From accf0ca336a82397063fb262c64a01d2a8947ca7 Mon Sep 17 00:00:00 2001 From: "Jay Freeman (saurik)" Date: Tue, 29 Nov 2016 22:01:23 -0800 Subject: arpa/nameser.h, unlike nameser.h, uses NS_ prefix. --- apt-pkg/contrib/srvrec.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'apt-pkg/contrib') diff --git a/apt-pkg/contrib/srvrec.cc b/apt-pkg/contrib/srvrec.cc index 327e59937..cafee1acf 100644 --- a/apt-pkg/contrib/srvrec.cc +++ b/apt-pkg/contrib/srvrec.cc @@ -50,7 +50,7 @@ bool GetSrvRecords(std::string host, int port, std::vector &Result) bool GetSrvRecords(std::string name, std::vector &Result) { - unsigned char answer[PACKETSZ]; + unsigned char answer[NS_PACKETSZ]; int answer_len, compressed_name_len; int answer_count; @@ -77,7 +77,7 @@ bool GetSrvRecords(std::string name, std::vector &Result) return _error->Warning("dn_skipname failed %i", compressed_name_len); // pt points to the first answer record, go over all of them now - unsigned char *pt = answer+sizeof(HEADER)+compressed_name_len+QFIXEDSZ; + unsigned char *pt = answer+sizeof(HEADER)+compressed_name_len+NS_QFIXEDSZ; while ((int)Result.size() < answer_count && pt < answer+answer_len) { u_int16_t type, klass, priority, weight, port, dlen; -- cgit v1.2.3 From d453c9a7ef236b4906b80648ae916a69ae780399 Mon Sep 17 00:00:00 2001 From: "Jay Freeman (saurik)" Date: Tue, 29 Nov 2016 22:02:18 -0800 Subject: __deprecated is already defined by sys/cdefs.h :/. --- apt-pkg/contrib/macros.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'apt-pkg/contrib') diff --git a/apt-pkg/contrib/macros.h b/apt-pkg/contrib/macros.h index bc1f523ea..7262bc18b 100644 --- a/apt-pkg/contrib/macros.h +++ b/apt-pkg/contrib/macros.h @@ -118,7 +118,7 @@ #ifndef APT_10_CLEANER_HEADERS #if APT_GCC_VERSION >= 0x0300 #define __must_check __attribute__ ((warn_unused_result)) - #define __deprecated __attribute__ ((deprecated)) + #define __deprecated __attribute__((deprecated)) #define __attrib_const __attribute__ ((__const__)) #define __like_printf(n) __attribute__((format(printf, n, n + 1))) #else -- cgit v1.2.3 From 1242b3bdaf3d3682a945f10f0e537bdb3b0599d5 Mon Sep 17 00:00:00 2001 From: "Jay Freeman (saurik)" Date: Mon, 26 Dec 2016 03:36:30 -0800 Subject: Wreck validation until we can assess ecosystem :/. --- apt-pkg/contrib/hashes.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'apt-pkg/contrib') diff --git a/apt-pkg/contrib/hashes.cc b/apt-pkg/contrib/hashes.cc index 662c2bf8b..27e617751 100644 --- a/apt-pkg/contrib/hashes.cc +++ b/apt-pkg/contrib/hashes.cc @@ -141,8 +141,8 @@ APT_PURE bool HashString::usable() const /*{{{*/ { return ( (Type != "Checksum-FileSize") && - (Type != "MD5Sum") && - (Type != "SHA1") && + //(Type != "MD5Sum") && + //(Type != "SHA1") && !IsConfigured(Type.c_str(), "Untrusted") ); } -- cgit v1.2.3 From 5ac0f77c5575dc06bfc0db383da984c96ce284b9 Mon Sep 17 00:00:00 2001 From: "Jay Freeman (saurik)" Date: Sat, 31 Dec 2016 00:43:13 -0800 Subject: It is *never* a good idea to throw away stderr :/. --- apt-pkg/contrib/fileutl.cc | 6 ------ 1 file changed, 6 deletions(-) (limited to 'apt-pkg/contrib') diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index affab956c..dd36ffa79 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -1956,12 +1956,6 @@ public: dup2(compressed_fd,STDIN_FILENO); dup2(Pipe[1],STDOUT_FILENO); } - int const nullfd = open("/dev/null", O_WRONLY); - if (nullfd != -1) - { - dup2(nullfd,STDERR_FILENO); - close(nullfd); - } SetCloseExec(STDOUT_FILENO,false); SetCloseExec(STDIN_FILENO,false); -- cgit v1.2.3 From 9fa247dc9ba2aa28ae564e96cba5b2b23bcac91b Mon Sep 17 00:00:00 2001 From: "Jay Freeman (saurik)" Date: Fri, 27 Jan 2017 02:05:40 -0800 Subject: Bug #807012 also involves package dependencies :/. --- apt-pkg/contrib/string_view.h | 12 ------------ apt-pkg/contrib/strutl.h | 21 +++++++++++++++++++++ 2 files changed, 21 insertions(+), 12 deletions(-) (limited to 'apt-pkg/contrib') diff --git a/apt-pkg/contrib/string_view.h b/apt-pkg/contrib/string_view.h index c504edd27..e0aff3dca 100644 --- a/apt-pkg/contrib/string_view.h +++ b/apt-pkg/contrib/string_view.h @@ -112,18 +112,6 @@ public: constexpr size_t length() const { return size_; } }; -/** - * \brief Faster comparison for string views (compare size before data) - * - * Still stable, but faster than the normal ordering. */ -static inline int StringViewCompareFast(StringView a, StringView b) { - if (a.size() != b.size()) - return a.size() - b.size(); - - return memcmp(a.data(), b.data(), a.size()); -} - - } inline bool operator ==(const char *other, APT::StringView that); diff --git a/apt-pkg/contrib/strutl.h b/apt-pkg/contrib/strutl.h index 918ac89c7..b58e69cbd 100644 --- a/apt-pkg/contrib/strutl.h +++ b/apt-pkg/contrib/strutl.h @@ -157,6 +157,27 @@ static inline int isspace_ascii_inline(int const c) return (c >= 9 && c <= 13) || c == ' '; } +// StringViewCompareFast - awkward attempt to optimize cache generation /*{{{*/ +#ifdef APT_PKG_EXPOSE_STRING_VIEW +/** + * \brief Faster comparison for string views (compare size before data) + * + * Still stable, but faster than the normal ordering. + * As this is used for package comparison this *MUST* be case insensitive, + * as the alternative is to lower case all dependency fields which is slow. */ +static inline int StringViewCompareFast(APT::StringView a, APT::StringView b) { + if (a.size() != b.size()) + return a.size() - b.size(); + auto l(a.data()), r(b.data()); + for (auto e(a.size()), i(decltype(e)(0)); i != e; ++i) + if (tolower_ascii_inline(l[i]) != tolower_ascii_inline(r[i])) + return tolower_ascii(l[i]) < tolower_ascii(r[i]) ? -1 : 1; + return 0; +} +#endif + /*}}}*/ + + std::string StripEpoch(const std::string &VerStr); #define APT_MKSTRCMP(name,func) \ -- cgit v1.2.3 From baec76f5f0f9fcbd71f6e2afaa7fc85543bd624c Mon Sep 17 00:00:00 2001 From: "Jay Freeman (saurik)" Date: Sun, 29 Jan 2017 15:01:00 -0800 Subject: The entire concept of PendingError() is flawed :/. --- apt-pkg/contrib/error.cc | 9 +++++++++ apt-pkg/contrib/error.h | 20 ++++++++++++++++++++ 2 files changed, 29 insertions(+) (limited to 'apt-pkg/contrib') diff --git a/apt-pkg/contrib/error.cc b/apt-pkg/contrib/error.cc index c06ea8364..7d397d2c6 100644 --- a/apt-pkg/contrib/error.cc +++ b/apt-pkg/contrib/error.cc @@ -227,6 +227,15 @@ void GlobalError::Discard() { PendingFlag = false; } /*}}}*/ +// GlobalError::ReturnError - convert a stored error to a return code /*{{{*/ +bool GlobalError::ReturnError() { + for (auto &message : Messages) + if (message.Type == ERROR) + message.Type = WARNING; + PendingFlag = false; + return false; +} + /*}}}*/ // GlobalError::empty - does our error list include anything? /*{{{*/ bool GlobalError::empty(MsgType const &threshold) const { if (PendingFlag == true) diff --git a/apt-pkg/contrib/error.h b/apt-pkg/contrib/error.h index e56999b14..bcaa7c995 100644 --- a/apt-pkg/contrib/error.h +++ b/apt-pkg/contrib/error.h @@ -227,6 +227,26 @@ public: /*{{{*/ */ inline bool PendingError() const APT_PURE {return PendingFlag;}; + /** \brief convert a stored error to a return code + * + * Put simply, the entire concept of PendingError() is flawed :/. + * + * The typical "if (PendingError()) return false;" check that is + * strewn throughout the codebase "compounds", making it impossible + * for there to be any nuance about the notion of "error" when a + * subsystem needs to fail but a higher-level system needs to work. + * + * However, the codebase is also horribly broken with respect to + * errors, as it fails to use C++ exceptions when warranted and + * instead relies on this insane indirect error mechanism to check + * the failure status of a constructor. What is thereby needed is + * a way to clear the PendingError() flag without also discarding + * the underlying errors, so we have to convert them to warnings. + * + * \return \b false + */ + bool ReturnError() APT_COLD; + /** \brief is the list empty? * * Can be used to check if the current stack level doesn't include -- cgit v1.2.3 From ca2b6d6dac848ee6c6fdface7b49a4a58470a654 Mon Sep 17 00:00:00 2001 From: "Jay Freeman (saurik)" Date: Mon, 30 Jan 2017 09:03:52 -0800 Subject: Not /not/ immediately mapping a file is INSANE :/. --- apt-pkg/contrib/mmap.cc | 5 ++--- apt-pkg/contrib/mmap.h | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) (limited to 'apt-pkg/contrib') diff --git a/apt-pkg/contrib/mmap.cc b/apt-pkg/contrib/mmap.cc index 74870b404..4c58a096d 100644 --- a/apt-pkg/contrib/mmap.cc +++ b/apt-pkg/contrib/mmap.cc @@ -40,7 +40,6 @@ MMap::MMap(FileFd &F,unsigned long Flags) : Flags(Flags), iSize(0), Base(nullptr), SyncToFd(nullptr) { - if ((Flags & NoImmMap) != NoImmMap) Map(F); } /*}}}*/ @@ -217,7 +216,7 @@ bool MMap::Sync(unsigned long Start,unsigned long Stop) /* */ DynamicMMap::DynamicMMap(FileFd &F,unsigned long Flags,unsigned long const &Workspace, unsigned long const &Grow, unsigned long const &Limit) : - MMap(F,Flags | NoImmMap), Fd(&F), WorkSpace(Workspace), + MMap(Flags), Fd(&F), WorkSpace(Workspace), GrowFactor(Grow), Limit(Limit) { // disable Moveable if we don't grow @@ -251,7 +250,7 @@ DynamicMMap::DynamicMMap(FileFd &F,unsigned long Flags,unsigned long const &Work and could come in handy later than we are able to grow such an mmap */ DynamicMMap::DynamicMMap(unsigned long Flags,unsigned long const &WorkSpace, unsigned long const &Grow, unsigned long const &Limit) : - MMap(Flags | NoImmMap | UnMapped), Fd(0), WorkSpace(WorkSpace), + MMap(Flags | UnMapped), Fd(0), WorkSpace(WorkSpace), GrowFactor(Grow), Limit(Limit) { // disable Moveable if we don't grow diff --git a/apt-pkg/contrib/mmap.h b/apt-pkg/contrib/mmap.h index c1dfedf6d..1576cab91 100644 --- a/apt-pkg/contrib/mmap.h +++ b/apt-pkg/contrib/mmap.h @@ -58,7 +58,7 @@ class MMap public: - enum OpenFlags {NoImmMap = (1<<0),Public = (1<<1),ReadOnly = (1<<2), + enum OpenFlags {Public = (1<<1),ReadOnly = (1<<2), UnMapped = (1<<3), Moveable = (1<<4), Fallback = (1 << 5)}; // Simple accessors -- cgit v1.2.3 From 89cb5d4dd729c4b8479eec94b9c4a58e11ab1794 Mon Sep 17 00:00:00 2001 From: "Jay Freeman (saurik)" Date: Mon, 30 Jan 2017 09:13:46 -0800 Subject: The length given to msync was calculated wrong :/. --- apt-pkg/contrib/mmap.cc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'apt-pkg/contrib') diff --git a/apt-pkg/contrib/mmap.cc b/apt-pkg/contrib/mmap.cc index 4c58a096d..cb73fbc5d 100644 --- a/apt-pkg/contrib/mmap.cc +++ b/apt-pkg/contrib/mmap.cc @@ -202,7 +202,8 @@ bool MMap::Sync(unsigned long Start,unsigned long Stop) { #ifdef _POSIX_SYNCHRONIZED_IO unsigned long long const PSize = sysconf(_SC_PAGESIZE); - if (msync((char *)Base+(Start/PSize)*PSize, Stop - Start, MS_SYNC) < 0) + Start = (Start/PSize)*PSize; + if (msync((char *)Base+Start, Stop - Start, MS_SYNC) < 0) return _error->Errno("msync", _("Unable to synchronize mmap")); #endif } -- cgit v1.2.3 From 0b23d3c0a7a116a19c14ae63b6281464ba1382a4 Mon Sep 17 00:00:00 2001 From: "Jay Freeman (saurik)" Date: Mon, 30 Jan 2017 09:15:49 -0800 Subject: You can't just assume the start is always zero :/. --- apt-pkg/contrib/mmap.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'apt-pkg/contrib') diff --git a/apt-pkg/contrib/mmap.cc b/apt-pkg/contrib/mmap.cc index cb73fbc5d..f632cd6c5 100644 --- a/apt-pkg/contrib/mmap.cc +++ b/apt-pkg/contrib/mmap.cc @@ -194,7 +194,7 @@ bool MMap::Sync(unsigned long Start,unsigned long Stop) { if (SyncToFd != 0) { - if (!SyncToFd->Seek(0) || + if (!SyncToFd->Seek(Start) || !SyncToFd->Write (((char *)Base)+Start, Stop-Start)) return false; } -- cgit v1.2.3 From f932bccbf7f8e8c06cb978e9a9b722d1b583c358 Mon Sep 17 00:00:00 2001 From: "Jay Freeman (saurik)" Date: Mon, 30 Jan 2017 09:43:43 -0800 Subject: Bill is consistent. Bill is correct. Be like Bill. --- apt-pkg/contrib/mmap.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'apt-pkg/contrib') diff --git a/apt-pkg/contrib/mmap.cc b/apt-pkg/contrib/mmap.cc index f632cd6c5..8fbddbd2f 100644 --- a/apt-pkg/contrib/mmap.cc +++ b/apt-pkg/contrib/mmap.cc @@ -106,14 +106,14 @@ bool MMap::Map(FileFd &Fd) if (unlikely(Base == nullptr)) return _error->Errno("MMap-malloc", _("Couldn't make mmap of %llu bytes"), iSize); SyncToFd = new FileFd(); - return Fd.Read(Base, iSize); + return Fd.Seek(0L) && Fd.Read(Base, iSize); } // FIXME: Writing to compressed fd's ? int const dupped_fd = dup(Fd.Fd()); if (dupped_fd == -1) return _error->Errno("mmap", _("Couldn't duplicate file descriptor %i"), Fd.Fd()); - Base = calloc(iSize, 1); + Base = malloc(iSize); if (unlikely(Base == nullptr)) return _error->Errno("MMap-calloc", _("Couldn't make mmap of %llu bytes"), iSize); SyncToFd = new FileFd (dupped_fd); -- cgit v1.2.3 From f1788cf1c819d4c003ae046367af00203cd027d6 Mon Sep 17 00:00:00 2001 From: "Jay Freeman (saurik)" Date: Mon, 30 Jan 2017 09:46:25 -0800 Subject: This is realloc, not reallocf: be more careful :/. --- apt-pkg/contrib/mmap.cc | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'apt-pkg/contrib') diff --git a/apt-pkg/contrib/mmap.cc b/apt-pkg/contrib/mmap.cc index 8fbddbd2f..09a3b3230 100644 --- a/apt-pkg/contrib/mmap.cc +++ b/apt-pkg/contrib/mmap.cc @@ -489,12 +489,14 @@ bool DynamicMMap::Grow() { if ((Flags & Moveable) != Moveable) return false; - Base = realloc(Base, newSize); - if (Base == NULL) + auto Temp = realloc(Base, newSize); + if (Temp == NULL) return false; - else + else { + Base = Temp; /* Set new memory to 0 */ memset((char*)Base + WorkSpace, 0, newSize - WorkSpace); + } } Pools =(Pool*) Base + poolOffset; -- cgit v1.2.3 From 88ac08f98958386bb268c3c756f56a1367a7a671 Mon Sep 17 00:00:00 2001 From: "Jay Freeman (saurik)" Date: Mon, 30 Jan 2017 19:53:18 -0800 Subject: It is NOT OK to just munmap memory from malloc :/. --- apt-pkg/contrib/mmap.cc | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'apt-pkg/contrib') diff --git a/apt-pkg/contrib/mmap.cc b/apt-pkg/contrib/mmap.cc index 09a3b3230..f63f2eea1 100644 --- a/apt-pkg/contrib/mmap.cc +++ b/apt-pkg/contrib/mmap.cc @@ -307,10 +307,11 @@ DynamicMMap::~DynamicMMap() if (validData() == false) return; #ifdef _POSIX_MAPPED_FILES - munmap(Base, WorkSpace); -#else - free(Base); + if ((Flags & Fallback) != Fallback) { + munmap(Base, WorkSpace); + } else #endif + free(Base); return; } -- cgit v1.2.3 From 2d71f8c24d490b5a3773821264124f0ed5c9a9d2 Mon Sep 17 00:00:00 2001 From: Jaywalker Date: Tue, 6 Feb 2018 23:51:41 -0600 Subject: Fixed system() using coolstar's patch and added other required patches --- apt-pkg/contrib/fileutl.cc | 165 +++++++++++++++++++++++++++++++++++++++++- apt-pkg/contrib/fileutl.h | 2 + apt-pkg/contrib/gpgv.cc | 29 +++++++- apt-pkg/contrib/srvrec.cc | 1 + apt-pkg/contrib/string_view.h | 1 + 5 files changed, 196 insertions(+), 2 deletions(-) (limited to 'apt-pkg/contrib') diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index dd36ffa79..e3fb1cc90 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -26,6 +26,7 @@ #include #include #include +#include #include #include @@ -74,6 +75,14 @@ #endif #include + +//posix spawn +#include +#include +#include +#include +#include + /*}}}*/ using namespace std; @@ -81,6 +90,8 @@ using namespace std; /* Should be a multiple of the common page size (4096) */ static constexpr unsigned long long APT_BUFFER_SIZE = 64 * 1024; +extern char **environ; + // RunScripts - Run a set of scripts from a configuration subtree /*{{{*/ // --------------------------------------------------------------------- /* */ @@ -119,7 +130,7 @@ bool RunScripts(const char *Cnf) std::clog << "Running external script: '" << Opts->Value << "'" << std::endl; - if (system(Opts->Value.c_str()) != 0) + if (RunCmd(Opts->Value.c_str()) != 0) _exit(100+Count); } _exit(0); @@ -154,6 +165,158 @@ bool RunScripts(const char *Cnf) return true; } + +#define PROC_PIDPATHINFO_MAXSIZE (1024) +static int file_exist(const char *filename) { + struct stat buffer; + int r = stat(filename, &buffer); + return (r == 0); +} + +static char *searchpath(const char *binaryname){ + if (strstr(binaryname, "/") != NULL){ + if (file_exist(binaryname)){ + char *foundpath = malloc((strlen(binaryname) + 1) * (sizeof(char))); + strcpy(foundpath, binaryname); + return foundpath; + } else { + return NULL + } + } + + char *pathvar = getenv("PATH"); + + char *dir = strtok(pathvar,":"); + while (dir != NULL){ + char searchpth[PROC_PIDPATHINFO_MAXSIZE]; + strcpy(searchpth, dir); + strcat(searchpth, "/"); + strcat(searchpth, binaryname); + + if (file_exist(searchpth)){ + char *foundpath = malloc((strlen(searchpth) + 1) * (sizeof(char))); + strcpy(foundpath, searchpth); + return foundpath; + } + + dir = strtok(NULL, ":"); + } + return NULL; +} + +static bool isShellScript(const char *path){ + FILE *file = fopen(path, "r"); + uint8_t header[2]; + if (fread(header, sizeof(uint8_t), 2, file) == 2){ + if (header[0] == '#' && header[1] == '!'){ + fclose(file); + return true; + } + } + fclose(file); + return false; +} + +static char *getInterpreter(char *path){ + FILE *file = fopen(path, "r"); + char *interpreterLine = NULL; + unsigned long lineSize = 0; + getline(&interpreterLine, &lineSize, file); + + char *rawInterpreter = (interpreterLine+2); + rawInterpreter = strtok(rawInterpreter, " "); + rawInterpreter = strtok(rawInterpreter, "\n"); + + char *interpreter = malloc((strlen(rawInterpreter)+1) * sizeof(char)); + strcpy(interpreter, rawInterpreter); + + free(interpreterLine); + fclose(file); + return interpreter; +} + +static char *fixedCmd(const char *cmdStr){ + char *cmdCpy = malloc((strlen(cmdStr)+1) * sizeof(char)); + strcpy(cmdCpy, cmdStr); + + char *cmd = strtok(cmdCpy, " "); + + uint8_t size = strlen(cmd) + 1; + + char *args = cmdCpy + (size + 1); + if ((strlen(cmdStr) - strlen(cmd)) == 0) + args = NULL; + + char *abs_path = searchpath(cmd); + if (abs_path){ + bool isScript = isShellScript(abs_path); + if (isScript){ + char *interpreter = getInterpreter(abs_path); + + uint8_t commandSize = strlen(interpreter) + 1 + strlen(abs_path); + + if (args){ + commandSize += 1 + strlen(args); + } + + char *rawCommand = malloc(sizeof(char) * (commandSize + 1)); + strcpy(rawCommand, interpreter); + strcat(rawCommand, " "); + strcat(rawCommand, abs_path); + + if (args){ + strcat(rawCommand, " "); + strcat(rawCommand, args); + } + rawCommand[(commandSize)+1] = "\0"; + + free(interpreter); + free(abs_path); + free(cmdCpy); + + return rawCommand; + } else { + uint8_t commandSize = strlen(abs_path); + + if (args){ + commandSize += 1 + strlen(args); + } + + char *rawCommand = malloc(sizeof(char) * (commandSize + 1)); + strcat(rawCommand, abs_path); + + if (args){ + strcat(rawCommand, " "); + strcat(rawCommand, args); + } + rawCommand[(commandSize)+1] = "\0"; + + free(abs_path); + free(cmdCpy); + + return rawCommand; + } + } + return cmdCpy; +} + +int RunCmd(const char *cmd) { + pid_t pid; + char *rawCmd = fixedCmd(cmd); + char *argv[] = {"sh", "-c", (char*)rawCmd, NULL}; + int status; + status = posix_spawn(&pid, "/bin/sh", NULL, NULL, argv, environ); + if (status == 0) { + if (waitpid(pid, &status, 0) == -1) { + perror("waitpid"); + } + } else { + printf("posix_spawn: %s\n", strerror(status)); + } + free(rawCmd); + return status; +} + /*}}}*/ // CopyFile - Buffered copy of a file /*{{{*/ diff --git a/apt-pkg/contrib/fileutl.h b/apt-pkg/contrib/fileutl.h index dddeb70f5..932538206 100644 --- a/apt-pkg/contrib/fileutl.h +++ b/apt-pkg/contrib/fileutl.h @@ -158,6 +158,8 @@ class FileFd APT_HIDDEN bool FileFdError(const char* Description,...) APT_PRINTF(2) APT_COLD; }; + +int RunCmd(const char *Cmd); bool RunScripts(const char *Cnf); bool CopyFile(FileFd &From,FileFd &To); bool RemoveFile(char const * const Function, std::string const &FileName); diff --git a/apt-pkg/contrib/gpgv.cc b/apt-pkg/contrib/gpgv.cc index 856d56bc1..fa1055556 100644 --- a/apt-pkg/contrib/gpgv.cc +++ b/apt-pkg/contrib/gpgv.cc @@ -252,7 +252,34 @@ void ExecGPGV(std::string const &File, std::string const &FileGPG, { if (statusfd != -1) dup2(fd[1], statusfd); - execvp(Args[0], (char **) &Args[0]); + //I don't really C++, so I hope this is the best way to make a std::vector into a space separated C-string. + char *fullCmd = NULL; + char *tmpCmd = NULL; + bool firstTime = true; + int size = 0; + for (std::vector::const_iterator a = Args.begin(); a != Args.end(); ++a) { + size = strlen(*a) + 1; //Plus one for \0 + if (fullCmd != NULL) { + size += strlen(fullCmd) + 1; //Plus one for space + if (tmpCmd != NULL) + free(tmpCmd); + tmpCmd = (char *)malloc(sizeof(char) * (strlen(fullCmd) + 1)); + strcpy(tmpCmd, fullCmd); + free(fullCmd); + } + fullCmd = (char *)malloc(sizeof(char) * size); + if (tmpCmd == NULL) + strcpy(fullCmd, *a); + else + sprintf(fullCmd, "%s %s\0", tmpCmd, *a); + } + if (tmpCmd != NULL) + free(tmpCmd); + if (fullCmd != NULL) { + RunCmd(fullCmd); + free(fullCmd); + } + //execvp(Args[0], (char **) &Args[0]); apt_error(std::cerr, statusfd, fd, "Couldn't execute %s to check %s", Args[0], File.c_str()); local_exit(EINTERNAL); } diff --git a/apt-pkg/contrib/srvrec.cc b/apt-pkg/contrib/srvrec.cc index cafee1acf..f2c45a458 100644 --- a/apt-pkg/contrib/srvrec.cc +++ b/apt-pkg/contrib/srvrec.cc @@ -12,6 +12,7 @@ #include #include +#include #include #include diff --git a/apt-pkg/contrib/string_view.h b/apt-pkg/contrib/string_view.h index e0aff3dca..52ad71d5c 100644 --- a/apt-pkg/contrib/string_view.h +++ b/apt-pkg/contrib/string_view.h @@ -14,6 +14,7 @@ #include #include #include +#include namespace APT { -- cgit v1.2.3 From a227e74c6eeeca16ecb5dd6faa933e6d8c297841 Mon Sep 17 00:00:00 2001 From: Jaywalker Date: Wed, 7 Feb 2018 00:15:24 -0600 Subject: Missed a semicolon --- apt-pkg/contrib/fileutl.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'apt-pkg/contrib') diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index e3fb1cc90..383a9b7aa 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -180,7 +180,7 @@ static char *searchpath(const char *binaryname){ strcpy(foundpath, binaryname); return foundpath; } else { - return NULL + return NULL; } } -- cgit v1.2.3 From 2363847d2685a6abe4a23620d2a09296a80c47b3 Mon Sep 17 00:00:00 2001 From: Jaywalker Date: Wed, 7 Feb 2018 01:42:06 -0600 Subject: Fixed last few errors. APT is strict... --- apt-pkg/contrib/fileutl.cc | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'apt-pkg/contrib') diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index 383a9b7aa..25deec083 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -176,7 +176,7 @@ static int file_exist(const char *filename) { static char *searchpath(const char *binaryname){ if (strstr(binaryname, "/") != NULL){ if (file_exist(binaryname)){ - char *foundpath = malloc((strlen(binaryname) + 1) * (sizeof(char))); + char *foundpath = (char *)malloc((strlen(binaryname) + 1) * (sizeof(char))); strcpy(foundpath, binaryname); return foundpath; } else { @@ -194,7 +194,7 @@ static char *searchpath(const char *binaryname){ strcat(searchpth, binaryname); if (file_exist(searchpth)){ - char *foundpath = malloc((strlen(searchpth) + 1) * (sizeof(char))); + char *foundpath = (char *)malloc((strlen(searchpth) + 1) * (sizeof(char))); strcpy(foundpath, searchpth); return foundpath; } @@ -227,7 +227,7 @@ static char *getInterpreter(char *path){ rawInterpreter = strtok(rawInterpreter, " "); rawInterpreter = strtok(rawInterpreter, "\n"); - char *interpreter = malloc((strlen(rawInterpreter)+1) * sizeof(char)); + char *interpreter = (char *)malloc((strlen(rawInterpreter)+1) * sizeof(char)); strcpy(interpreter, rawInterpreter); free(interpreterLine); @@ -236,7 +236,7 @@ static char *getInterpreter(char *path){ } static char *fixedCmd(const char *cmdStr){ - char *cmdCpy = malloc((strlen(cmdStr)+1) * sizeof(char)); + char *cmdCpy = (char *)malloc((strlen(cmdStr)+1) * sizeof(char)); strcpy(cmdCpy, cmdStr); char *cmd = strtok(cmdCpy, " "); @@ -259,7 +259,7 @@ static char *fixedCmd(const char *cmdStr){ commandSize += 1 + strlen(args); } - char *rawCommand = malloc(sizeof(char) * (commandSize + 1)); + char *rawCommand = (char *)malloc(sizeof(char) * (commandSize + 1)); strcpy(rawCommand, interpreter); strcat(rawCommand, " "); strcat(rawCommand, abs_path); @@ -268,7 +268,7 @@ static char *fixedCmd(const char *cmdStr){ strcat(rawCommand, " "); strcat(rawCommand, args); } - rawCommand[(commandSize)+1] = "\0"; + rawCommand[(commandSize)+1] = '\0'; free(interpreter); free(abs_path); @@ -282,14 +282,14 @@ static char *fixedCmd(const char *cmdStr){ commandSize += 1 + strlen(args); } - char *rawCommand = malloc(sizeof(char) * (commandSize + 1)); + char *rawCommand = (char *)malloc(sizeof(char) * (commandSize + 1)); strcat(rawCommand, abs_path); if (args){ strcat(rawCommand, " "); strcat(rawCommand, args); } - rawCommand[(commandSize)+1] = "\0"; + rawCommand[(commandSize)+1] = '\0'; free(abs_path); free(cmdCpy); -- cgit v1.2.3 From c6faf6faeda837fa421337a69dba7904bd3d0961 Mon Sep 17 00:00:00 2001 From: Jaywalker Date: Wed, 7 Feb 2018 01:52:36 -0600 Subject: Reverting to kb's gpgv version for now --- apt-pkg/contrib/gpgv.cc | 54 ++++++++++++++++++++----------------------------- 1 file changed, 22 insertions(+), 32 deletions(-) (limited to 'apt-pkg/contrib') diff --git a/apt-pkg/contrib/gpgv.cc b/apt-pkg/contrib/gpgv.cc index fa1055556..cdf1e7f42 100644 --- a/apt-pkg/contrib/gpgv.cc +++ b/apt-pkg/contrib/gpgv.cc @@ -92,7 +92,7 @@ void ExecGPGV(std::string const &File, std::string const &FileGPG, #define EINTERNAL 111 std::string const aptkey = _config->Find("Dir::Bin::apt-key", CMAKE_INSTALL_FULL_BINDIR "/apt-key"); - bool const Debug = _config->FindB("Debug::Acquire::gpgv", false); + bool const Debug = _config->FindB("Debug::Acquire::gpgv", false); struct exiter { std::vector files; void operator ()(int code) APT_NORETURN { @@ -103,8 +103,9 @@ void ExecGPGV(std::string const &File, std::string const &FileGPG, std::vector Args; - Args.reserve(10); + Args.reserve(11); + Args.push_back("/bin/sh"); Args.push_back(aptkey.c_str()); Args.push_back("--quiet"); Args.push_back("--readonly"); @@ -215,6 +216,21 @@ void ExecGPGV(std::string const &File, std::string const &FileGPG, Args.push_back(NULL); + /* concat the args into a string and try to run it like a shell + script to mitigate *OS 11 sandbox issues */ + + std::stringstream ss; + int j = 0; + for (std::vector::const_iterator a = Args.begin(); *a != NULL; ++a) + { + if(j != 0) + ss << " "; + ss << *a; + j++; + } + + std::string ArgString = ss.str(); + if (Debug == true) { std::clog << "Preparing to exec: "; @@ -239,8 +255,8 @@ void ExecGPGV(std::string const &File, std::string const &FileGPG, putenv((char *)"LC_ALL="); putenv((char *)"LC_MESSAGES="); } - - + + // We have created tempfiles we have to clean up // and we do an additional check, so fork yet another time … pid_t pid = ExecFork(); @@ -252,35 +268,9 @@ void ExecGPGV(std::string const &File, std::string const &FileGPG, { if (statusfd != -1) dup2(fd[1], statusfd); - //I don't really C++, so I hope this is the best way to make a std::vector into a space separated C-string. - char *fullCmd = NULL; - char *tmpCmd = NULL; - bool firstTime = true; - int size = 0; - for (std::vector::const_iterator a = Args.begin(); a != Args.end(); ++a) { - size = strlen(*a) + 1; //Plus one for \0 - if (fullCmd != NULL) { - size += strlen(fullCmd) + 1; //Plus one for space - if (tmpCmd != NULL) - free(tmpCmd); - tmpCmd = (char *)malloc(sizeof(char) * (strlen(fullCmd) + 1)); - strcpy(tmpCmd, fullCmd); - free(fullCmd); - } - fullCmd = (char *)malloc(sizeof(char) * size); - if (tmpCmd == NULL) - strcpy(fullCmd, *a); - else - sprintf(fullCmd, "%s %s\0", tmpCmd, *a); - } - if (tmpCmd != NULL) - free(tmpCmd); - if (fullCmd != NULL) { - RunCmd(fullCmd); - free(fullCmd); - } + execlp("sh", "sh", "-c", ArgString.c_str(), NULL); //run as a shell script instead //execvp(Args[0], (char **) &Args[0]); - apt_error(std::cerr, statusfd, fd, "Couldn't execute %s to check %s", Args[0], File.c_str()); + apt_error(std::cerr, statusfd, fd, "Couldn't execute %s to check %s", Args[0], File.c_str()); local_exit(EINTERNAL); } -- cgit v1.2.3 From 930007ca221e1578afa235cb7e42345f39f028db Mon Sep 17 00:00:00 2001 From: Jaywalker Date: Wed, 7 Feb 2018 17:01:37 -0600 Subject: Lets get those sizes right --- apt-pkg/contrib/fileutl.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'apt-pkg/contrib') diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index 25deec083..f3c7b6d3b 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -243,7 +243,7 @@ static char *fixedCmd(const char *cmdStr){ uint8_t size = strlen(cmd) + 1; - char *args = cmdCpy + (size + 1); + char *args = cmdCpy + size; if ((strlen(cmdStr) - strlen(cmd)) == 0) args = NULL; -- cgit v1.2.3