[pacman-dev] The real deal - pacman 3.0.0 RC1

Nagy Gabor ngaba at petra.hos.u-szeged.hu
Sun Mar 11 16:52:47 EDT 2007

The bug is in package.c/_alpm_pkg_update_requiredby:

			if(strcmp(dep->name, alpm_pkg_get_name(pkg)) == 0) {
				_alpm_log(PM_LOG_DEBUG, _("adding '%s' in requiredby field for '%s'"),
									cachepkg->name, pkg->name);
				alpm_list_t *reqs = alpm_pkg_get_requiredby(pkg);
				reqs = alpm_list_add(reqs, strdup(alpm_pkg_get_name(cachepkg)));
				pkg->requiredby = reqs;

So we don't check if that packagename which we add is in reqs or not.

An other (much smaller) bug I realized, that in this function we don't
check before adding foo to REQUIREDBY of pkg that pkg really satisfies
foo's dependency, just checks if foo's dependency name is pkg. However
we can break dependencies by -d switch, so absolutely not guaranteed
that pkg is needed by foo. I think REQUIREDBY means by definition that
pkg satisfies one of foo's dependencies and we don't ensure about this.

Bye, Nagy Gabor

More information about the pacman-dev mailing list