From 5985c230c8ac85fe2b2eb504b798377843bdc7cd Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Fri, 20 Sep 2013 13:34:22 +0200 Subject: do not trust FileFd::Eof() in pkgTagFile::Fill() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The Eof check was added (by me of course) in 0aae6d14390193e25ab6d0fd49295bd7b131954f as part of a fix up ~a month ago (at DebConf). The idea was not that bad, but doesn't make that much sense either as this bit is set by the FileFd based on Actual as well, so this is basically doing the same check again – with the difference that the HitEof bit can still linger from a previous Read we did at the end of the file, but have seek'd away from it now. Combined with the length of entries, entry order and other not that easily controllable conditions you can be 'lucky' enough to hit this problem in a way which even visible (truncating of other fields might not be visible easily, like 'Tags' and others). Closes: 723705 Thanks: Cyril Brulebois --- apt-pkg/tagfile.cc | 2 +- .../Packages-bug-723705-tagfile-truncates-fields | 167 +++++++++++++++++++++ .../status-bug-723705-tagfile-truncates-fields | 62 ++++++++ .../test-bug-723705-tagfile-truncates-fields | 33 ++++ 4 files changed, 263 insertions(+), 1 deletion(-) create mode 100644 test/integration/Packages-bug-723705-tagfile-truncates-fields create mode 100644 test/integration/status-bug-723705-tagfile-truncates-fields create mode 100755 test/integration/test-bug-723705-tagfile-truncates-fields diff --git a/apt-pkg/tagfile.cc b/apt-pkg/tagfile.cc index b91e868e2..e0802e3d5 100644 --- a/apt-pkg/tagfile.cc +++ b/apt-pkg/tagfile.cc @@ -164,7 +164,7 @@ bool pkgTagFile::Fill() unsigned long long const dataSize = d->Size - ((d->End - d->Buffer) + 1); if (d->Fd.Read(d->End, dataSize, &Actual) == false) return false; - if (Actual != dataSize || d->Fd.Eof() == true) + if (Actual != dataSize) d->Done = true; d->End += Actual; } diff --git a/test/integration/Packages-bug-723705-tagfile-truncates-fields b/test/integration/Packages-bug-723705-tagfile-truncates-fields new file mode 100644 index 000000000..c42b85072 --- /dev/null +++ b/test/integration/Packages-bug-723705-tagfile-truncates-fields @@ -0,0 +1,167 @@ +Package: cdebconf-gtk-udeb +Source: cdebconf +Version: 0.185 +Installed-Size: 92 +Maintainer: Debian Install System Team +Architecture: amd64 +Description: Gtk+ frontend for Debian Configuration Management System +Description-md5: 75d036e0a245499123544e2254b92e9c +Section: debian-installer +Priority: optional +Filename: pool/main/c/cdebconf/cdebconf-gtk-udeb_0.185_amd64.udeb +Size: 27278 +MD5sum: a1bbbc1d4fb8e0615b5621abac021924 +SHA1: b1a7ab55a90f61e5337847d02ff1d12d73559def +SHA256: cd79f3205304a7932b3309c4df9898c9a53929bc651912659858e087ebe1c18a + +Package: cdebconf-newt-udeb +Source: cdebconf +Version: 0.185 +Installed-Size: 58 +Maintainer: Debian Install System Team +Architecture: amd64 +Description: Newt frontend for Debian Configuration Management System +Description-md5: e080be5e38cb8c57bca2f3effe9ee030 +Section: debian-installer +Priority: optional +Filename: pool/main/c/cdebconf/cdebconf-newt-udeb_0.185_amd64.udeb +Size: 19192 +MD5sum: de27807f56dae2f2403b3322d5fe6bd2 +SHA1: 57883e223d46a9f25966f9b986e6a3bc2f67d8ef +SHA256: 5f8b9c3a5430f2ec879484a7736582b152d76cc8ba9bc19328268f3635759a1b + +Package: cdebconf-udeb +Source: cdebconf +Version: 0.185 +Installed-Size: 245 +Maintainer: Debian Install System Team +Architecture: amd64 +Provides: debconf-2.0 +Description: Debian Configuration Management System (C-implementation) +Description-md5: 9f3579e9d9f86ac89e667a8707d3cbd3 +Section: debian-installer +Priority: standard +Filename: pool/main/c/cdebconf/cdebconf-udeb_0.185_amd64.udeb +Size: 77376 +MD5sum: e3883706fdbf54c2e5ea959c92b2d37f +SHA1: 0232f1bdf1531db628516ed3a46a27466b267fdc +SHA256: 96345575417a3e4df8a2cadaa55784ec8f6c042defb1e2fc002d941b6116ceab + +Package: cdebconf-gtk-terminal +Source: cdebconf-terminal +Version: 0.22 +Installed-Size: 64 +Maintainer: Debian Install System Team +Architecture: amd64 +Provides: cdebconf-terminal +Depends: cdebconf-gtk-udeb, libc6-udeb (>= 2.17), libglib2.0-udeb (>= 2.36.4), libgtk2.0-0-udeb (>= 2.24.0), libvte9-udeb (>= 1:0.28.0), cdebconf-udeb, cdebconf-gtk-terminal, cdebconf-gtk-terminal, cdebconf-gtk-terminal, cdebconf-gtk-terminal, cdebconf-gtk-terminal, cdebconf-gtk-terminal, cdebconf-gtk-terminal +Description: cdebconf gtk plugin displaying a terminal +Description-md5: 18c4446758aec003eb8cd0a43419f1aa +Section: debian-installer +Priority: extra +Filename: pool/main/c/cdebconf-terminal/cdebconf-gtk-terminal_0.22_amd64.udeb +Size: 14734 +MD5sum: f9c3a7354560cb88e0396e2b7ba54363 +SHA1: 9c1c93328e758bfd9de2752466b271aaf38c8177 +SHA256: ca749853fc3b93db1d08ccdc6b46de27633de52bc5b880fa65275897ebcaaf69 + +Package: cdebconf-newt-terminal +Source: cdebconf-terminal +Version: 0.22 +Installed-Size: 43 +Maintainer: Debian Install System Team +Architecture: amd64 +Provides: cdebconf-terminal +Depends: cdebconf-newt-udeb (>= 0.146), libc6-udeb (>= 2.17), libnewt0.52 +Description: cdebconf newt plugin to provide a clean terminal +Description-md5: 4109a053022081b573d864d84d6eb16d +Section: debian-installer +Priority: extra +Filename: pool/main/c/cdebconf-terminal/cdebconf-newt-terminal_0.22_amd64.udeb +Size: 4538 +MD5sum: 20db6152fce5081fcbf49c7c08f21246 +SHA1: fa2a40f777a2f48b9634866bc780fb059e60b2fe +SHA256: c4d99ef27285f0c9090005313165627e56e0972e687af7e68c2b1d1538e2ae09 + +Package: libc6-udeb +Source: eglibc (2.17-92) +Version: 2.17-92+b1 +Installed-Size: 3126 +Maintainer: GNU Libc Maintainers +Architecture: amd64 +Provides: glibc-2.17-1, libc-udeb, libc6 +Description: Embedded GNU C Library: Shared libraries - udeb +Description-md5: 9552ce73b7b3fb466e3d89fe8db9a563 +Section: debian-installer +Priority: extra +Filename: pool/main/e/eglibc/libc6-udeb_2.17-92+b1_amd64.udeb +Size: 1056000 +MD5sum: 7fd7032eeeecf7f76eff79a0543fbd72 +SHA1: 724b6a81b8fbc9d4d2bb43d656c08de73f7ada25 +SHA256: 137d4c001bbfde8161315c36e6cb8653ae2c50a8d6b6d2d27396c492d91a1723 + +Package: libglib2.0-udeb +Source: glib2.0 +Version: 2.36.4-1 +Installed-Size: 10070 +Maintainer: Debian GNOME Maintainers +Architecture: amd64 +Description: GLib library of C routines - minimal runtime +Description-md5: 0244040042870a89aa49f037cce3f1e9 +Section: debian-installer +Priority: optional +Filename: pool/main/g/glib2.0/libglib2.0-udeb_2.36.4-1_amd64.udeb +Size: 1714604 +MD5sum: 72da029f1bbb36057d874f1f82a5d00a +SHA1: 32bce78a052ef19a620f43ecbe12404fa570c0f1 +SHA256: 8edbc7cb872c0a82705913563f93f9eec5750881e4378c5a48770cde840cd6eb + +Package: libgtk2.0-0-udeb +Source: gtk+2.0 +Version: 2.24.20-1 +Installed-Size: 5035 +Maintainer: Debian GNOME Maintainers +Architecture: amd64 +Provides: gtk2.0-binver-2.10.0 +Description: GTK+ graphical user interface library - minimal runtime +Description-md5: 32e5112b80c02578837cff4f65dfec84 +Section: debian-installer +Priority: extra +Filename: pool/main/g/gtk+2.0/libgtk2.0-0-udeb_2.24.20-1_amd64.udeb +Size: 1643046 +MD5sum: 25513478eb2e02e5766c0eea0b411ca9 +SHA1: 9274f05bfa930a3406403441ce061bade04e2064 +SHA256: d5f611f48928ae02f759105cf8cff467cde1cb44df56ad31067168b46a80f8bc + +Package: libvte9-udeb +Source: vte +Version: 1:0.28.2-5 +Installed-Size: 628 +Maintainer: Debian GNOME Maintainers +Architecture: amd64 +Description: Terminal emulator widget for GTK+ 2.0 - minimal runtime +Description-md5: e7993385c30bae6e96c8cb87795a513c +Section: debian-installer +Priority: extra +Filename: pool/main/v/vte/libvte9-udeb_0.28.2-5_amd64.udeb +Size: 216968 +MD5sum: 7da7201effaf5ced19abd9d0b45aa2c6 +SHA1: a424cf779e7614d79740c422b6342de04fed3646 +SHA256: 4963033cbda5a8ba7eb8ebf1debae34463b8e63b821259860cfb51c1ab99562d + +Package: zlib1g-udeb +Source: zlib +Version: 1:1.2.8.dfsg-1 +Installed-Size: 115 +Maintainer: Mark Brown +Architecture: amd64 +Description: compression library - runtime for Debian installer +Description-md5: 9cab974e3eab657c53bc17611b894c7a +Section: debian-installer +Priority: optional +Filename: pool/main/z/zlib/zlib1g-udeb_1.2.8.dfsg-1_amd64.udeb +Size: 45270 +MD5sum: c02884420f79a3ae4569cf67782f3e74 +SHA1: 7cd1a7c8be4e086de733a0ce76f87d42b8b2173b +SHA256: 61641ee2b5e185232108333438b72bec71ef549fe0e0df1b2b3afa37174e53a7 + diff --git a/test/integration/status-bug-723705-tagfile-truncates-fields b/test/integration/status-bug-723705-tagfile-truncates-fields new file mode 100644 index 000000000..fe18506c8 --- /dev/null +++ b/test/integration/status-bug-723705-tagfile-truncates-fields @@ -0,0 +1,62 @@ +Package: libc6 +Status: install ok installed +Priority: required +Section: libs +Installed-Size: 10164 +Maintainer: GNU Libc Maintainers +Architecture: amd64 +Multi-Arch: same +Source: eglibc (2.17-92) +Version: 2.17-92+b1 +Replaces: libc6-amd64 +Provides: glibc-2.17-1 +Suggests: glibc-doc, debconf | debconf-2.0, locales +Breaks: locales (<< 2.17), locales-all (<< 2.17), lsb-core (<= 3.2-27), nscd (<< 2.17) +Conflicts: prelink (<= 0.0.20090311-1), tzdata (<< 2007k-1), tzdata-etch +Conffiles: + /etc/ld.so.conf.d/x86_64-linux-gnu.conf 593ad12389ab2b6f952e7ede67b8fbbf +Description: Embedded GNU C Library: Shared libraries + Contains the standard libraries that are used by nearly all programs on + the system. This package includes shared versions of the standard C library + and the standard math library, as well as many others. +Homepage: http://www.eglibc.org + +Package: libnewt0.52 +Status: install ok installed +Priority: important +Section: libs +Installed-Size: 820 +Maintainer: Alastair McKinstry +Architecture: amd64 +Multi-Arch: same +Source: newt +Version: 0.52.15-3 +Recommends: libfribidi0 +Conffiles: + /etc/newt/palette.original d41d8cd98f00b204e9800998ecf8427e +Description: Not Erik's Windowing Toolkit - text mode windowing with slang + Newt is a windowing toolkit for text mode built from the slang library. + It allows color text mode applications to easily use stackable windows, + push buttons, check boxes, radio buttons, lists, entry fields, labels, + and displayable text. Scrollbars are supported, and forms may be nested + to provide extra functionality. This package contains the shared library + for programs that have been built with newt. +Homepage: https://fedorahosted.org/newt/ + +Package: libgcc1 +Status: install ok installed +Priority: required +Section: libs +Installed-Size: 128 +Maintainer: Debian GCC Maintainers +Architecture: amd64 +Multi-Arch: same +Source: gcc-4.8 (4.8.1-10) +Version: 1:4.8.1-10 +Breaks: gcc-4.1, gcc-4.3 (<< 4.3.6-1), gcc-4.4 (<< 4.4.6-4), gcc-4.5 (<< 4.5.3-2) +Description: GCC support library + Shared version of the support library, a library of internal subroutines + that GCC uses to overcome shortcomings of particular machines, or + special needs for some languages. +Homepage: http://gcc.gnu.org/ + diff --git a/test/integration/test-bug-723705-tagfile-truncates-fields b/test/integration/test-bug-723705-tagfile-truncates-fields new file mode 100755 index 000000000..3180e7fc9 --- /dev/null +++ b/test/integration/test-bug-723705-tagfile-truncates-fields @@ -0,0 +1,33 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework +setupenvironment +configarchitecture 'amd64' + +setupaptarchive + +aptget install --print-uris -y cdebconf-newt-terminal cdebconf-gtk-terminal 2>&1 | sed 's#file:///tmp/tmp.[^/]\+#file:///tmp#g' > filename.log + +testfileequal filename.log "Reading package lists... +Building dependency tree... +The following extra packages will be installed: + cdebconf-gtk-udeb cdebconf-newt-udeb cdebconf-udeb libc6-udeb + libglib2.0-udeb libgtk2.0-0-udeb libvte9-udeb +The following NEW packages will be installed: + cdebconf-gtk-terminal cdebconf-gtk-udeb cdebconf-newt-terminal + cdebconf-newt-udeb cdebconf-udeb libc6-udeb libglib2.0-udeb libgtk2.0-0-udeb + libvte9-udeb +0 upgraded, 9 newly installed, 0 to remove and 0 not upgraded. +Need to get 0 B/4774 kB of archives. +After this operation, 19.8 MB of additional disk space will be used. +'file:///tmp/aptarchive/pool/main/c/cdebconf/cdebconf-udeb_0.185_amd64.udeb' cdebconf-udeb_0.185_amd64.udeb 77376 MD5Sum:e3883706fdbf54c2e5ea959c92b2d37f +'file:///tmp/aptarchive/pool/main/c/cdebconf/cdebconf-gtk-udeb_0.185_amd64.udeb' cdebconf-gtk-udeb_0.185_amd64.udeb 27278 MD5Sum:a1bbbc1d4fb8e0615b5621abac021924 +'file:///tmp/aptarchive/pool/main/c/cdebconf/cdebconf-newt-udeb_0.185_amd64.udeb' cdebconf-newt-udeb_0.185_amd64.udeb 19192 MD5Sum:de27807f56dae2f2403b3322d5fe6bd2 +'file:///tmp/aptarchive/pool/main/g/glib2.0/libglib2.0-udeb_2.36.4-1_amd64.udeb' libglib2.0-udeb_2.36.4-1_amd64.udeb 1714604 MD5Sum:72da029f1bbb36057d874f1f82a5d00a +'file:///tmp/aptarchive/pool/main/e/eglibc/libc6-udeb_2.17-92+b1_amd64.udeb' libc6-udeb_2.17-92+b1_amd64.udeb 1056000 MD5Sum:7fd7032eeeecf7f76eff79a0543fbd72 +'file:///tmp/aptarchive/pool/main/g/gtk+2.0/libgtk2.0-0-udeb_2.24.20-1_amd64.udeb' libgtk2.0-0-udeb_2.24.20-1_amd64.udeb 1643046 MD5Sum:25513478eb2e02e5766c0eea0b411ca9 +'file:///tmp/aptarchive/pool/main/v/vte/libvte9-udeb_0.28.2-5_amd64.udeb' libvte9-udeb_1%3a0.28.2-5_amd64.udeb 216968 MD5Sum:7da7201effaf5ced19abd9d0b45aa2c6 +'file:///tmp/aptarchive/pool/main/c/cdebconf-terminal/cdebconf-gtk-terminal_0.22_amd64.udeb' cdebconf-gtk-terminal_0.22_amd64.udeb 14734 MD5Sum:f9c3a7354560cb88e0396e2b7ba54363 +'file:///tmp/aptarchive/pool/main/c/cdebconf-terminal/cdebconf-newt-terminal_0.22_amd64.udeb' cdebconf-newt-terminal_0.22_amd64.udeb 4538 MD5Sum:20db6152fce5081fcbf49c7c08f21246" -- cgit v1.2.3