From 85ee4036c68d8ecd2c973d413a17aca81380900b Mon Sep 17 00:00:00 2001 From: Julian Andres Klode Date: Fri, 10 Feb 2017 22:39:00 +0100 Subject: Do not package names representing .dsc/.deb/... files In the case of build-dep and other commands where a file can be passed we must make sure not to normalize the path name as that can have odd side effects, or well, cause the operation to do nothing. Test for build-dep-file is adjusted to perform the vcard check once as "vcard" and once as "VCard", thus testing that this solves the reported bug. We inline the std::transform() and optimize it a bit to not write anything in the common case (package names are defined to be lowercase, the whole transformation is just for names that should not exist...) to counter the performance hit of the added find() call (it's about 0.15% more instructions than with the existing transform, but we save about 0.67% in writes...). Closes: #854794 --- apt-pkg/deb/deblistparser.cc | 15 +++++++++++++-- test/integration/test-apt-get-build-dep-file | 19 ++++++++++++------- 2 files changed, 25 insertions(+), 9 deletions(-) diff --git a/apt-pkg/deb/deblistparser.cc b/apt-pkg/deb/deblistparser.cc index cf0a9a402..4e61f0fc2 100644 --- a/apt-pkg/deb/deblistparser.cc +++ b/apt-pkg/deb/deblistparser.cc @@ -72,8 +72,19 @@ string debListParser::Package() { string Result = Section.Find(pkgTagSection::Key::Package).to_string(); // Normalize mixed case package names to lower case, like dpkg does - // See Bug#807012 for details - std::transform(Result.begin(), Result.end(), Result.begin(), tolower_ascii); + // See Bug#807012 for details. + // Only do this when the package name does not contain a / - as that + // indicates that the package name was derived from a filename given + // to install or build-dep or similar (Bug#854794) + if (likely(Result.find('/') == string::npos)) + { + for (char &c: Result) + { + char l = tolower_ascii_inline(c); + if (unlikely(l != c)) + c = l; + } + } if(unlikely(Result.empty() == true)) _error->Error("Encountered a section with no Package: header"); diff --git a/test/integration/test-apt-get-build-dep-file b/test/integration/test-apt-get-build-dep-file index ed850fa40..07de8bb30 100755 --- a/test/integration/test-apt-get-build-dep-file +++ b/test/integration/test-apt-get-build-dep-file @@ -39,7 +39,8 @@ Files: EOF test2vcardbuilddep() { - testsuccessequal "Note, using file './2vcard_0.5-3.dsc' to get the build dependencies + local name="$1" + testsuccessequal "Note, using file './$name' to get the build dependencies Reading package lists... Building dependency tree... The following packages will be REMOVED: @@ -51,14 +52,16 @@ Remv build-conflict [1] Inst build-essential (1 stable [i386]) Inst debhelper (7 stable [i386]) Conf build-essential (1 stable [i386]) -Conf debhelper (7 stable [i386])" aptget build-dep -s ./2vcard_0.5-3.dsc -testfailure aptget build-dep --simulate 2vcard_0.5-3.dsc +Conf debhelper (7 stable [i386])" aptget build-dep -s ./$name +testfailure aptget build-dep --simulate $name cd downloaded -testsuccess aptget build-dep --simulate ../2vcard_0.5-3.dsc -testsuccess aptget build-dep --simulate "$(readlink -f ../2vcard_0.5-3.dsc)" +testsuccess aptget build-dep --simulate ../$name +testsuccess aptget build-dep --simulate "$(readlink -f ../$name)" cd .. } -test2vcardbuilddep +test2vcardbuilddep "2vcard_0.5-3.dsc" +cp "2vcard_0.5-3.dsc" "2VCard_0.5-3.dsc" +test2vcardbuilddep "2VCard_0.5-3.dsc" msgmsg 'Test with' 'signed dsc' cat > 2vcard_0.5-3.dsc <