Age | Commit message (Collapse) | Author |
|
(CVE-2020-3810)
When normalizing ar member names by removing trailing whitespace
and slashes, an out-out-bound read can be caused if the ar member
name consists only of such characters, because the code did not
stop at 0, but would wrap around and continue reading from the
stack, without any limit.
Add a check to abort if we reached the first character in the
name, effectively rejecting the use of names consisting just
of slashes and spaces.
Furthermore, certain error cases in arfile.cc and extracttar.cc have
included member names in the output that were not checked at all and
might hence not be nul terminated, leading to further out of bound reads.
Fixes Debian/apt#111
LP: #1878177
|
|
Prompted-by: Jakub Wilk <jwilk@debian.org>
|
|
Whitelist support for zst members.
|
|
As a follow up to the last commit, let's replace APT_CONST
with APT_PURE everywhere to clean stuff up.
|
|
This makes it easier to see which headers includes what.
The changes were done by running
git grep -l '#\s*include' \
| grep -E '.(cc|h)$' \
| xargs sed -i -E 's/(^\s*)#(\s*)include/\1#\2 include/'
To modify all include lines by adding a space, and then running
./git-clang-format.sh.
|
|
Including cacheiterators.h before pkgcache.h fails because
pkgcache.h depends on cacheiterators.h.
|
|
Most of them in (old) code comments. The two instances of user visible
string changes the po files of the manpages are fixed up as well.
Gbp-Dch: Ignore
Reported-By: spellintian
|
|
This will avoid people from thinking that they have to do nothing
when they change the set of files.
Gbp-Dch: ignore
|
|
In the old days, apt-inst used to use binaries, but now it
uses the built-in support and matches using Name, and not a
Binary.
|
|
Bye, bye, old friend.
|
|
Introduce an initial CMake buildsystem. This build system can build
a fully working apt system without translation or documentation.
The FindBerkelyDB module is from kdelibs, with some small adjustements
to also look in db5 directories.
Initial work on this CMake build system started in 2009, and was
resumed in August 2016.
|
|
This effectively merges branch 'typofixes-vlajos-20150807' of github.com:vlajos/apt
with the following commit:
commit 13cacb3e2e2352ba701e769fc889e3344fabbf7e
Author: Veres Lajos <vlajos@gmail.com>
Date: Sun Aug 9 00:12:53 2015 +0100
typofix - https://github.com/vlajos/misspell_fixer
It has been rebased for a better commit message.
|
|
Fix reproducibility issue due to readdir() order by sorting
the list of sources to be built and linked.
[jak@debian.org: Added summary and fixed typo]
Closes: #810509
|
|
Git-Dch: Ignore
|
|
Reported-By: cppcheck
Git-Dch: Ignore
|
|
Reported-By: gcc
Git-Dch: Ignore
|
|
|
|
This way we do not depend on the decompressor programs anymore.
|
|
Reported-By: codespell
|
|
|
|
We aren't and we will not be really compatible again with the previous
stable abi, so lets drop these markers (which never made it into a
released version) for good as they have outlived their intend already.
Git-Dch: Ignore
|
|
C++11 adds the 'override' specifier to mark that a method is overriding
a base class method and error out if not. We hide it in the APT_OVERRIDE
macro to ensure that we keep compiling in pre-c++11 standards.
Reported-By: clang-modernize -add-override -override-macros
Git-Dch: Ignore
|
|
Git-Dch: Ignore
|
|
Git-Dch: Ignore
Reported-By: cppcheck
|
|
unnecessary.
Git-Dch: Ignore
Reported-By: cppcheck
|
|
|
|
This is an ABI break.
Closes: #742882
|
|
The explicit listing is a pain every time you want to add a file to the
list and serves no propose as we list all files there anyway, so this is
not only easier but also documents this fact.
Git-Dch: Ignore
|
|
One of our compressors (the empty one) has an empty extension. Calling substr
on it fails.
|
|
Git-Dch: Ignore
Reported-By: gcc -Wsuggest-attribute={pure,const,noreturn}
|
|
Beside being a bit cleaner it hopefully also resolves oddball problems
I have with high levels of parallel jobs.
Git-Dch: Ignore
Reported-By: iwyu (include-what-you-use)
|
|
Reported-By: gcc -Wunused-parameter
Git-Dch: Ignore
|
|
Git-Dch: Ignore
Reported-By: gcc -Wcast-qual
|
|
Git-Dch: Ignore
Reported-By: gcc -Wpedantic
|
|
Sync the deb(5) format support with latest dpkg, by allowing
uncompressed tar members and xz compressed control.tar. This
also refactors the control.tar member extraction by using
ExtractTarMember(), which also means future changes only need
to be implemented in a single place.
|
|
Generalize DebFile::ExtractArchive() to take a member base name, so that
we can reuse it for control.tar member extraction too.
|
|
This allows for uncompressed tar files, as the decompressor process will
not get interposed in-between the file descriptors.
|
|
|
|
cppcheck complains about the obsolete utime as it was removed in
POSIX1.2008 and recommends usage of utimensat/futimens instead
as those are in POSIX and so commit 9ce3cfc9 switched to them.
It is just that they aren't as portable as the standard suggests:
At least our kFreeBSD and Hurd ports stumble over it at runtime.
So to make both, the ports and cppcheck happy, we use utimes instead.
Closes: 738567
|
|
The most "visible" change is from utime to utimensat/futimens
as the first one isn't part of POSIX anymore.
Reported-By: cppcheck
Git-Dch: Ignore
|
|
|
|
It even reuses the message used for the other check-for members, so one
less message to translate (good, as not that many people will ever see it).
Closes: 722710
|
|
When a data.tar.{gz,xz} contains a path name that is exactly
100 characters long, it will get truncated to 99 chars upon
extraction in ExtractTar::Go().
Using all of the 100 available characters for the filename
seems to be new behaviour in gnu tar.
Closes: #689582
Thanks: Mika Eloranta for the testcase!
|
|
Git-Dch: Ignore
|
|
fixing parallel build in the handcrafted buildsystem is a pain,
so its not enabled by default, but its works for me – sometimes
Git-Dch: Ignore
|
|
The default constructor of the FileFd will kick in anyway,
which will know that the Fd is invalid while with this explicit
call it must be assumed that the fd is in fact valid, which
might generate errors in the future
|
|
|
|
- readd 'md5.h' to the uncleaned header includes to make qapt build
against us again unchanged to unblock transition (Closes: #669163)
|
|
|
|
- ensure that in StartGzip the InFd is set to "AutoClose" to ensure
that the pipe is closed when InFd is closed. This fixes a Fd leak
(LP: #985452)
|