From 03af77d4ca60a21f3dca1ab10ef2ba17ec2f96c9 Mon Sep 17 00:00:00 2001 From: Julian Andres Klode Date: Mon, 9 Apr 2018 15:32:09 +0200 Subject: Import Debian version 1.0.1ubuntu2.18 apt (1.0.1ubuntu2.18) trusty; urgency=medium * ExecFork: Use /proc/self/fd to determine which files to close (Closes: #764204) (LP: #1332440). apt (1.0.1ubuntu2.17) trusty-security; urgency=high * SECURITY UPDATE: gpgv: Check for errors when splitting files (CVE-2016-1252) Thanks to Jann Horn, Google Project Zero for reporting the issue (LP: #1647467) apt (1.0.1ubuntu2.15) trusty; urgency=medium * Fixes failure to download the Package index file when using mirror:// URL in sources.list and the archive fails to profile a file. APT would try the next archive in the list for .deb packages but did not retry when the index file failed to download. (LP: #1625667) apt (1.0.1ubuntu2.14) trusty; urgency=medium * When using the https transport mechanism, $no_proxy is ignored if apt is getting it's proxy information from $https_proxy (as opposed to Acquire::https::Proxy somewhere in apt config). If the source of proxy information is Acquire::https::Proxy set in apt.conf (or apt.conf.d), then $no_proxy is honored. This patch makes the behavior similar for both methods of setting the proxy. (LP: #1575877) apt (1.0.1ubuntu2.13) trusty; urgency=medium * Recheck Pre-Depends satisfaction in SmartConfigure, to avoid unconfigured Pre-Depends (which dpkg later fails on). Fixes upgrade failures of systemd, util-linux, and other packages with Pre-Depends. Many thanks to David Kalnischkies for figuring out the patch and Winfried PLappert for testing! Patch taken from Debian git. (LP: #1560797) apt (1.0.1ubuntu2.12) trusty; urgency=medium [ Colin Watson ] * Fix lzma write support to handle "try again" case (closes: #751688, LP: #1553770). [ David Kalnischkies ] * Handle moved mmap after UniqFindTagWrite call (closes: #753941, LP: #1445436). apt (1.0.1ubuntu2.11) trusty; urgency=medium * apt-pkg/packagemanager.cc: - fix incorrect configure ordering in the SmartConfigure step by skipping packages that do not need immediate action. (LP: #1347721, #1497688) apt (1.0.1ubuntu2.10) trusty; urgency=medium * Fix regression from the previous upload by ensuring we're actually testing for the right member before iterating on it (LP: #1480592) apt (1.0.1ubuntu2.9) trusty; urgency=medium * Fix regression in the Never-MarkAuto-Sections feature caused by the previous auto-removal fix, with inspiration drawn from the patches and conversation from http://bugs.debian.org/793360 (LP: #1479207) apt (1.0.1ubuntu2.8) trusty-proposed; urgency=low * fix crash for packages that have no section in their instVersion (LP: #1449394) apt (1.0.1ubuntu2.7) trusty-proposed; urgency=low * fix auto-removal behavior (thanks to Adam Conrad) LP: #1429041 apt (1.0.1ubuntu2.6) trusty-proposed; urgency=medium * apt-pkg/deb/dpkgpm.cc: - update string matching for dpkg I/O errors. (LP: #1363257) - properly parse the dpkg status line so that package name is properly set and an apport report is created. Thanks to Anders Kaseorg for the patch. (LP: #1353171) apt (1.0.1ubuntu2.5) trusty-security; urgency=low * SECURITY UPDATE: - cmdline/apt-get.cc: fix insecure tempfile handling in apt-get changelog (CVE-2014-7206). Thanks to Guillem Jover apt (1.0.1ubuntu2.4.1) trusty-security; urgency=low * SECURITY UPDATE: - fix potential buffer overflow, thanks to the Google Security Team (CVE-2014-6273) * Fix regression from the previous upload when file:/// sources are used and those are on a different partition than the apt state directory * Fix regression when Dir::state::lists is set to a relative path * Fix regression when cdrom: sources got rewriten by apt-cdrom add apt (1.0.1ubuntu2.3) trusty-security; urgency=low * SECURITY UPDATE: - incorrect invalidating of unauthenticated data (CVE-2014-0488) - incorect verification of 304 reply (CVE-2014-0487) - incorrect verification of Acquire::Gzip indexes (CVE-2014-0489) --- ftparchive/cachedb.cc | 363 +++++++++++++++++++------------------------------- 1 file changed, 134 insertions(+), 229 deletions(-) (limited to 'ftparchive/cachedb.cc') diff --git a/ftparchive/cachedb.cc b/ftparchive/cachedb.cc index c3a4adcbc..523c6b5fa 100644 --- a/ftparchive/cachedb.cc +++ b/ftparchive/cachedb.cc @@ -20,7 +20,6 @@ #include #include #include -#include #include // htonl, etc #include @@ -86,7 +85,7 @@ bool CacheDB::ReadyDB(std::string const &DB) return _error->Error(_("Unable to open DB file %s: %s"),DB.c_str(), db_strerror(err)); } } - + DBFile = DB; DBLoaded = true; return true; @@ -97,54 +96,14 @@ bool CacheDB::ReadyDB(std::string const &DB) /* */ bool CacheDB::OpenFile() { - // always close existing file first - CloseFile(); - - // open a new file - Fd = new FileFd(FileName,FileFd::ReadOnly); - if (_error->PendingError() == true) - { - CloseFile(); - return false; - } - return true; -} - /*}}}*/ -// CacheDB::CloseFile - Close the file /*{{{*/ -void CacheDB::CloseFile() -{ - if(Fd != NULL) - { - delete Fd; - Fd = NULL; - } -} - /*}}}*/ -// CacheDB::OpenDebFile - Open a debfile /*{{{*/ -bool CacheDB::OpenDebFile() -{ - // always close existing file first - CloseDebFile(); - - // first open the fd, then pass it to the debDebFile - if(OpenFile() == false) - return false; - DebFile = new debDebFile(*Fd); - if (_error->PendingError() == true) - return false; - return true; -} - /*}}}*/ -// CacheDB::CloseDebFile - Close a debfile again /*{{{*/ -void CacheDB::CloseDebFile() -{ - CloseFile(); - - if(DebFile != NULL) - { - delete DebFile; - DebFile = NULL; - } + Fd = new FileFd(FileName,FileFd::ReadOnly); + if (_error->PendingError() == true) + { + delete Fd; + Fd = NULL; + return false; + } + return true; } /*}}}*/ // CacheDB::GetFileStat - Get stats from the file /*{{{*/ @@ -153,65 +112,29 @@ void CacheDB::CloseDebFile() * to look at the file, also get the mtime from the file. */ bool CacheDB::GetFileStat(bool const &doStat) { - if ((CurStat.Flags & FlSize) == FlSize && doStat == false) - return true; - - /* Get it from the file. */ - if (OpenFile() == false) - return false; - - // Stat the file - struct stat St; - if (fstat(Fd->Fd(),&St) != 0) - { - CloseFile(); - return _error->Errno("fstat", - _("Failed to stat %s"),FileName.c_str()); - } - CurStat.FileSize = St.st_size; - CurStat.mtime = htonl(St.st_mtime); - CurStat.Flags |= FlSize; - - return true; -} - /*}}}*/ -// CacheDB::GetCurStatCompatOldFormat /*{{{*/ -// --------------------------------------------------------------------- -/* Read the old (32bit FileSize) StateStore format from disk */ -bool CacheDB::GetCurStatCompatOldFormat() -{ - InitQueryStats(); - Data.data = &CurStatOldFormat; - Data.flags = DB_DBT_USERMEM; - Data.ulen = sizeof(CurStatOldFormat); - if (Get() == false) - { - CurStat.Flags = 0; - } else { - CurStat.Flags = CurStatOldFormat.Flags; - CurStat.mtime = CurStatOldFormat.mtime; - CurStat.FileSize = CurStatOldFormat.FileSize; - memcpy(CurStat.MD5, CurStatOldFormat.MD5, sizeof(CurStat.MD5)); - memcpy(CurStat.SHA1, CurStatOldFormat.SHA1, sizeof(CurStat.SHA1)); - memcpy(CurStat.SHA256, CurStatOldFormat.SHA256, sizeof(CurStat.SHA256)); - } - return true; -} - /*}}}*/ -// CacheDB::GetCurStatCompatOldFormat /*{{{*/ -// --------------------------------------------------------------------- -/* Read the new (64bit FileSize) StateStore format from disk */ -bool CacheDB::GetCurStatCompatNewFormat() -{ - InitQueryStats(); - Data.data = &CurStat; - Data.flags = DB_DBT_USERMEM; - Data.ulen = sizeof(CurStat); - if (Get() == false) - { - CurStat.Flags = 0; - } - return true; + if ((CurStat.Flags & FlSize) == FlSize && doStat == false) + { + /* Already worked out the file size */ + } + else + { + /* Get it from the file. */ + if (Fd == NULL && OpenFile() == false) + { + return false; + } + // Stat the file + struct stat St; + if (fstat(Fd->Fd(),&St) != 0) + { + return _error->Errno("fstat", + _("Failed to stat %s"),FileName.c_str()); + } + CurStat.FileSize = St.st_size; + CurStat.mtime = htonl(St.st_mtime); + CurStat.Flags |= FlSize; + } + return true; } /*}}}*/ // CacheDB::GetCurStat - Set the CurStat variable. /*{{{*/ @@ -222,110 +145,79 @@ bool CacheDB::GetCurStat() { memset(&CurStat,0,sizeof(CurStat)); - if (DBLoaded) - { - // do a first query to just get the size of the data on disk - InitQueryStats(); - Data.data = &CurStat; - Data.flags = DB_DBT_USERMEM; - Data.ulen = 0; - Get(); - - if (Data.size == 0) - { - // nothing needs to be done, we just have not data for this deb - } - // check if the record is written in the old format (32bit filesize) - else if(Data.size == sizeof(CurStatOldFormat)) - { - GetCurStatCompatOldFormat(); - } - else if(Data.size == sizeof(CurStat)) + if (DBLoaded) + { + /* First see if there is anything about it + in the database */ + + /* Get the flags (and mtime) */ + InitQuery("st"); + // Ensure alignment of the returned structure + Data.data = &CurStat; + Data.ulen = sizeof(CurStat); + Data.flags = DB_DBT_USERMEM; + if (Get() == false) { - GetCurStatCompatNewFormat(); - } else { - return _error->Error("Cache record size mismatch (%ul)", Data.size); - } - - CurStat.Flags = ntohl(CurStat.Flags); - CurStat.FileSize = ntohl(CurStat.FileSize); + CurStat.Flags = 0; + } + CurStat.Flags = ntohl(CurStat.Flags); + CurStat.FileSize = ntohl(CurStat.FileSize); } - return true; + return true; } /*}}}*/ // CacheDB::GetFileInfo - Get all the info about the file /*{{{*/ // --------------------------------------------------------------------- -bool CacheDB::GetFileInfo(std::string const &FileName, bool const &DoControl, - bool const &DoContents, - bool const &GenContentsOnly, - bool const &DoSource, - bool const &DoMD5, bool const &DoSHA1, - bool const &DoSHA256, bool const &DoSHA512, +bool CacheDB::GetFileInfo(std::string const &FileName, bool const &DoControl, bool const &DoContents, + bool const &GenContentsOnly, bool const &DoMD5, bool const &DoSHA1, + bool const &DoSHA256, bool const &DoSHA512, bool const &checkMtime) { - bool result = true; - this->FileName = FileName; - - if (GetCurStat() == false) - return false; - OldStat = CurStat; - - if (GetFileStat(checkMtime) == false) - return false; - - /* if mtime changed, update CurStat from disk */ - if (checkMtime == true && OldStat.mtime != CurStat.mtime) - CurStat.Flags = FlSize; - - Stats.Bytes += CurStat.FileSize; - Stats.Packages++; - - if ((DoControl && LoadControl() == false) - || (DoContents && LoadContents(GenContentsOnly) == false) - || (DoSource && LoadSource() == false) - || (DoMD5 && GetMD5(false) == false) - || (DoSHA1 && GetSHA1(false) == false) - || (DoSHA256 && GetSHA256(false) == false) - || (DoSHA512 && GetSHA512(false) == false) ) - { - result = false; - } - - return result; -} - /*}}}*/ + this->FileName = FileName; -bool CacheDB::LoadSource() -{ - // Try to read the control information out of the DB. - if ((CurStat.Flags & FlSource) == FlSource) + if (GetCurStat() == false) { - // Lookup the control information - InitQuerySource(); - if (Get() == true && Dsc.TakeDsc(Data.data, Data.size) == true) - { - return true; - } - CurStat.Flags &= ~FlSource; - } - if (OpenFile() == false) - return false; + return false; + } + OldStat = CurStat; - Stats.Misses++; - if (Dsc.Read(FileName) == false) - return false; - - if (Dsc.Data == 0) - return _error->Error(_("Failed to read .dsc")); - - // Write back the control information - InitQuerySource(); - if (Put(Dsc.Data, Dsc.Length) == true) - CurStat.Flags |= FlSource; + if (GetFileStat(checkMtime) == false) + { + delete Fd; + Fd = NULL; + return false; + } + + /* if mtime changed, update CurStat from disk */ + if (checkMtime == true && OldStat.mtime != CurStat.mtime) + CurStat.Flags = FlSize; + + Stats.Bytes += CurStat.FileSize; + Stats.Packages++; + + if ((DoControl && LoadControl() == false) + || (DoContents && LoadContents(GenContentsOnly) == false) + || (DoMD5 && GetMD5(false) == false) + || (DoSHA1 && GetSHA1(false) == false) + || (DoSHA256 && GetSHA256(false) == false) + || (DoSHA512 && GetSHA512(false) == false) + ) + { + delete Fd; + Fd = NULL; + delete DebFile; + DebFile = NULL; + return false; + } + + delete Fd; + Fd = NULL; + delete DebFile; + DebFile = NULL; return true; } - + /*}}}*/ // CacheDB::LoadControl - Load Control information /*{{{*/ // --------------------------------------------------------------------- /* */ @@ -335,14 +227,23 @@ bool CacheDB::LoadControl() if ((CurStat.Flags & FlControl) == FlControl) { // Lookup the control information - InitQueryControl(); + InitQuery("cl"); if (Get() == true && Control.TakeControl(Data.data,Data.size) == true) return true; CurStat.Flags &= ~FlControl; } - if(OpenDebFile() == false) + if (Fd == NULL && OpenFile() == false) + { return false; + } + // Create a deb instance to read the archive + if (DebFile == 0) + { + DebFile = new debDebFile(*Fd); + if (_error->PendingError() == true) + return false; + } Stats.Misses++; if (Control.Read(*DebFile) == false) @@ -352,7 +253,7 @@ bool CacheDB::LoadControl() return _error->Error(_("Archive has no control record")); // Write back the control information - InitQueryControl(); + InitQuery("cl"); if (Put(Control.Control,Control.Length) == true) CurStat.Flags |= FlControl; return true; @@ -370,7 +271,7 @@ bool CacheDB::LoadContents(bool const &GenOnly) return true; // Lookup the contents information - InitQueryContent(); + InitQuery("cn"); if (Get() == true) { if (Contents.TakeContents(Data.data,Data.size) == true) @@ -380,15 +281,23 @@ bool CacheDB::LoadContents(bool const &GenOnly) CurStat.Flags &= ~FlContents; } - if(OpenDebFile() == false) + if (Fd == NULL && OpenFile() == false) + { return false; + } + // Create a deb instance to read the archive + if (DebFile == 0) + { + DebFile = new debDebFile(*Fd); + if (_error->PendingError() == true) + return false; + } - Stats.Misses++; if (Contents.Read(*DebFile) == false) return false; // Write back the control information - InitQueryContent(); + InitQuery("cn"); if (Put(Contents.Data,Contents.CurSize) == true) CurStat.Flags |= FlContents; return true; @@ -438,13 +347,14 @@ bool CacheDB::GetMD5(bool const &GenOnly) MD5Res = bytes2hex(CurStat.MD5, sizeof(CurStat.MD5)); return true; - } + } Stats.MD5Bytes += CurStat.FileSize; - if (OpenFile() == false) + if (Fd == NULL && OpenFile() == false) + { return false; - + } MD5Summation MD5; if (Fd->Seek(0) == false || MD5.AddFD(*Fd, CurStat.FileSize) == false) return false; @@ -472,9 +382,10 @@ bool CacheDB::GetSHA1(bool const &GenOnly) Stats.SHA1Bytes += CurStat.FileSize; - if (OpenFile() == false) + if (Fd == NULL && OpenFile() == false) + { return false; - + } SHA1Summation SHA1; if (Fd->Seek(0) == false || SHA1.AddFD(*Fd, CurStat.FileSize) == false) return false; @@ -502,9 +413,10 @@ bool CacheDB::GetSHA256(bool const &GenOnly) Stats.SHA256Bytes += CurStat.FileSize; - if (OpenFile() == false) + if (Fd == NULL && OpenFile() == false) + { return false; - + } SHA256Summation SHA256; if (Fd->Seek(0) == false || SHA256.AddFD(*Fd, CurStat.FileSize) == false) return false; @@ -532,9 +444,10 @@ bool CacheDB::GetSHA512(bool const &GenOnly) Stats.SHA512Bytes += CurStat.FileSize; - if (OpenFile() == false) + if (Fd == NULL && OpenFile() == false) + { return false; - + } SHA512Summation SHA512; if (Fd->Seek(0) == false || SHA512.AddFD(*Fd, CurStat.FileSize) == false) return false; @@ -554,11 +467,11 @@ bool CacheDB::Finish() if (CurStat.Flags == OldStat.Flags && CurStat.mtime == OldStat.mtime) return true; - + // Write the stat information CurStat.Flags = htonl(CurStat.Flags); CurStat.FileSize = htonl(CurStat.FileSize); - InitQueryStats(); + InitQuery("st"); Put(&CurStat,sizeof(CurStat)); CurStat.Flags = ntohl(CurStat.Flags); CurStat.FileSize = ntohl(CurStat.FileSize); @@ -591,24 +504,16 @@ bool CacheDB::Clean() { if (stringcmp(Colon + 1, (char *)Key.data+Key.size,"st") == 0 || stringcmp(Colon + 1, (char *)Key.data+Key.size,"cl") == 0 || - stringcmp(Colon + 1, (char *)Key.data+Key.size,"cs") == 0 || stringcmp(Colon + 1, (char *)Key.data+Key.size,"cn") == 0) { - std::string FileName = std::string((const char *)Key.data,Colon); - if (FileExists(FileName) == true) { - continue; - } + if (FileExists(std::string((const char *)Key.data,Colon)) == true) + continue; } } + Cursor->c_del(Cursor,0); } - int res = Dbp->compact(Dbp, NULL, NULL, NULL, NULL, DB_FREE_SPACE, NULL); - if (res < 0) - _error->Warning("compact failed with result %i", res); - - if(_config->FindB("Debug::APT::FTPArchive::Clean", false) == true) - Dbp->stat_print(Dbp, 0); - + Dbp->compact(Dbp, NULL, NULL, NULL, NULL, DB_FREE_SPACE, NULL); return true; } -- cgit v1.2.3