summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGuillem Jover <guillem@debian.org>2010-11-03 08:24:54 +0100
committerGuillem Jover <guillem@debian.org>2010-11-19 05:21:15 +0100
commit04eaf265a0b219ed8689607196405fdff9a4a432 (patch)
tree2443aaf4d4dedabc64818c7a17fa50f3623ed3f9
parentac65897081f5f20fda853beed79c28559fe33aea (diff)
downloaddpkg-04eaf265a0b219ed8689607196405fdff9a4a432.tar.gz
libdpkg: Disallow versions starting with non-digits
Fail on strict parsing, and warn otherwise.
-rw-r--r--debian/changelog2
-rw-r--r--lib/dpkg/parsehelp.c5
-rw-r--r--lib/dpkg/test/t-version.c4
-rw-r--r--scripts/t/100_Dpkg_Version.t40
4 files changed, 28 insertions, 23 deletions
diff --git a/debian/changelog b/debian/changelog
index 791ce333b..bd63a1653 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,6 +4,8 @@ dpkg (1.16.0) UNRELEASED; urgency=low
* Fix realloc usage on compat scandir() implementation.
* Use DPKG_MAINTSCRIPT_PACKAGE environment variable as package name on
dpkg-divert when no --package or --local options have been specified.
+ * Do not allow versions starting with non-digit when doing strict parsing,
+ warn otherwise.
[ Raphaƫl Hertzog ]
* Fail properly when debian/source/format is empty. Closes: #600854
diff --git a/lib/dpkg/parsehelp.c b/lib/dpkg/parsehelp.c
index 662c011da..d9132bd06 100644
--- a/lib/dpkg/parsehelp.c
+++ b/lib/dpkg/parsehelp.c
@@ -266,7 +266,10 @@ version_strict_check(struct versionrevision *rversion)
const char *ptr;
/* XXX: Would be faster to use something like cisversion and cisrevision. */
- for (ptr = rversion->version; *ptr; ptr++) {
+ ptr = rversion->version;
+ if (*ptr && !cisdigit(*ptr++))
+ return _("version number does not start with digit");
+ for (; *ptr; ptr++) {
if (!cisdigit(*ptr) && !cisalpha(*ptr) && strchr(".-+~:", *ptr) == NULL)
return _("invalid character in version number");
}
diff --git a/lib/dpkg/test/t-version.c b/lib/dpkg/test/t-version.c
index cae1c89c7..2e5278104 100644
--- a/lib/dpkg/test/t-version.c
+++ b/lib/dpkg/test/t-version.c
@@ -128,8 +128,8 @@ test_version_parse(void)
test_pass(versioncompare(&a, &b) == 0);
/* Test valid characters in upstream version. */
- b = version(0, "azAZ09.-+~:", "0");
- test_pass(parseversion(&a, "0:azAZ09.-+~:-0") == NULL);
+ b = version(0, "09azAZ.-+~:", "0");
+ test_pass(parseversion(&a, "0:09azAZ.-+~:-0") == NULL);
test_pass(versioncompare(&a, &b) == 0);
/* Test valid characters in revision. */
diff --git a/scripts/t/100_Dpkg_Version.t b/scripts/t/100_Dpkg_Version.t
index ae38364b1..de0cd2200 100644
--- a/scripts/t/100_Dpkg_Version.t
+++ b/scripts/t/100_Dpkg_Version.t
@@ -127,28 +127,28 @@ __DATA__
1 0:1 0
0 0:0-0 0
2:2.5 1:7.5 1
-1:foo foo 1
-0:foo foo 0
-foo foo 0
-foo- foo 0
-foo- foo-0 0
-foo fo 1
-foo- foo+ -1
-foo~1 foo -1
-foo~foo+Bar foo~foo+bar -1
-foo~~ foo~ -1
+1:0foo 0foo 1
+0:0foo 0foo 0
+0foo 0foo 0
+0foo- 0foo 0
+0foo- 0foo-0 0
+0foo 0fo 1
+0foo- 0foo+ -1
+0foo~1 0foo -1
+0foo~foo+Bar 0foo~foo+bar -1
+0foo~~ 0foo~ -1
1~ 1 -1
12345+that-really-is-some-ver-0 12345+that-really-is-some-ver-10 -1
-foo-0 foo-01 -1
-foo.bar foobar 1
-foo.bar foo1bar 1
-foo.bar foo0bar 1
-1foo-1 foo-1 -1
-foo2.0 foo2 1
-foo2.0.0 foo2.10.0 -1
-foo2.0 foo2.0.0 -1
-foo2.0 foo2.10 -1
-foo2.1 foo2.10 -1
+0foo-0 0foo-01 -1
+0foo.bar 0foobar 1
+0foo.bar 0foo1bar 1
+0foo.bar 0foo0bar 1
+0foo1bar-1 0foobar-1 -1
+0foo2.0 0foo2 1
+0foo2.0.0 0foo2.10.0 -1
+0foo2.0 0foo2.0.0 -1
+0foo2.0 0foo2.10 -1
+0foo2.1 0foo2.10 -1
1.09 1.9 0
1.0.8+nmu1 1.0.8 1
3.11 3.10+nmu1 1