summaryrefslogtreecommitdiff
path: root/apt-pkg/contrib
AgeCommit message (Collapse)Author
2013-08-12some more coverity fixesMichael Vogt
2013-08-05Merge remote-tracking branch 'upstream/debian/sid' into bugfix/coverityMichael Vogt
2013-08-05fix some unitialized data membersMichael Vogt
2013-07-28Merge remote-tracking branch 'mvo/bugfix/coverity' into debian/sidMichael Vogt
2013-07-26fix another missing va_end()Michael Vogt
2013-07-26ensure that FileFd::Size returns 0 in error casesDavid Kalnischkies
2013-07-26proper cleanup varargs in _error (uncovered by Coverity)David Kalnischkies
Git-Dch: Ignore
2013-07-25add missing "free(buffer) for allocated bufferMichael Vogt
2013-07-25fix resource leak (thanks coverity)Michael Vogt
2013-07-25rework the code in cdromutl.cc to make coverity (more) happyMichael Vogt
2013-07-25fix off-by-one error and do not use magic constant of 100 when checking ↵Michael Vogt
StackPost
2013-07-25always "delete d" in FileFd::~FileFd to coverity happyMichael Vogt
2013-06-24fix SHA2* cleanups to zero-out the complete contextDavid Kalnischkies
GCC 4.8 is now clever enough to warn about: contrib/sha2_internal.cc: In function ‘char* SHA256_End(SHA256_CTX*, char*)’: contrib/sha2_internal.cc:656:31: warning: argument to ‘sizeof’ in ‘void* memset(void*, int, size_t)’ call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess] MEMSET_BZERO(context, sizeof(context)); So fix it as suggested. Its interesting though that the SHA2* calculation as far as we need it works even without zeroing out. Git-Dch: Ignore
2013-06-20trigger NODATA error for invalid InRelease filesDavid Kalnischkies
With the selfgrown splitting we got the problem of not recovering from networks which just reply with invalid data like those sending us login pages to authenticate with the network (e.g. hotels) back. The good thing about the InRelease file is that we know that it must be clearsigned (a Release file might or might not have a detached sig) so if we get a file but are unable to split it something is seriously wrong, so there is not much point in trying further. The Acquire system already looks out for a NODATA error from gpgv, so this adds a new error message sent to the acquire system in case the splitting we do now ourselves failed including this magic word. Closes: #712486
2013-06-20support \n and \r\n line endings in ReadMessagesDavid Kalnischkies
2013-06-09fail in CopyFile if the FileFds have error flag setDavid Kalnischkies
Testing for global PendingErrors in users of CopyFile is incorrect in so far as unrelated errors will prevent us from copying perfectly fine files and checking for the validity of the files is just better in CopyFiles as it already checks if files are at least opened. Add also a higher-level error message to the error stack if it fails.
2013-06-09OpenDescriptor should autoclose fd always on errorDavid Kalnischkies
OpenInternDescriptor failures would cause additional errors to be generated by double-closing an fd. Other errors (although these are generated if the method is used incorrectly, so unlikely) didn't close the fd aswell. Closes: 704608
2013-06-09set Fail flag in FileFd on all errors consistentlyDavid Kalnischkies
Previously some errors would set the Fail flag while some didn't without a clear reason as all errors leave a bad FileFd behind, so we use a helper now to ensure that all errors set the flag.
2013-06-09make the vprintf like _error->Insert publicDavid Kalnischkies
Git-Dch: Ignore
2013-06-06fix double free (closes: #711045)Michael Vogt
2013-05-08merged patch from Daniel Hartwig to fix URI and proxy releated issuesMichael Vogt
2013-04-08merged bundle from davidMichael Vogt
2013-04-03apt-pkg/contrib/gpgv.cc: fix InRelease checkMichael Vogt
2013-04-02merged lp:~mvo/apt/fix-inrelease5Michael Vogt
2013-03-19support dash-escaped text in clearsigned files as implementations areDavid Kalnischkies
free to escape all lines (we have no lines in our files which need to be escaped as these would be invalid fieldnames) and while ExecGPGV would detect dash-escaped text as invalid (as its not expected in messages with detached signatures) it would be possible to "comment" lines in (signed) dsc files which are only parsed but not verified
2013-03-19use FileFd instead of int fds to tidy up the interface a bitDavid Kalnischkies
2013-03-18* apt-pkg/deb/debindexfile.cc,David Kalnischkies
apt-pkg/deb/deblistparser.cc: - use OpenMaybeClearSignedFile to be free from detecting and skipping clearsigning metadata in dsc and Release files We can't write a "clean" file to disk as not all acquire methods copy Release files before checking them (e.g. cdrom), so this reverts recombining, but uses the method we use for dsc files also in the two places we deal with Release files
2013-03-18 - add method to open (maybe) clearsigned files transparentlyDavid Kalnischkies
* ftparchive/writer.cc: - use OpenMaybeClearSignedFile to be free from detecting and skipping clearsigning metadata in dsc files
2013-03-16ensure that we fclose/unlink/free in the new gpg-code as soon as possibleDavid Kalnischkies
2013-03-15 - if ExecGPGV deals with a clear-signed file it will split this fileDavid Kalnischkies
into data and signatures, pass it to gpgv for verification and recombines it after that in a known-good way without unsigned blocks and whitespaces resulting usually in more or less the same file as before, but later code can be sure about the format * apt-pkg/deb/debmetaindex.cc: - reenable InRelease by default
2013-03-15split out a method to strip whitespaces only on the right sideMichael Vogt
2013-03-15don't close stdout/stderr if it is also the statusfdDavid Kalnischkies
2013-03-15* apt-pkg/contrib/gpgv.cc:David Kalnischkies
- ExecGPGV is a method which should never return, so mark it as such and fix the inconsistency of returning in error cases
2013-03-15* apt-pkg/indexcopy.cc:David Kalnischkies
- rename RunGPGV to ExecGPGV and move it to apt-pkg/contrib/gpgv.cc
2013-03-10various simple changes to fix cppcheck warningsDavid Kalnischkies
2013-03-01include two missing patches to really fix bug #696225, thanks toMichael Vogt
Guillem Jover
2013-01-09* apt-pkg/contrib/progress.cc:Michael Vogt
- Make "..." translatable to fix inconsistencies in the output of e.g. apt-get update. While this adds new translatable strings, not having translations for them will not break anything. Thanks to Guillem Jover. Closes: #696225
2012-10-15merge from lp:~donkult/apt/sidMichael Vogt
2012-10-13remove 256 char line limit by using getline() (POSIX.1-2008)David Kalnischkies
2012-10-13* apt-pkg/contrib/netrc.cc:David Kalnischkies
- remove the 64 char limit for login/password in internal usage
2012-10-12merged lp:~mvo/apt/mvoMichael Vogt
2012-08-28apt-pkg/contrib/netrc.cc: use a slightly smaller login/password sizeMichael Vogt
2012-08-13make netrc parser more robust and parser biger login tokens, thanks to "TJ" ↵Michael Vogt
(LP: #1008289)
2012-08-04* apt-pkg/contrib/fileutl.cc:David Kalnischkies
- remove _POSIX_SYNCHRONIZED_IO guard in FileFd::Sync() around fsync as this guard is only needed for fdatasync and not defined on hurd
2012-08-04move the sysconf call behind the _POSIX_SYNCHRONIZED_IO guard thereDavid Kalnischkies
it is used for the msync call
2012-08-04apt-pkg/contrib/mmap.cc:Pino Toscano
- guard only the msync call with _POSIX_SYNCHRONIZED_IO rather than also the fallback code as it breaks APT on hurd since 0.9.7.3 as the fallback is now always used on non-linux (Closes: #683354)
2012-07-24for filesystems not supporting mmap'ing a file we need to use aDavid Kalnischkies
SyncToFd dummy just as we did for compressed files in 0.9.5
2012-07-24trigger the usage of the fallback code for kfreebsd also in theDavid Kalnischkies
second (filebased) constructor of DynamicMMap (Closes: #677704)
2012-07-20* apt-pkg/contrib/mmap.cc:David Kalnischkies
- refer to APT::Cache-Start in case the growing failed as if -Limit is really the offender it will be noted in a previous error message.
2012-06-16Fix previous commit: Do not call memset() if realloc() returned NULL.Julian Andres Klode