From 7335eebea6dd43581d4650a8818b06383ab89901 Mon Sep 17 00:00:00 2001 From: Angel Guzman Maeso Date: Tue, 27 Aug 2013 21:29:01 +0200 Subject: replace usage of potential dangerous mktemp with mkstemp Avoid the warning "the use of `mktemp' is dangerous, better use `mkstemp' or `mkdtemp'". It is not strictly necessary to change the usage from a security point of view here, but mktemp is also removed from the standard since POSIX.1-2008. The mkostemp call returns a file descriptor the logic for TemporaryFileName has been changed accordingly to get the same results. The file permissions are corrected by using fchmod() as the default for FileFd is 666 while mkstemp creates files with 600 by default. --- apt-pkg/contrib/fileutl.cc | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index 47a91c294..3eeef58cf 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -946,9 +946,6 @@ bool FileFd::Open(string FileName,unsigned int const Mode,APT::Configuration::Co if ((Mode & Atomic) == Atomic) { Flags |= Replace; - char *name = strdup((FileName + ".XXXXXX").c_str()); - TemporaryFileName = string(mktemp(name)); - free(name); } else if ((Mode & (Exclusive | Create)) == (Exclusive | Create)) { @@ -974,8 +971,25 @@ bool FileFd::Open(string FileName,unsigned int const Mode,APT::Configuration::Co else if_FLAGGED_SET(Atomic, O_EXCL); #undef if_FLAGGED_SET - if (TemporaryFileName.empty() == false) - iFd = open(TemporaryFileName.c_str(), fileflags, Perms); + if ((Mode & Atomic) == Atomic) + { + char *name = strdup((FileName + ".XXXXXX").c_str()); + + if((iFd = mkostemp(name, fileflags)) == -1) + { + free(name); + return FileFdErrno("mkostemp", "Could not create temporary file for %s", FileName.c_str()); + } + + TemporaryFileName = string(name); + + if(fchmod(iFd, Perms) == -1) + { + free(name); + return FileFdErrno("fchmod", "Could not assign permissions to temporary file %s with error %s", FileName.c_str(), strerror(errno)); + } + free(name); + } else iFd = open(FileName.c_str(), fileflags, Perms); -- cgit v1.2.3 From dc545c0bcd252bca491d0c669adddb5d62390a15 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Tue, 27 Aug 2013 21:50:22 +0200 Subject: use mkstemp instead of mkostemp in FileFd::Open() FileFd currently supports no fileflags which would make sense to provide via mkostemp, so we can just use mkstemp here which is a standard function compared to glib extension mkostemp. O_CREAT (Create) and O_TRUNC (Empty) are implied by O_EXCL, which is the mode mkstemp uses by default. The file description is opened ReadWrite, but that used to be the default for FileFd in the old times and not a problem as the difference is needed by FileFd to decide in which way the compressor pipeline needs to be created (if any). Git-Dch: Ignore --- apt-pkg/contrib/fileutl.cc | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index 3eeef58cf..4806ae3f9 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -968,27 +968,23 @@ bool FileFd::Open(string FileName,unsigned int const Mode,APT::Configuration::Co if_FLAGGED_SET(Create, O_CREAT); if_FLAGGED_SET(Empty, O_TRUNC); if_FLAGGED_SET(Exclusive, O_EXCL); - else if_FLAGGED_SET(Atomic, O_EXCL); #undef if_FLAGGED_SET if ((Mode & Atomic) == Atomic) { char *name = strdup((FileName + ".XXXXXX").c_str()); - if((iFd = mkostemp(name, fileflags)) == -1) + if((iFd = mkstemp(name)) == -1) { free(name); return FileFdErrno("mkostemp", "Could not create temporary file for %s", FileName.c_str()); } TemporaryFileName = string(name); - - if(fchmod(iFd, Perms) == -1) - { - free(name); - return FileFdErrno("fchmod", "Could not assign permissions to temporary file %s with error %s", FileName.c_str(), strerror(errno)); - } free(name); + + if(Perms != 600 && fchmod(iFd, Perms) == -1) + return FileFdErrno("fchmod", "Could not change permissions for temporary file %s", TemporaryFileName.c_str()); } else iFd = open(FileName.c_str(), fileflags, Perms); -- cgit v1.2.3 From feae193b0c01181226522a5a2477e696876593d4 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Tue, 27 Aug 2013 23:14:49 +0200 Subject: old-style dpkg foreign architecture adding for tests Looks like the travis service runs on Ubuntu in a version which has dpkg with an earlier interface implementation, so lets try if we can't make the framework work with this dpkg version as well. Git-Dch: Ignore --- test/integration/framework | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/test/integration/framework b/test/integration/framework index 54d35fef8..cad28af84 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -240,7 +240,13 @@ configdpkg() { if echo "$ARCHS" | grep -E -q '[^ ]+ [^ ]+'; then DPKGARCH="$(dpkg --print-architecture)" for ARCH in ${ARCHS}; do - if [ "${ARCH}" != "${DPKGARCH}" ]; then dpkg --add-architecture ${ARCH}; fi + if [ "${ARCH}" != "${DPKGARCH}" ]; then + if ! dpkg --add-architecture ${ARCH}; then + # old-style used e.g. in Ubuntu-P – and as it seems travis + echo "DPKG::options:: \"--foreign-architecture\";" >> aptconfig.conf + echo "DPKG::options:: \"${ARCH}\";" >> aptconfig.conf + fi + fi done if [ "0" = "$(dpkg -l dpkg 2> /dev/null | grep '^i' | wc -l)" ]; then # dpkg doesn't really check the version as long as it is fully installed, -- cgit v1.2.3 From 276e51dd701590d187ca2999722329518af96121 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Wed, 28 Aug 2013 00:24:32 +0200 Subject: configurable compression for testcases Compressing files in 4 different styles eats test-time for no practical gain if we don't test them explicitly, so default to just building 'gz' compressed files as it is the simplest compression algorithm supported Git-Dch: Ignore --- test/integration/framework | 48 ++++++++++++++++++++------ test/integration/test-apt-cdrom | 5 +-- test/integration/test-hashsum-verification | 4 +-- test/integration/test-pdiff-usage | 4 +-- test/integration/test-releasefile-verification | 4 +-- 5 files changed, 41 insertions(+), 24 deletions(-) diff --git a/test/integration/framework b/test/integration/framework index cad28af84..4003d932c 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -194,6 +194,7 @@ setupenvironment() { echo 'quiet::NoUpdate "true";' >> aptconfig.conf export LC_ALL=C export PATH="${PATH}:/usr/local/sbin:/usr/sbin:/sbin" + configcompression '.' 'gz' #'bz2' 'lzma' 'xz' msgdone "info" } @@ -257,6 +258,20 @@ configdpkg() { fi } +configcompression() { + while [ -n "$1" ]; do + case "$1" in + '.') echo ".\t.\tcat";; + 'gz') echo "gzip\tgz\tgzip";; + 'bz2') echo "bzip2\tbz2\tbzip2";; + 'lzma') echo "lzma\tlzma\txz --format=lzma";; + 'xz') echo "xz\txz\txz";; + *) echo "$1\t$1\t$1";; + esac + shift + done > ${TMPWORKINGDIRECTORY}/rootdir/etc/testcase-compressor.conf +} + setupsimplenativepackage() { local NAME="$1" local ARCH="$2" @@ -427,6 +442,8 @@ buildaptarchive() { } createaptftparchiveconfig() { + local COMPRESSORS="$(cut -d' ' -f 1 ${TMPWORKINGDIRECTORY}/rootdir/etc/testcase-compressor.conf | tr '\n' ' ')" + COMPRESSORS="${COMPRESSORS%* }" local ARCHS="$(find pool/ -name '*.deb' | grep -oE '_[a-z0-9-]+\.deb$' | sort | uniq | sed -e '/^_all.deb$/ d' -e 's#^_\([a-z0-9-]*\)\.deb$#\1#' | tr '\n' ' ')" if [ -z "$ARCHS" ]; then # the pool is empty, so we will operate on faked packages - let us use the configured archs @@ -444,10 +461,10 @@ createaptftparchiveconfig() { echo -n '"; }; Default { - Packages::Compress ". gzip bzip2 lzma xz"; - Sources::Compress ". gzip bzip2 lzma xz"; - Contents::Compress ". gzip bzip2 lzma xz"; - Translation::Compress ". gzip bzip2 lzma xz"; + Packages::Compress "'"$COMPRESSORS"'"; + Sources::Compress "'"$COMPRESSORS"'"; + Contents::Compress "'"$COMPRESSORS"'"; + Translation::Compress "'"$COMPRESSORS"'"; LongDescription "false"; }; TreeDefault { @@ -617,18 +634,27 @@ buildaptarchivefromfiles() { msginfo "Build APT archive for ${CCMD}$(basename $0)${CINFO} based on prebuild files…" find aptarchive -name 'Packages' -o -name 'Sources' | while read line; do msgninfo "\t${line} file… " - cat ${line} | gzip > ${line}.gz - cat ${line} | bzip2 > ${line}.bz2 - cat ${line} | xz --format=lzma > ${line}.lzma - cat ${line} | xz > ${line}.xz - if [ -n "$1" ]; then - touch -d "$1" ${line}.gz ${line}.bz2 ${line}.lzma ${line}.xz - fi + compressfile "$line" "$1" msgdone "info" done generatereleasefiles "$@" } +compressfile() { + cat ${TMPWORKINGDIRECTORY}/rootdir/etc/testcase-compressor.conf | while read compressor extension command; do + if [ "$compressor" = '.' ]; then + if [ -n "$2" ]; then + touch -d "$2" "$1" + fi + continue + fi + cat "$1" | $command > "${1}.${extension}" + if [ -n "$2" ]; then + touch -d "$2" "${1}.${extension}" + fi + done +} + # can be overridden by testcases for their pleasure getcodenamefromsuite() { echo -n "$1"; } getreleaseversionfromsuite() { true; } diff --git a/test/integration/test-apt-cdrom b/test/integration/test-apt-cdrom index 85c3a2fee..cc3483f9b 100755 --- a/test/integration/test-apt-cdrom +++ b/test/integration/test-apt-cdrom @@ -18,10 +18,7 @@ echo 'Description-de: automatisch generiertes Testpaket testing=0.8.15/stable Diese Pakete sind nur für das testen von APT gedacht, sie erfüllen keinen Zweck auf einem normalen System… ' >> Translation-de -cat Translation-de | gzip > Translation-de.gz -cat Translation-de | bzip2 > Translation-de.bz2 -cat Translation-de | xz --format=lzma > Translation-de.lzma -cat Translation-de | xz > Translation-de.xz +compressfile Translation-de rm Translation-en Translation-de cd - > /dev/null addtrap 'prefix' "chmod -R +w $PWD/rootdir/media/cdrom/dists/;" diff --git a/test/integration/test-hashsum-verification b/test/integration/test-hashsum-verification index 99ea8bffa..e77efb46e 100755 --- a/test/integration/test-hashsum-verification +++ b/test/integration/test-hashsum-verification @@ -21,9 +21,7 @@ prepare() { done cp $1 aptarchive/Packages find aptarchive -name 'Release' -delete - cat aptarchive/Packages | gzip > aptarchive/Packages.gz - cat aptarchive/Packages | bzip2 > aptarchive/Packages.bz2 - cat aptarchive/Packages | xz --format=lzma > aptarchive/Packages.lzma + compressfile aptarchive/Packages # create Release file with incorret checksums cat > aptarchive/Release < aptarchive/Packages.gz -cat aptarchive/Packages | bzip2 > aptarchive/Packages.bz2 -cat aptarchive/Packages | xz --format=lzma > aptarchive/Packages.lzma +compressfile 'aptarchive/Packages' rm -rf aptarchive/Packages.diff mkdir -p aptarchive/Packages.diff PATCHFILE="aptarchive/Packages.diff/$(date +%Y-%m-%d-%H%M.%S)" diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification index daba3919b..a9f4b9775 100755 --- a/test/integration/test-releasefile-verification +++ b/test/integration/test-releasefile-verification @@ -22,9 +22,7 @@ prepare() { aptget clean cp $1 aptarchive/Packages find aptarchive -name 'Release' -delete - cat aptarchive/Packages | gzip > aptarchive/Packages.gz - cat aptarchive/Packages | bzip2 > aptarchive/Packages.bz2 - cat aptarchive/Packages | xz --format=lzma > aptarchive/Packages.lzma + compressfile 'aptarchive/Packages' generatereleasefiles "$DATE" } -- cgit v1.2.3