summaryrefslogtreecommitdiff
path: root/apt-pkg
AgeCommit message (Collapse)Author
2019-04-12Don't access invalid string indexesSam Bingner
2019-04-10Merge tag '1.4.9'Sam Bingner
apt Debian release 1.4.9
2019-01-22Workaround for shell scriptsSam Bingner
2019-01-22Remove RunCmdSam Bingner
2019-01-18SECURITY UPDATE: content injection in http method (CVE-2019-3462)Julian Andres Klode
This fixes a security issue that can be exploited to inject arbritrary debs or other files into a signed repository as followed: (1) Server sends a redirect to somewhere%0a<headers for the apt method> (where %0a is \n encoded) (2) apt method decodes the redirect (because the method encodes the URLs before sending them out), writting something like somewhere\n <headers> into its output (3) apt then uses the headers injected for validation purposes. Regression-Of: c34ea12ad509cb34c954ed574a301c3cbede55ec LP: #1812353
2018-12-26Merge bingner.com:apt1.4.8+iPhone-1Sam Bingner
2018-12-26Merge nitotv apt fixes into 1.4.81.4.8+nitotvSam Bingner
2018-09-30Use access instead of faccessat for iOS5 compatibilitySam Bingner
2018-09-28Remove errors that we don't needSam Bingner
2018-02-07Lets get those sizes rightJaywalker
2018-02-07Reverting to kb's gpgv version for nowJaywalker
2018-02-07Fixed last few errors. APT is strict...Jaywalker
2018-02-07Missed a semicolonJaywalker
2018-02-06Fixed system() using coolstar's patch and added other required patchesJaywalker
2018-02-06Added seemingly missing filesJaywalker
2018-02-06Build system changesJaywalker
2017-09-13Fix translator comment location for legacy target warningJulian Andres Klode
In commit Do not warn about duplicate "legacy" targets, we we added an if, that changed the .po files... (cherry picked from commit e9db5ba7c7631d51359967afb1d563da7637be11) Gbp-Dch: ignore
2017-09-13Do not warn about duplicate "legacy" targetsJulian Andres Klode
If a source has a legacy Contents file, and two lines mention the same archive but different components, a warning would be issued that is confusing. So, as the field is named Contents-deb-legacy, let's just not print warnings for fields containing "legacy". LP: #1697120 Closes: #839259 (cherry picked from commit 5a747462baef6cecf6ed389c7b7492443930f7ed)
2017-09-13don't ask an uninit _system for supported archsDavid Kalnischkies
A libapt user who hasn't initialized _system likely has a reason, so we shouldn't greet back with a segfault usually deep down in the callstack for no reason. If the user had intended to pick up information from the system, _system wouldn't be uninitialized after all. LP: #1613184 SRU: 1.4.y (cherry picked from commit cba5c5a26a9bf00724f8ea647ac61b30e32734ba)
2017-05-31Fix parsing of or groups in build-deps with ignored packagesJulian Andres Klode
If the last alternative(s) of an Or group is ignored, because it does not match an architecture list, we would end up keeping the or flag, effectively making the next AND an OR. For example, when parsing (on amd64): debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386] => debhelper (>= 9), libnacl-dev | Which can cause python-apt to crash. Even worse: debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386], foobar => debhelper (>= 9), libnacl-dev [amd64] | foobar By setting the previous alternatives Or flag to the current Or flag if the current alternative is ignored, we solve the issue. LP: #1694697
2017-03-19Fix and avoid quoting in CommandLine::AsStringDavid Kalnischkies
In the intended usecase where this serves as a hack there is no problem with double/single quotes being present as we write it to a log file only, but nowadays our calling of apt-key produces a temporary config file containing this "setting" as well and suddently quoting is important as the config file syntax is allergic to it. So the fix is to ignore all quoting whatsoever in the input and just quote (with singles) the option values with spaces. That gives us 99% of the time the correct result and the 1% where the quote is an integral element of the option … doesn't exist – or has bigger problems than a log file not containing the quote. Same goes for newlines in values. LP: #1672710
2017-03-13Fix mistake in CHANGEPATH comment exampleJulian Andres Klode
It says SRCNAME_SRCVER, but the example just gives the SRCVER part. Reported-By: Nishanth Aravamudan (nacc) in #ubuntu-devel
2017-03-07Ignore \.ucf-[a-z]+$ like we do for \.dpkg-[a-z]+$Julian Andres Klode
This gets rid of warnings about .ucf-dist files Reported-By: Axel Beckert (on IRC)
2017-02-15Don't download "optional" files not in Release :/.Jay Freeman (saurik)
2017-02-11Don't use -1 fd and AT_SYMLINK_NOFOLLOW for faccessat()Julian Andres Klode
-1 is not an allowed value for the file descriptor, the only allowed non-file-descriptor value is AT_FDCWD. So use that instead. AT_SYMLINK_NOFOLLOW has a weird semantic: It checks whether we have the specified access on the symbolic link. It also is implemented only by glibc on Linux, so it's inherently non-portable. We should just drop it. Thanks: James Clarke for debugging these issues Reported-by: James Clarke <jrtc27@jrtc27.com>
2017-02-10Do not package names representing .dsc/.deb/... filesJulian Andres Klode
In the case of build-dep and other commands where a file can be passed we must make sure not to normalize the path name as that can have odd side effects, or well, cause the operation to do nothing. Test for build-dep-file is adjusted to perform the vcard check once as "vcard" and once as "VCard", thus testing that this solves the reported bug. We inline the std::transform() and optimize it a bit to not write anything in the common case (package names are defined to be lowercase, the whole transformation is just for names that should not exist...) to counter the performance hit of the added find() call (it's about 0.15% more instructions than with the existing transform, but we save about 0.67% in writes...). Closes: #854794
2017-02-09add Auto-Built-Package to tagfile-orderDavid Kalnischkies
Added in dpkg commit 6c8203440bf443d3031ee2ab8485b16c1b6da3b6
2017-02-01For ReMap to work, S has to be marked volatile :/.Jay Freeman (saurik)
2017-02-01Tags should use StoreString, not WriteStringInMap.Jay Freeman (saurik)
2017-01-31Port TagIterator to correctly support ReMap (doh).Jay Freeman (saurik)
2017-01-31Repeat after me: IMS-Hit is really "I am shit" :/.Jay Freeman (saurik)
2017-01-30It is NOT OK to just munmap memory from malloc :/.Jay Freeman (saurik)
2017-01-31algorithms: Fix typo: gental -> gentleJulian Andres Klode
Oh dear, nobody (or rather no tool) saw that yet... Gbp-Dch: ignore
2017-01-30Symlinking final file failed is a common issue :/.Jay Freeman (saurik)
2017-01-30This is realloc, not reallocf: be more careful :/.Jay Freeman (saurik)
2017-01-30Bill is consistent. Bill is correct. Be like Bill.Jay Freeman (saurik)
2017-01-30You can't just assume the start is always zero :/.Jay Freeman (saurik)
2017-01-30The length given to msync was calculated wrong :/.Jay Freeman (saurik)
2017-01-30Not /not/ immediately mapping a file is INSANE :/.Jay Freeman (saurik)
2017-01-29The entire concept of PendingError() is flawed :/.Jay Freeman (saurik)
2017-01-28Only merge acquire items with the same meta keyJulian Andres Klode
Since the introduction of by-hash, two differently named files might have the same real URL. In our case, the files icons-64x64.tar.gz and icons-128x128.tar.gz of empty tarballs. APT would try to merge them and end with weird errors because it completed the first download and enters the second stage for decompressing and verifying. After that it would queue a new item to copy the original file to the location, but that copy item would be in the wrong stage, causing it to use the hashes for the decompressed item. Closes: #838441
2017-01-27avoid malloc if option whitelist is disabled (default)David Kalnischkies
Config options are checked in various paths, so making "useless" memory allocations wastes time and can also cause problems like #852757. The unneeded malloc was added in ae73a2944a89e0d2406a2aab4a4c082e1e9da3f9. (We have no explicit malloc here – its std:string doing this internally)
2017-01-27Bug #807012 also involves package dependencies :/.Jay Freeman (saurik)
2017-01-19fix various typos reported by spellintianDavid Kalnischkies
Most of them in (old) code comments. The two instances of user visible string changes the po files of the manpages are fixed up as well. Gbp-Dch: Ignore Reported-By: spellintian
2017-01-19fix various typos reported by codespellDavid Kalnischkies
Nothing in user visible strings. Gbp-Dch: Ignore Reported-By: codespell
2017-01-19remove 'old' FAILED files in the next acquire callDavid Kalnischkies
If apt renames a file to .FAILED it leaves its namespace and is never touched again – expect since 1.1~exp4 in which "apt clean" will remove those files. The usefulness of these files rapidly degrades if you don't keep the update log itself (together with debug output in the best case) through and on 99% of all system they will be kept around forever just to collect dust over time and eat up space. With this commit an update call will remove all FAILED files of previous runs, so that the FAILED files you have on disk are always only the ones related to the last apt run stopping apt from hoarding files. Closes: 846476
2017-01-19avoid validate/delete/load race in cache generationDavid Kalnischkies
Keeping the Fd of the cache file we have validated around to later load it into the mmap ensures not only that we load the same file (which wouldn't really be a problem in practice), but that this file also still exists and wasn't deleted e.g. by a 'apt clean' call run in parallel.
2017-01-17CMake: Document that the globs are expanded during CMakeJulian Andres Klode
This will avoid people from thinking that they have to do nothing when they change the set of files. Gbp-Dch: ignore
2017-01-17CMake: Find the Perl executable, and use it to run perl scriptsJulian Andres Klode
This is somewhat more portable than just hardcoding perl or in the triehash case /usr/bin/perl in the shebang. Thanks: Guillem Jover for the hint Gbp-Dch: ignore
2017-01-17Read dpkg tables to handle architecture wildcardsJulian Andres Klode
Our implementation of wildcards was rudimentary. It worked for some common ones, but it was also broken: For example, armel matched any-armel, but should match any-arm. With this commit, we load the correct tables from dpkg. Supported are both triplets and quadruplet tables (the latter introduced in dpkg 1.18.11). There are some odd things we have to deal with in the cache filter for historical and API reasons: * The character "*" must be accepted as an alternative to any - in fact it may appear anywhere in the wildcard as we also allow fnmatch() style wildcard matching on the commandline. * The code might get passed an arch with a minus at the end, for example the cmdline "install apt:any-arm-" will first try to check if any-arm- is a valid architecture. We deal with this by rejecting any wildcard ending in a minus. * Triplets are actually implemented by extending them to faux quadruplets - by prepending a "base" component for the architecture tuple, and "any" if there is a wildcard component. Once we have constructed a wildcard, it is transformed into an fnmatch() expression for historical reasons. In the future, we should really get a tuple class and implement matching in a better, more explicit way. This does for now though - it passes all the test cases and accepts all things it should accept. Closes: #748936 Thanks: James Clarke <jrtc27@jrtc27.com> for the initial patch