706f1ea6f4 (diff)
downloadapt-f54a4774ea901f861de96b13a4d952b8ea6c2976.tar.gz
VersionHash: Do not skip too long dependency lines
If the dependency line does not contain spaces in the repository but does in the dpkg status file (because dpkg normalized the dependency list), the dpkg line might be longer than the line in the repository. If it now happens to be longer than 1024 characters, it would be skipped, causing the hashes to be out of date. Note that we have to bump the minor cache version again as this changes the format slightly, and we might get mismatches with an older src cache otherwise. Fixes Debian/apt#23 (cherry picked from commit 708e2f1fe99e6f067292bc909f03f12c181e4798)
-rw-r--r--apt-pkg/deb/deblistparser.cc4
-rw-r--r--apt-pkg/pkgcache.cc2
-rw-r--r--test/integration/Packages-github-23-too-long-dependency-line17
-rw-r--r--test/integration/status-github-23-too-long-dependency-line12
-rwxr-xr-xtest/integration/test-github-23-too-long-dependency-line17
5 files changed, 49 insertions, 3 deletions
diff --git a/apt-pkg/deb/deblistparser.cc b/apt-pkg/deb/deblistparser.cc
index f7f64debd..99e806470 100644
--- a/apt-pkg/deb/deblistparser.cc
+++ b/apt-pkg/deb/deblistparser.cc
@@ -344,14 +344,14 @@ unsigned short debListParser::VersionHash()
{
const char *Start;
const char *End;
- if (Section.Find(I,Start,End) == false || End - Start >= (signed)sizeof(S))
+ if (Section.Find(I,Start,End) == false)
continue;
/* Strip out any spaces from the text, this undoes dpkgs reformatting
of certain fields. dpkg also has the rather interesting notion of
reformatting depends operators < -> <= */
char *J = S;
- for (; Start != End; ++Start)
+ for (; Start != End && (J - S) < sizeof(S); ++Start)
{
if (isspace_ascii(*Start) != 0)
continue;
diff --git a/apt-pkg/pkgcache.cc b/apt-pkg/pkgcache.cc
index 27a0ba035..b4c232f8c 100644
--- a/apt-pkg/pkgcache.cc
+++ b/apt-pkg/pkgcache.cc
@@ -59,7 +59,7 @@ pkgCache::Header::Header()
/* Whenever the structures change the major version should be bumped,
whenever the generator changes the minor version should be bumped. */
APT_HEADER_SET(MajorVersion, 10);
- APT_HEADER_SET(MinorVersion, 6);
+ APT_HEADER_SET(MinorVersion, 7);
APT_HEADER_SET(Dirty, false);
APT_HEADER_SET(HeaderSz, sizeof(pkgCache::Header));
diff --git a/test/integration/Packages-github-23-too-long-dependency-line b/test/integration/Packages-github-23-too-long-dependency-line
new file mode 100644
index 000000000..967d6edce
--- /dev/null
+++ b/test/integration/Packages-github-23-too-long-dependency-line
@@ -0,0 +1,17 @@
+Package: network-manager-strongswan
+Architecture: amd64
+Version: 1.3.1-14
+Priority: extra
+Section: net
+Maintainer: Jean-Christophe Manciot <manciot.jeanchristophe@gmail.com>
+Installed-Size: 256
+Provides: network-manager-strongswan
+Depends: libart-2.0-2,libatk1.0-0,libavahi-client3,libavahi-common3,libavahi-glib1,libbonobo2-0,libbonoboui2-0,libc6,libcairo2,libcanberra0,libdatrie1,libdbus-1-3,libdbus-glib-1-2,libexpat1,libffi6,libfontconfig1,libfreetype6,libgail18,libgconf-2-4,libgcrypt20,libgdk-pixbuf2.0-0,libglib2.0-0,libglib2.0-0-dbg,libglib2.0-0-refdbg,libgmp10,libgnome-2-0,libgnomecanvas2-0,libgnome-keyring0,libgnomeui-0,libgnomevfs2-0,libgnutls30,libgpg-error0,libgraphite2-3,libgtk2.0-0,libharfbuzz0b,libhogweed4,libice6,libidn11,libltdl7,liblzma5,libnettle6,libnm-glib-vpn1,libnm-util2,libogg0,liborbit-2-0,libp11-kit0,libpango-1.0-0,libpangocairo-1.0-0,libpangoft2-1.0-0,libpcre3,libpixman-1-0,libpng12-0,libpopt0,libselinux1,libsm6,libsystemd0,libtasn1-6,libtdb1,libthai0,libuuid1,libvorbis0a,libvorbisfile3,libx11-6,libxau6,libxcb1,libxcb-render0,libxcb-shm0,libxcomposite1,libxcursor1,libxdamage1,libxdmcp6,libxext6,libxfixes3,libxi6,libxinerama1,libxml2,libxrandr2,libxrender1,zlib1g
+Filename: dists/xenial/stable/binary-amd64/network-manager-strongswan_1.3.1-14_amd64.deb
+Size: 34642
+MD5sum: 6f4482cb417e4c884a6715f315695937
+SHA1: 07dc0377c365f6ccb67d8e135ab32f27b5b5774d
+SHA256: e526bc8c6c8b29dc28e5783ad076119d3be0e804779b3ca3a68959b7ac23f163
+SHA512: 6e2eb65023301dcaf1813a3c5686a82bdb61bdd3597e1976e067e06a0b0eee96e6d2a2d8b890bf37b8120eb9ff671a5ac4ee49de83feb3199afeab2893b8dec6
+Description: This package provides an IKEv2 IPSec VPN plugin for strongswan
+Description-md5: 31abf1e375284c7ee36f25bf936125f1
diff --git a/test/integration/status-github-23-too-long-dependency-line b/test/integration/status-github-23-too-long-dependency-line
new file mode 100644
index 000000000..7378c99d9
--- /dev/null
+++ b/test/integration/status-github-23-too-long-dependency-line
@@ -0,0 +1,12 @@
+Package: network-manager-strongswan
+Status: install ok installed
+Priority: extra
+Section: net
+Installed-Size: 256
+Maintainer: Jean-Christophe Manciot <manciot.jeanchristophe@gmail.com>
+Architecture: amd64
+Version: 1.3.1-14
+Provides: network-manager-strongswan
+Depends: libart-2.0-2, libatk1.0-0, libavahi-client3, libavahi-common3, libavahi-glib1, libbonobo2-0, libbonoboui2-0, libc6, libcairo2, libcanberra0, libdatrie1, libdbus-1-3, libdbus-glib-1-2, libexpat1, libffi6, libfontconfig1, libfreetype6, libgail18, libgconf-2-4, libgcrypt20, libgdk-pixbuf2.0-0, libglib2.0-0, libglib2.0-0-dbg, libglib2.0-0-refdbg, libgmp10, libgnome-2-0, libgnomecanvas2-0, libgnome-keyring0, libgnomeui-0, libgnomevfs2-0, libgnutls30, libgpg-error0, libgraphite2-3, libgtk2.0-0, libharfbuzz0b, libhogweed4, libice6, libidn11, libltdl7, liblzma5, libnettle6, libnm-glib-vpn1, libnm-util2, libogg0, liborbit-2-0, libp11-kit0, libpango-1.0-0, libpangocairo-1.0-0, libpangoft2-1.0-0, libpcre3, libpixman-1-0, libpng12-0, libpopt0, libselinux1, libsm6, libsystemd0, libtasn1-6, libtdb1, libthai0, libuuid1, libvorbis0a, libvorbisfile3, libx11-6, libxau6, libxcb1, libxcb-render0, libxcb-shm0, libxcomposite1, libxcursor1, libxdamage1, libxdmcp6, libxext6, libxfixes3, libxi6, libxinerama1, libxml2, libxrandr2, libxrender1, zlib1g
+Description: This package provides an IKEv2 IPSec VPN plugin for strongswan
+Description-md5: 31abf1e375284c7ee36f25bf936125f1
diff --git a/test/integration/test-github-23-too-long-dependency-line b/test/integration/test-github-23-too-long-dependency-line
new file mode 100755
index 000000000..d514303db
--- /dev/null
+++ b/test/integration/test-github-23-too-long-dependency-line
@@ -0,0 +1,17 @@
+#!/bin/sh
+set -e
+
+TESTDIR="$(readlink -f "$(dirname "$0")")"
+. "$TESTDIR/framework"
+setupenvironment
+configarchitecture "amd64"
+setupaptarchive
+
+
+testsuccessequal "network-manager-strongswan:
+ Installed: 1.3.1-14
+ Candidate: 1.3.1-14
+ Version table:
+ *** 1.3.1-14 500
+ 500 file:${TMPWORKINGDIRECTORY}/aptarchive Packages
+ 100 ${TMPWORKINGDIRECTORY}/rootdir/var/lib/dpkg/status" aptcache policy network-manager-strongswan