[pacman-dev] [PATCH] Ensure packages have a valid version
Currently you can manually create and then install a package with a version not containing a pkgrel. The created local database entry is invalid as the directory name can not be split by _alpm_splitname due to the assumtion of hyphens separating name-pkgver-pkgrel. Ensure the package has a valid version when it is loaded. Fixes FS#35514. Signed-off-by: Allan McRae <allan@archlinux.org> --- lib/libalpm/be_package.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c index 6262621..69871c2 100644 --- a/lib/libalpm/be_package.c +++ b/lib/libalpm/be_package.c @@ -413,6 +413,10 @@ alpm_pkg_t *_alpm_pkg_load_internal(alpm_handle_t *handle, _alpm_log(handle, ALPM_LOG_ERROR, _("missing package version in %s\n"), pkgfile); goto pkg_invalid; } + if(strstr(newpkg->version, "-") == NULL) { + _alpm_log(handle, ALPM_LOG_ERROR, _("invalid package version in %s\n"), pkgfile); + goto pkg_invalid; + } config = 1; continue; } else if(strcmp(entry_name, ".INSTALL") == 0) { -- 1.8.4
On Oct 14, 2013 7:12 AM, "Allan McRae" <allan@archlinux.org> wrote:
Currently you can manually create and then install a package with a version not containing a pkgrel. The created local database entry is invalid as the directory name can not be split by _alpm_splitname due to the assumtion of hyphens separating name-pkgver-pkgrel.
Ensure the package has a valid version when it is loaded. Fixes FS#35514.
Signed-off-by: Allan McRae <allan@archlinux.org> --- lib/libalpm/be_package.c | 4 ++++ 1 file changed, 4 insertions(+)
diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c index 6262621..69871c2 100644 --- a/lib/libalpm/be_package.c +++ b/lib/libalpm/be_package.c @@ -413,6 +413,10 @@ alpm_pkg_t *_alpm_pkg_load_internal(alpm_handle_t
*handle,
_alpm_log(handle, ALPM_LOG_ERROR,
_("missing package version in %s\n"), pkgfile);
goto pkg_invalid; } + if(strstr(newpkg->version, "-") == NULL) {
strchr?
+ _alpm_log(handle, ALPM_LOG_ERROR, _("invalid package version in %s\n"), pkgfile); + goto pkg_invalid; + } config = 1; continue; } else if(strcmp(entry_name, ".INSTALL") == 0) { -- 1.8.4
On 14/10/13 21:13, Dave Reisner wrote:
On Oct 14, 2013 7:12 AM, "Allan McRae" <allan@archlinux.org> wrote:
Currently you can manually create and then install a package with a version not containing a pkgrel. The created local database entry is invalid as the directory name can not be split by _alpm_splitname due to the assumtion of hyphens separating name-pkgver-pkgrel.
Ensure the package has a valid version when it is loaded. Fixes FS#35514.
Signed-off-by: Allan McRae <allan@archlinux.org> --- lib/libalpm/be_package.c | 4 ++++ 1 file changed, 4 insertions(+)
diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c index 6262621..69871c2 100644 --- a/lib/libalpm/be_package.c +++ b/lib/libalpm/be_package.c @@ -413,6 +413,10 @@ alpm_pkg_t *_alpm_pkg_load_internal(alpm_handle_t
*handle,
_alpm_log(handle, ALPM_LOG_ERROR,
_("missing package version in %s\n"), pkgfile);
goto pkg_invalid; } + if(strstr(newpkg->version, "-") == NULL) {
strchr?
Sure - fixed on my working branch.
+ _alpm_log(handle, ALPM_LOG_ERROR, _("invalid package version in %s\n"), pkgfile); + goto pkg_invalid; + } config = 1; continue; } else if(strcmp(entry_name, ".INSTALL") == 0) { -- 1.8.4
participants (2)
-
Allan McRae
-
Dave Reisner