summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Kalnischkies <kalnischkies@gmail.com>2013-09-20 13:34:22 +0200
committerDavid Kalnischkies <kalnischkies@gmail.com>2013-09-20 13:34:22 +0200
commit5985c230c8ac85fe2b2eb504b798377843bdc7cd (patch)
tree7e1d413b2d7da055b22aa75391c7bc11b01cb874
parent3e2d892340d42053d388bda3d50dfbee99299082 (diff)
do not trust FileFd::Eof() in pkgTagFile::Fill()
The Eof check was added (by me of course) in 0aae6d14390193e25ab6d0fd49295bd7b131954f as part of a fix up ~a month ago (at DebConf). The idea was not that bad, but doesn't make that much sense either as this bit is set by the FileFd based on Actual as well, so this is basically doing the same check again – with the difference that the HitEof bit can still linger from a previous Read we did at the end of the file, but have seek'd away from it now. Combined with the length of entries, entry order and other not that easily controllable conditions you can be 'lucky' enough to hit this problem in a way which even visible (truncating of other fields might not be visible easily, like 'Tags' and others). Closes: 723705 Thanks: Cyril Brulebois
-rw-r--r--apt-pkg/tagfile.cc2
-rw-r--r--test/integration/Packages-bug-723705-tagfile-truncates-fields167
-rw-r--r--test/integration/status-bug-723705-tagfile-truncates-fields62
-rwxr-xr-xtest/integration/test-bug-723705-tagfile-truncates-fields33
4 files changed, 263 insertions, 1 deletions
diff --git a/apt-pkg/tagfile.cc b/apt-pkg/tagfile.cc
index b91e868e2..e0802e3d5 100644
--- a/apt-pkg/tagfile.cc
+++ b/apt-pkg/tagfile.cc
@@ -164,7 +164,7 @@ bool pkgTagFile::Fill()
unsigned long long const dataSize = d->Size - ((d->End - d->Buffer) + 1);
if (d->Fd.Read(d->End, dataSize, &Actual) == false)
return false;
- if (Actual != dataSize || d->Fd.Eof() == true)
+ if (Actual != dataSize)
d->Done = true;
d->End += Actual;
}
diff --git a/test/integration/Packages-bug-723705-tagfile-truncates-fields b/test/integration/Packages-bug-723705-tagfile-truncates-fields
new file mode 100644
index 000000000..c42b85072
--- /dev/null
+++ b/test/integration/Packages-bug-723705-tagfile-truncates-fields
@@ -0,0 +1,167 @@
+Package: cdebconf-gtk-udeb
+Source: cdebconf
+Version: 0.185
+Installed-Size: 92
+Maintainer: Debian Install System Team <debian-boot@lists.debian.org>
+Architecture: amd64
+Description: Gtk+ frontend for Debian Configuration Management System
+Description-md5: 75d036e0a245499123544e2254b92e9c
+Section: debian-installer
+Priority: optional
+Filename: pool/main/c/cdebconf/cdebconf-gtk-udeb_0.185_amd64.udeb
+Size: 27278
+MD5sum: a1bbbc1d4fb8e0615b5621abac021924
+SHA1: b1a7ab55a90f61e5337847d02ff1d12d73559def
+SHA256: cd79f3205304a7932b3309c4df9898c9a53929bc651912659858e087ebe1c18a
+
+Package: cdebconf-newt-udeb
+Source: cdebconf
+Version: 0.185
+Installed-Size: 58
+Maintainer: Debian Install System Team <debian-boot@lists.debian.org>
+Architecture: amd64
+Description: Newt frontend for Debian Configuration Management System
+Description-md5: e080be5e38cb8c57bca2f3effe9ee030
+Section: debian-installer
+Priority: optional
+Filename: pool/main/c/cdebconf/cdebconf-newt-udeb_0.185_amd64.udeb
+Size: 19192
+MD5sum: de27807f56dae2f2403b3322d5fe6bd2
+SHA1: 57883e223d46a9f25966f9b986e6a3bc2f67d8ef
+SHA256: 5f8b9c3a5430f2ec879484a7736582b152d76cc8ba9bc19328268f3635759a1b
+
+Package: cdebconf-udeb
+Source: cdebconf
+Version: 0.185
+Installed-Size: 245
+Maintainer: Debian Install System Team <debian-boot@lists.debian.org>
+Architecture: amd64
+Provides: debconf-2.0
+Description: Debian Configuration Management System (C-implementation)
+Description-md5: 9f3579e9d9f86ac89e667a8707d3cbd3
+Section: debian-installer
+Priority: standard
+Filename: pool/main/c/cdebconf/cdebconf-udeb_0.185_amd64.udeb
+Size: 77376
+MD5sum: e3883706fdbf54c2e5ea959c92b2d37f
+SHA1: 0232f1bdf1531db628516ed3a46a27466b267fdc
+SHA256: 96345575417a3e4df8a2cadaa55784ec8f6c042defb1e2fc002d941b6116ceab
+
+Package: cdebconf-gtk-terminal
+Source: cdebconf-terminal
+Version: 0.22
+Installed-Size: 64
+Maintainer: Debian Install System Team <debian-boot@lists.debian.org>
+Architecture: amd64
+Provides: cdebconf-terminal
+Depends: cdebconf-gtk-udeb, libc6-udeb (>= 2.17), libglib2.0-udeb (>= 2.36.4), libgtk2.0-0-udeb (>= 2.24.0), libvte9-udeb (>= 1:0.28.0), cdebconf-udeb, cdebconf-gtk-terminal, cdebconf-gtk-terminal, cdebconf-gtk-terminal, cdebconf-gtk-terminal, cdebconf-gtk-terminal, cdebconf-gtk-terminal, cdebconf-gtk-terminal
+Description: cdebconf gtk plugin displaying a terminal
+Description-md5: 18c4446758aec003eb8cd0a43419f1aa
+Section: debian-installer
+Priority: extra
+Filename: pool/main/c/cdebconf-terminal/cdebconf-gtk-terminal_0.22_amd64.udeb
+Size: 14734
+MD5sum: f9c3a7354560cb88e0396e2b7ba54363
+SHA1: 9c1c93328e758bfd9de2752466b271aaf38c8177
+SHA256: ca749853fc3b93db1d08ccdc6b46de27633de52bc5b880fa65275897ebcaaf69
+
+Package: cdebconf-newt-terminal
+Source: cdebconf-terminal
+Version: 0.22
+Installed-Size: 43
+Maintainer: Debian Install System Team <debian-boot@lists.debian.org>
+Architecture: amd64
+Provides: cdebconf-terminal
+Depends: cdebconf-newt-udeb (>= 0.146), libc6-udeb (>= 2.17), libnewt0.52
+Description: cdebconf newt plugin to provide a clean terminal
+Description-md5: 4109a053022081b573d864d84d6eb16d
+Section: debian-installer
+Priority: extra
+Filename: pool/main/c/cdebconf-terminal/cdebconf-newt-terminal_0.22_amd64.udeb
+Size: 4538
+MD5sum: 20db6152fce5081fcbf49c7c08f21246
+SHA1: fa2a40f777a2f48b9634866bc780fb059e60b2fe
+SHA256: c4d99ef27285f0c9090005313165627e56e0972e687af7e68c2b1d1538e2ae09
+
+Package: libc6-udeb
+Source: eglibc (2.17-92)
+Version: 2.17-92+b1
+Installed-Size: 3126
+Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org>
+Architecture: amd64
+Provides: glibc-2.17-1, libc-udeb, libc6
+Description: Embedded GNU C Library: Shared libraries - udeb
+Description-md5: 9552ce73b7b3fb466e3d89fe8db9a563
+Section: debian-installer
+Priority: extra
+Filename: pool/main/e/eglibc/libc6-udeb_2.17-92+b1_amd64.udeb
+Size: 1056000
+MD5sum: 7fd7032eeeecf7f76eff79a0543fbd72
+SHA1: 724b6a81b8fbc9d4d2bb43d656c08de73f7ada25
+SHA256: 137d4c001bbfde8161315c36e6cb8653ae2c50a8d6b6d2d27396c492d91a1723
+
+Package: libglib2.0-udeb
+Source: glib2.0
+Version: 2.36.4-1
+Installed-Size: 10070
+Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
+Architecture: amd64
+Description: GLib library of C routines - minimal runtime
+Description-md5: 0244040042870a89aa49f037cce3f1e9
+Section: debian-installer
+Priority: optional
+Filename: pool/main/g/glib2.0/libglib2.0-udeb_2.36.4-1_amd64.udeb
+Size: 1714604
+MD5sum: 72da029f1bbb36057d874f1f82a5d00a
+SHA1: 32bce78a052ef19a620f43ecbe12404fa570c0f1
+SHA256: 8edbc7cb872c0a82705913563f93f9eec5750881e4378c5a48770cde840cd6eb
+
+Package: libgtk2.0-0-udeb
+Source: gtk+2.0
+Version: 2.24.20-1
+Installed-Size: 5035
+Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
+Architecture: amd64
+Provides: gtk2.0-binver-2.10.0
+Description: GTK+ graphical user interface library - minimal runtime
+Description-md5: 32e5112b80c02578837cff4f65dfec84
+Section: debian-installer
+Priority: extra
+Filename: pool/main/g/gtk+2.0/libgtk2.0-0-udeb_2.24.20-1_amd64.udeb
+Size: 1643046
+MD5sum: 25513478eb2e02e5766c0eea0b411ca9
+SHA1: 9274f05bfa930a3406403441ce061bade04e2064
+SHA256: d5f611f48928ae02f759105cf8cff467cde1cb44df56ad31067168b46a80f8bc
+
+Package: libvte9-udeb
+Source: vte
+Version: 1:0.28.2-5
+Installed-Size: 628
+Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
+Architecture: amd64
+Description: Terminal emulator widget for GTK+ 2.0 - minimal runtime
+Description-md5: e7993385c30bae6e96c8cb87795a513c
+Section: debian-installer
+Priority: extra
+Filename: pool/main/v/vte/libvte9-udeb_0.28.2-5_amd64.udeb
+Size: 216968
+MD5sum: 7da7201effaf5ced19abd9d0b45aa2c6
+SHA1: a424cf779e7614d79740c422b6342de04fed3646
+SHA256: 4963033cbda5a8ba7eb8ebf1debae34463b8e63b821259860cfb51c1ab99562d
+
+Package: zlib1g-udeb
+Source: zlib
+Version: 1:1.2.8.dfsg-1
+Installed-Size: 115
+Maintainer: Mark Brown <broonie@debian.org>
+Architecture: amd64
+Description: compression library - runtime for Debian installer
+Description-md5: 9cab974e3eab657c53bc17611b894c7a
+Section: debian-installer
+Priority: optional
+Filename: pool/main/z/zlib/zlib1g-udeb_1.2.8.dfsg-1_amd64.udeb
+Size: 45270
+MD5sum: c02884420f79a3ae4569cf67782f3e74
+SHA1: 7cd1a7c8be4e086de733a0ce76f87d42b8b2173b
+SHA256: 61641ee2b5e185232108333438b72bec71ef549fe0e0df1b2b3afa37174e53a7
+
diff --git a/test/integration/status-bug-723705-tagfile-truncates-fields b/test/integration/status-bug-723705-tagfile-truncates-fields
new file mode 100644
index 000000000..fe18506c8
--- /dev/null
+++ b/test/integration/status-bug-723705-tagfile-truncates-fields
@@ -0,0 +1,62 @@
+Package: libc6
+Status: install ok installed
+Priority: required
+Section: libs
+Installed-Size: 10164
+Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org>
+Architecture: amd64
+Multi-Arch: same
+Source: eglibc (2.17-92)
+Version: 2.17-92+b1
+Replaces: libc6-amd64
+Provides: glibc-2.17-1
+Suggests: glibc-doc, debconf | debconf-2.0, locales
+Breaks: locales (<< 2.17), locales-all (<< 2.17), lsb-core (<= 3.2-27), nscd (<< 2.17)
+Conflicts: prelink (<= 0.0.20090311-1), tzdata (<< 2007k-1), tzdata-etch
+Conffiles:
+ /etc/ld.so.conf.d/x86_64-linux-gnu.conf 593ad12389ab2b6f952e7ede67b8fbbf
+Description: Embedded GNU C Library: Shared libraries
+ Contains the standard libraries that are used by nearly all programs on
+ the system. This package includes shared versions of the standard C library
+ and the standard math library, as well as many others.
+Homepage: http://www.eglibc.org
+
+Package: libnewt0.52
+Status: install ok installed
+Priority: important
+Section: libs
+Installed-Size: 820
+Maintainer: Alastair McKinstry <mckinstry@debian.org>
+Architecture: amd64
+Multi-Arch: same
+Source: newt
+Version: 0.52.15-3
+Recommends: libfribidi0
+Conffiles:
+ /etc/newt/palette.original d41d8cd98f00b204e9800998ecf8427e
+Description: Not Erik's Windowing Toolkit - text mode windowing with slang
+ Newt is a windowing toolkit for text mode built from the slang library.
+ It allows color text mode applications to easily use stackable windows,
+ push buttons, check boxes, radio buttons, lists, entry fields, labels,
+ and displayable text. Scrollbars are supported, and forms may be nested
+ to provide extra functionality. This package contains the shared library
+ for programs that have been built with newt.
+Homepage: https://fedorahosted.org/newt/
+
+Package: libgcc1
+Status: install ok installed
+Priority: required
+Section: libs
+Installed-Size: 128
+Maintainer: Debian GCC Maintainers <debian-gcc@lists.debian.org>
+Architecture: amd64
+Multi-Arch: same
+Source: gcc-4.8 (4.8.1-10)
+Version: 1:4.8.1-10
+Breaks: gcc-4.1, gcc-4.3 (<< 4.3.6-1), gcc-4.4 (<< 4.4.6-4), gcc-4.5 (<< 4.5.3-2)
+Description: GCC support library
+ Shared version of the support library, a library of internal subroutines
+ that GCC uses to overcome shortcomings of particular machines, or
+ special needs for some languages.
+Homepage: http://gcc.gnu.org/
+
diff --git a/test/integration/test-bug-723705-tagfile-truncates-fields b/test/integration/test-bug-723705-tagfile-truncates-fields
new file mode 100755
index 000000000..3180e7fc9
--- /dev/null
+++ b/test/integration/test-bug-723705-tagfile-truncates-fields
@@ -0,0 +1,33 @@
+#!/bin/sh
+set -e
+
+TESTDIR=$(readlink -f $(dirname $0))
+. $TESTDIR/framework
+setupenvironment
+configarchitecture 'amd64'
+
+setupaptarchive
+
+aptget install --print-uris -y cdebconf-newt-terminal cdebconf-gtk-terminal 2>&1 | sed 's#file:///tmp/tmp.[^/]\+#file:///tmp#g' > filename.log
+
+testfileequal filename.log "Reading package lists...
+Building dependency tree...
+The following extra packages will be installed:
+ cdebconf-gtk-udeb cdebconf-newt-udeb cdebconf-udeb libc6-udeb
+ libglib2.0-udeb libgtk2.0-0-udeb libvte9-udeb
+The following NEW packages will be installed:
+ cdebconf-gtk-terminal cdebconf-gtk-udeb cdebconf-newt-terminal
+ cdebconf-newt-udeb cdebconf-udeb libc6-udeb libglib2.0-udeb libgtk2.0-0-udeb
+ libvte9-udeb
+0 upgraded, 9 newly installed, 0 to remove and 0 not upgraded.
+Need to get 0 B/4774 kB of archives.
+After this operation, 19.8 MB of additional disk space will be used.
+'file:///tmp/aptarchive/pool/main/c/cdebconf/cdebconf-udeb_0.185_amd64.udeb' cdebconf-udeb_0.185_amd64.udeb 77376 MD5Sum:e3883706fdbf54c2e5ea959c92b2d37f
+'file:///tmp/aptarchive/pool/main/c/cdebconf/cdebconf-gtk-udeb_0.185_amd64.udeb' cdebconf-gtk-udeb_0.185_amd64.udeb 27278 MD5Sum:a1bbbc1d4fb8e0615b5621abac021924
+'file:///tmp/aptarchive/pool/main/c/cdebconf/cdebconf-newt-udeb_0.185_amd64.udeb' cdebconf-newt-udeb_0.185_amd64.udeb 19192 MD5Sum:de27807f56dae2f2403b3322d5fe6bd2
+'file:///tmp/aptarchive/pool/main/g/glib2.0/libglib2.0-udeb_2.36.4-1_amd64.udeb' libglib2.0-udeb_2.36.4-1_amd64.udeb 1714604 MD5Sum:72da029f1bbb36057d874f1f82a5d00a
+'file:///tmp/aptarchive/pool/main/e/eglibc/libc6-udeb_2.17-92+b1_amd64.udeb' libc6-udeb_2.17-92+b1_amd64.udeb 1056000 MD5Sum:7fd7032eeeecf7f76eff79a0543fbd72
+'file:///tmp/aptarchive/pool/main/g/gtk+2.0/libgtk2.0-0-udeb_2.24.20-1_amd64.udeb' libgtk2.0-0-udeb_2.24.20-1_amd64.udeb 1643046 MD5Sum:25513478eb2e02e5766c0eea0b411ca9
+'file:///tmp/aptarchive/pool/main/v/vte/libvte9-udeb_0.28.2-5_amd64.udeb' libvte9-udeb_1%3a0.28.2-5_amd64.udeb 216968 MD5Sum:7da7201effaf5ced19abd9d0b45aa2c6
+'file:///tmp/aptarchive/pool/main/c/cdebconf-terminal/cdebconf-gtk-terminal_0.22_amd64.udeb' cdebconf-gtk-terminal_0.22_amd64.udeb 14734 MD5Sum:f9c3a7354560cb88e0396e2b7ba54363
+'file:///tmp/aptarchive/pool/main/c/cdebconf-terminal/cdebconf-newt-terminal_0.22_amd64.udeb' cdebconf-newt-terminal_0.22_amd64.udeb 4538 MD5Sum:20db6152fce5081fcbf49c7c08f21246"