On 28/05/13 11:20, Allan McRae wrote:
On 22/05/13 16:19, Simon Gomizelj wrote:
On Wed, May 22, 2013 at 02:51:54PM +1000, Allan McRae wrote:
On 22/05/13 14:41, Simon Gomizelj wrote:
On Fri, May 10, 2013 at 10:41:41PM +1000, Allan McRae wrote:
On 09/05/13 16:48, Allan McRae wrote:
On 09/05/13 16:40, Simon Gomizelj wrote: > size_t cache_len = strlen(db->handle->dbpath) + strlen(db->handle->root); > > Do we actually need to recalculate this each time? Maybe its worth > cacheing somewhere. I'm sure there's more validation that could be > done within pacman. > > I'll leave the min length for now.
Why? What does three characters give you that one does not? I'm assuming an "a.Z" extension. By why do we need an extension?
Discussed on IRC. I'd prefer to explicitly check for "." and ".." rather than have the restriction of three.
Allan
Just checking it starts with '.' should be sufficient. It will rule out '..' and the filename is already explicitly restricted from containing '/'.
pkgname='.' works (somewhat). I guess pkgname=".foobar" is more plausible.
Allan
falconindy and I has a discussion on irc about what constitutes a valid filename and I think we settled on the idea that a hidden file should be invalid.
We could just move the dot check all together. So long as the filename doesn't contain a '/', its not a filepath.
We need a decision here so this patch can get pushed and we can finalise a maintenance release.
I vote detecting "." and "..". and any filename containing "/". I.e. detect all paths and only paths.
Bah - hidden files for packages can only be a bad thing... Sent a patch for makepkg to prevent packages starting with a ".". Ack -> maint for this patch.