summaryrefslogtreecommitdiff
path: root/apt-pkg
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2018-01-04 22:57:21 +0100
committerDavid Kalnischkies <david@kalnischkies.de>2018-01-05 01:18:40 +0100
commitdf2d614900476920671779f27fcc4143d3c1b5b7 (patch)
tree846e9d66f15b1d08ce140e187821633613d89a97 /apt-pkg
parent6ca808480982726cea4f9004d57192905a1f1186 (diff)
dpkg status parsing: check if name is valid before use
The summary line sounds a bit much: what we end up doing is just adding two more guards before using results which should always be validâ„¢. That these values aren't valid is likely a bug in itself somewhere, but that is no reason for crashing.
Diffstat (limited to 'apt-pkg')
-rw-r--r--apt-pkg/deb/dpkgpm.cc19
1 files changed, 17 insertions, 2 deletions
diff --git a/apt-pkg/deb/dpkgpm.cc b/apt-pkg/deb/dpkgpm.cc
index c6d0a50f1..c6900ec77 100644
--- a/apt-pkg/deb/dpkgpm.cc
+++ b/apt-pkg/deb/dpkgpm.cc
@@ -653,7 +653,13 @@ void pkgDPkgPM::ProcessDpkgStatusLine(char *line)
// At this point we have a pkgname, but it might not be arch-qualified !
if (pkgname.find(":") == std::string::npos)
{
- pkgCache::GrpIterator Grp = Cache.FindGrp(pkgname);
+ pkgCache::GrpIterator const Grp = Cache.FindGrp(pkgname);
+ if (unlikely(Grp.end()== true))
+ {
+ if (Debug == true)
+ std::clog << "unable to figure out which package is dpkg referring to with '" << pkgname << "'! (0)" << std::endl;
+ return;
+ }
/* No arch means that dpkg believes there can only be one package
this can refer to so lets see what could be candidates here: */
std::vector<pkgCache::PkgIterator> candset;
@@ -729,7 +735,16 @@ void pkgDPkgPM::ProcessDpkgStatusLine(char *line)
if (PackageOps[fullname].size() != PackageOpsDone[fullname])
pkgname = std::move(fullname);
else
- pkgname = std::find_if_not(candset.begin(), candset.end(), PkgHasCurrentVersion)->FullName();
+ {
+ auto const pkgi = std::find_if_not(candset.begin(), candset.end(), PkgHasCurrentVersion);
+ if (unlikely(pkgi == candset.end()))
+ {
+ if (Debug == true)
+ std::clog << "situation for '" << pkgname << "' looked like a crossgrade, but all are installed?!" << std::endl;
+ return;
+ }
+ pkgname = pkgi->FullName();
+ }
}
// we are desperate: so "just" take the native one, but that might change mid-air,
// so we have to ask dpkg what it believes native is at the moment… all the time