From 809aa216c630f1cc61b0c3b9d992d4a3be14be3c Mon Sep 17 00:00:00 2001
From: Julian Andres Klode <jak@debian.org>
Date: Wed, 12 Aug 2015 20:44:40 +0200
Subject: policy: Be more strict about parsing pin files, and document prio 0

Treat invalid pin priorities and overflows as an error.

Closes: #429912
---
 apt-pkg/policy.cc         | 13 ++++++++++---
 apt-pkg/tagfile.cc        |  9 ++++++++-
 doc/apt_preferences.5.xml |  4 ++++
 3 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/apt-pkg/policy.cc b/apt-pkg/policy.cc
index bf6ec0ff7..76c36b71b 100644
--- a/apt-pkg/policy.cc
+++ b/apt-pkg/policy.cc
@@ -478,11 +478,18 @@ bool ReadPinFile(pkgPolicy &Plcy,string File)
       }
       for (; Word != End && isspace(*Word) != 0; Word++);
 
-      short int priority = Tags.FindI("Pin-Priority", 0);
+      int priority = Tags.FindI("Pin-Priority", 0);
+      if (priority < std::numeric_limits<short>::min() ||
+          priority > std::numeric_limits<short>::max() ||
+	  _error->PendingError()) {
+	 return _error->Error(_("%s: Value %s is outside the range of valid pin priorities (%d to %d)"),
+			      File.c_str(), Tags.FindS("Pin-Priority").c_str(),
+			      std::numeric_limits<short>::min(),
+			      std::numeric_limits<short>::max());
+      }
       if (priority == 0)
       {
-         _error->Warning(_("No priority (or zero) specified for pin"));
-         continue;
+         return _error->Error(_("No priority (or zero) specified for pin"));
       }
 
       istringstream s(Name);
diff --git a/apt-pkg/tagfile.cc b/apt-pkg/tagfile.cc
index 253b1b7a3..8acecd735 100644
--- a/apt-pkg/tagfile.cc
+++ b/apt-pkg/tagfile.cc
@@ -533,9 +533,16 @@ signed int pkgTagSection::FindI(const char *Tag,signed long Default) const
       return Default;
    strncpy(S,Start,Stop-Start);
    S[Stop - Start] = 0;
-   
+
+   errno = 0;
    char *End;
    signed long Result = strtol(S,&End,10);
+   if (errno == ERANGE)
+      _error->Errno("strtol", _("Cannot convert %s to integer"), S);
+   if (Result < std::numeric_limits<int>::min() || Result > std::numeric_limits<int>::max()) {
+      errno = ERANGE;
+      _error->Errno("", _("Cannot convert %s to integer"), S);
+   }
    if (S == End)
       return Default;
    return Result;
diff --git a/doc/apt_preferences.5.xml b/doc/apt_preferences.5.xml
index 16e6a7aa0..5703203b0 100644
--- a/doc/apt_preferences.5.xml
+++ b/doc/apt_preferences.5.xml
@@ -339,6 +339,10 @@ only if there is no installed version of the package</simpara></listitem>
 <term>P &lt; 0</term>
 <listitem><simpara>prevents the version from being installed</simpara></listitem>
 </varlistentry>
+<varlistentry>
+<term>P = 0</term>
+<listitem><simpara>has undefined behaviour, do not use it.</simpara></listitem>
+</varlistentry>
 </variablelist>
 </para>
 
-- 
cgit v1.2.3