summaryrefslogtreecommitdiff
path: root/apt-pkg/deb/debsrcrecords.cc
AgeCommit message (Collapse)Author
2016-08-31Fix segfault and out-of-bounds read in Binary fieldsJulian Andres Klode
If a Binary field contains one or more spaces before a comma, the code produced a segmentation fault, as it accidentally set a pointer to 0 instead of the value of the pointer. If the comma is at the beginning of the field, the code would create a binStartNext that points one element before the start of the string, which is undefined behavior. We also need to check that we do not exit the string during the replacement of spaces before commas: A string of the form " ," would normally exit the boundary of the Buffer: binStartNext = offset 1 ',' binEnd = offset 0 ' ' isspace_ascii(*binEnd) = true => --binEnd => binEnd = - 1 We get rid of the problem by only allowing spaces to be eliminated if they are not the first character of the buffer: binStartNext = offset 1 ',' binEnd = offset 0 ' ' binEnd > buffer = false, isspace_ascii(*binEnd) = true => exit loop => binEnd remains 0
2016-07-22support "install ./foo.changes"David Kalnischkies
We support installing ./foo.deb (and ./foo.dsc for source) for a while now, but it can be a bit clunky to work with those directly if you e.g. build packages locally in a 'central' build-area. The changes files also include hashsums and can be signed, so this can also be considered an enhancement in terms of security as a user "just" has to verify the signature on the changes file then rather than checking all deb files individually in these manual installation procedures.
2016-03-14enforce verify of filesize in 'apt-get source'David Kalnischkies
The structure we parse the data into has a dedicated size field, but it tends to be easier to handle it as a (very weak) checksum.
2016-01-02support comments in debian/control parsingDavid Kalnischkies
Now (55153bf94ff28a23318e79aa48242244c4d82b3c) that pkgTagFile can be told to deal with all sorts of comments we can use this mode to parse dsc (as by catch) and debian/control files properly even in the wake of multiline fields spliced with comments like Build-Depends. Closes: 806775
2015-12-27Convert most callers of isspace() to isspace_ascii()Julian Andres Klode
This converts all callers that read machine-generated data, callers that might work with user input are not converted.
2015-08-10make all d-pointer * const pointersDavid Kalnischkies
Doing this disables the implicit copy assignment operator (among others) which would cause hovac if used on the classes as it would just copy the pointer, not the data the d-pointer points to. For most of the classes we don't need a copy assignment operator anyway and in many classes it was broken before as many contain a pointer of some sort. Only for our Cacheset Container interfaces we define an explicit copy assignment operator which could later be implemented to copy the data from one d-pointer to the other if we need it. Git-Dch: Ignore
2015-06-16add d-pointer, virtual destructors and de-inline de/constructorsDavid Kalnischkies
To have a chance to keep the ABI for a while we need all three to team up. One of them missing and we might loose, so ensuring that they are available is a very tedious but needed task once in a while. Git-Dch: Ignore
2015-03-16merge debian/sid into debian/experimentalDavid Kalnischkies
2014-11-10use 'best' hash for source authenticationDavid Kalnischkies
Collect all hashes we can get from the source record and put them into a HashStringList so that 'apt-get source' can use it instead of using always the MD5sum. We therefore also deprecate the MD5 struct member in favor of the list. While at it, the parsing of the Files is enhanced so that records which miss "Files" (aka MD5 checksums) are still searched for other checksums as they include just as much data, just not with a nice and catchy name. This is a cherry-pick of 1262d35 with some dirty tricks to preserve ABI. LP: 1098738
2014-11-08replace ignore-deprecated #pragma dance with _PragmaDavid Kalnischkies
For compatibility we use/provide and fill quiet some deprecated methods and fields, which subsequently earns us a warning for using them. These warnings therefore have to be disabled for these codeparts and that is what this change does now in a slightly more elegant way. Git-Dch: Ignore
2014-06-18Merge branch 'debian/sid' into debian/experimentalMichael Vogt
Conflicts: debian/changelog
2014-05-29Fix more warnings from clangMichael Vogt
Reported-By: clang++ -Werror Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h apt-pkg/deb/debmetaindex.h
2014-05-27use free() instead of delete[] in debSrcRecordParser::~debSrcRecordParserMichael Vogt
The Buffer was allocated using strndup() so we need to free it using free() instead of delete[]
2014-05-09use 'best' hash for source authenticationDavid Kalnischkies
Collect all hashes we can get from the source record and put them into a HashStringList so that 'apt-get source' can use it instead of using always the MD5sum. We therefore also deprecate the MD5 struct member in favor of the list. While at it, the parsing of the Files is enhanced so that records which miss "Files" (aka MD5 checksums) are still searched for other checksums as they include just as much data, just not with a nice and catchy name. LP: 1098738
2014-05-08Merge remote-tracking branch 'mvo/feature/build-dep-dsc2' into ↵Michael Vogt
debian/experimental Conflicts: apt-pkg/deb/debindexfile.cc apt-pkg/deb/debindexfile.h apt-pkg/deb/debsrcrecords.cc
2014-05-07Merge branch 'debian/sid' into debian/experimentalMichael Vogt
Conflicts: apt-pkg/cachefilter.h apt-pkg/contrib/fileutl.cc apt-pkg/contrib/netrc.h apt-pkg/deb/debsrcrecords.cc apt-pkg/init.h apt-pkg/pkgcache.cc debian/apt.install.in debian/changelog
2014-04-24create debIFTypeDscFile typeMichael Vogt
2014-04-22add support for apt-get build-dep foo.dscMichael Vogt
2014-03-13cleanup headers and especially #includes everywhereDavid Kalnischkies
Beside being a bit cleaner it hopefully also resolves oddball problems I have with high levels of parallel jobs. Git-Dch: Ignore Reported-By: iwyu (include-what-you-use)
2014-03-13warning: useless cast to type A [-Wuseless-cast]David Kalnischkies
Git-Dch: Ignore Reported-By: gcc -Wuseless-cast
2014-03-13implement BuildProfileSpec support as dpkg has in 1.17.2Johannes Schauer
Build-dependencies are now able to include a <profile.foo …> specification limiting usage similar to already supported [arch …]. More details: https://wiki.debian.org/BuildProfileSpec Closes: 661537
2013-02-28re-add compat pkgSrcRecords::File::MD5HashMichael Vogt
2013-01-31cleanup the hash iteration. unfortunately there is no 1:1 mapping from ↵Michael Vogt
Hashes::SupporedHashes to the tag name
2013-01-14fix skipping of already downloaded files and add some FIXMEsMichael Vogt
2013-01-14first iteration that adds support for checksums-{sha512,sha256}Michael Vogt
2011-09-21* apt-pkg/deb/debsrcrecords.cc:David Kalnischkies
- remove the limit of 400 Binaries for a source package (Closes: #622110)
2011-09-19do not pollute namespace in the headers with using (Closes: #500198)David Kalnischkies
2011-09-13reorder includes: add <config.h> if needed and include it at firstDavid Kalnischkies
2011-02-27support every compression we have a compressor configuredDavid Kalnischkies
2011-02-22* apt-pkg/deb/debsrcrecords.cc:David Kalnischkies
- support xz-compressed source v3 debian.tar files
2009-11-29Ignore :qualifiers after package name in build dependenciesDavid Kalnischkies
for now as long we don't understand them (Closes: #558103)
2009-11-27use "diff" filetype for .debian.tar.* files (Closes: #554898) inDavid Kalnischkies
apt-pkg/deb/debsrcrecords.cc as source format v3 uses this name scheme for their "diff" files.
2009-06-30merged r1811..1815 from lp:~donkult/apt/experimentalMichael Vogt
2007-07-28* Applied patch from Guillem Jover <guillem.jover@nokia.com> to addOtavio Salvador
support to add lzma support (closes: #408201)
2007-06-08* Removed the more leftover #pragma interface/implementationMichael Vogt
closes: #306937 (thanks to Andreas Henriksson for the patch)
2007-06-08* remove all the remaining #pragma implementationMichael Vogt
2006-12-01* apt-pkg/deb/debsrcrecords.{cc,h}:Michael Vogt
- cast correct
2006-12-01* apt-pkg/deb/debsrcrecords.cc:Michael Vogt
- fix off-by-one problem
2006-11-30* apt-pkg/deb/debsrcrecords.{cc,h}:Michael Vogt
- make the buffer dynmaic
2004-09-20* Implement an ugly workaround for the 10000-character ...Arch Librarian
Author: mdz Date: 2004-03-17 05:58:54 GMT * Implement an ugly workaround for the 10000-character limit on the Binaries field in debSrcRecordParser, until such time as some things can be converted over to use STL data types (ABI change) (Closes: #236688) * Increase default tagfile buffer from 32k to 128k; this arbitrary limit should also be removed someday (Closes: #174945)
2004-09-20Add --arch-only option for apt-get build-dep only only ...Arch Librarian
Author: tausq Date: 2001-11-04 17:09:18 GMT Add --arch-only option for apt-get build-dep only only process arch-dependent build-dependencies. Small change to srcrecord class; bumped minor so number to 3.3
2004-09-20Join with aliencodeArch Librarian
Author: jgg Date: 2001-02-20 07:03:16 GMT Join with aliencode
2004-09-20working apt-get sourceArch Librarian
Author: jgg Date: 1999-04-07 05:30:17 GMT working apt-get source
2004-09-20Source record file list parsingArch Librarian
Author: jgg Date: 1999-04-04 08:07:39 GMT Source record file list parsing
2004-09-20Source record parsingArch Librarian
Author: jgg Date: 1999-04-04 01:17:29 GMT Source record parsing