From ce928105d7279c5604f034740b04dc6a745fb859 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Fri, 4 Apr 2014 14:30:17 +0200 Subject: Implement CacheDB for source packages in apt-ftparchive --- apt-pkg/contrib/hashes.cc | 2 +- apt-pkg/contrib/hashes.h | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) (limited to 'apt-pkg') diff --git a/apt-pkg/contrib/hashes.cc b/apt-pkg/contrib/hashes.cc index 1fce0d75f..15f83615d 100644 --- a/apt-pkg/contrib/hashes.cc +++ b/apt-pkg/contrib/hashes.cc @@ -133,7 +133,7 @@ bool Hashes::AddFD(int const Fd,unsigned long long Size, bool const addMD5, bool const addSHA1, bool const addSHA256, bool const addSHA512) { unsigned char Buf[64*64]; - bool const ToEOF = (Size == 0); + bool const ToEOF = (Size == UntilEOF); while (Size != 0 || ToEOF) { unsigned long long n = sizeof(Buf); diff --git a/apt-pkg/contrib/hashes.h b/apt-pkg/contrib/hashes.h index 5cd1af03b..7a62f8a8f 100644 --- a/apt-pkg/contrib/hashes.h +++ b/apt-pkg/contrib/hashes.h @@ -78,6 +78,8 @@ class Hashes SHA256Summation SHA256; SHA512Summation SHA512; + static const int UntilEOF = 0; + inline bool Add(const unsigned char *Data,unsigned long long Size) { return MD5.Add(Data,Size) && SHA1.Add(Data,Size) && SHA256.Add(Data,Size) && SHA512.Add(Data,Size); -- cgit v1.2.3 From 949d2e98a0fc00afc6e9cf78a724d0d578a3ca2a Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Mon, 28 Apr 2014 17:36:54 +0200 Subject: initialize Verify in second pkgAcqIndex constructor gcc reports in testcase ./test-bug-596498-trusted-unsigned-repo: apt-pkg/acquire-item.cc:1059:7: runtime error: load of value 234, which is not a valid value for type 'bool' This happens as the bool Verify is initialized only in one of the two constructors of the pkgAcqIndex class. It isn't a problem through as the verification controlled by this flag is optional and used to fail early on garbage files (like network portal pages) instead of later on in the hashsum verification or while parsing (the then untrusted) file. Reported-By: gcc-4.9 -fsanitize=undefined --- apt-pkg/acquire-item.cc | 2 ++ 1 file changed, 2 insertions(+) (limited to 'apt-pkg') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 30743addf..0178456a8 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -932,6 +932,8 @@ pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner, } CompressionExtension = comprExt; + Verify = true; + Init(URI, URIDesc, ShortDesc); } pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner, IndexTarget const *Target, -- cgit v1.2.3 From bc1c9081e826c2c7f265f23d388ba868d5011f6a Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Thu, 15 May 2014 14:37:33 +0200 Subject: Never parse Version/Architecture tags in a Translation-$lang file Version/Architecture information in a Translation-$lang file is not allowed, so don't try to parse it. This is a fix for a bugreport where a Translation-en file contained the content of the regular Packages file (probably due to local FS corruption). This lead to strange error messages on file download. Thanks to Thomas Reusch for the report. --- apt-pkg/deb/debindexfile.cc | 2 +- apt-pkg/deb/deblistparser.h | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) (limited to 'apt-pkg') diff --git a/apt-pkg/deb/debindexfile.cc b/apt-pkg/deb/debindexfile.cc index eee758b7a..a0dd15cd8 100644 --- a/apt-pkg/deb/debindexfile.cc +++ b/apt-pkg/deb/debindexfile.cc @@ -525,7 +525,7 @@ bool debTranslationsIndex::Merge(pkgCacheGenerator &Gen,OpProgress *Prog) const if (FileExists(TranslationFile)) { FileFd Trans(TranslationFile,FileFd::ReadOnly, FileFd::Extension); - debListParser TransParser(&Trans); + debTranslationsParser TransParser(&Trans); if (_error->PendingError() == true) return false; diff --git a/apt-pkg/deb/deblistparser.h b/apt-pkg/deb/deblistparser.h index baace79fe..3b6963211 100644 --- a/apt-pkg/deb/deblistparser.h +++ b/apt-pkg/deb/deblistparser.h @@ -106,4 +106,15 @@ class debListParser : public pkgCacheGenerator::ListParser APT_HIDDEN unsigned char ParseMultiArch(bool const showErrors); }; +class debTranslationsParser : public debListParser +{ + public: + // a translation can never be a real package + virtual std::string Architecture() { return ""; } + virtual std::string Version() { return ""; } + + debTranslationsParser(FileFd *File, std::string const &Arch = "") + : debListParser(File, Arch) {}; +}; + #endif -- cgit v1.2.3