]> git.saurik.com Git - apt.git/blob - apt-pkg/deb/debsrcrecords.cc
projects / apt.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix segfault and out-of-bounds read in Binary fields
[apt.git] / apt-pkg / deb / debsrcrecords.cc
1 // -*- mode: cpp; mode: fold -*-
2 // Description /*{{{*/
3 // $Id: debsrcrecords.cc,v 1.6 2004/03/17 05:58:54 mdz Exp $
4 /* ######################################################################
5
6 Debian Source Package Records - Parser implementation for Debian style
7 source indexes
8
9 ##################################################################### */
10 /*}}}*/
11 // Include Files /*{{{*/
12 #include <config.h>
13
14 #include <apt-pkg/deblistparser.h>
15 #include <apt-pkg/debsrcrecords.h>
16 #include <apt-pkg/error.h>
17 #include <apt-pkg/strutl.h>
18 #include <apt-pkg/aptconfiguration.h>
19 #include <apt-pkg/srcrecords.h>
20 #include <apt-pkg/tagfile.h>
21 #include <apt-pkg/hashes.h>
22 #include <apt-pkg/gpgv.h>
23
24 #include <ctype.h>
25 #include <stdlib.h>
26 #include <string.h>
27 #include <algorithm>
28 #include <string>
29 #include <vector>
30 /*}}}*/
31
32 using std::max;
33 using std::string;
34
35 debSrcRecordParser::debSrcRecordParser(std::string const &File,pkgIndexFile const *Index)
36 : Parser(Index), d(NULL), Tags(&Fd), iOffset(0), Buffer(NULL)
37 {
38 if (File.empty() == false)
39 {
40 if (Fd.Open(File, FileFd::ReadOnly, FileFd::Extension))
41 Tags.Init(&Fd, 102400);
42 }
43 }
44 std::string debSrcRecordParser::Package() const /*{{{*/
45 {
46 auto const name = Sect.FindS("Package");
47 if (iIndex == nullptr)
48 return name.empty() ? Sect.FindS("Source") : name;
49 else
50 return name;
51 }
52 /*}}}*/
53 // SrcRecordParser::Binaries - Return the binaries field /*{{{*/
54 // ---------------------------------------------------------------------
55 /* This member parses the binaries field into a pair of class arrays and
56 returns a list of strings representing all of the components of the
57 binaries field. The returned array need not be freed and will be
58 reused by the next Binaries function call. This function is commonly
59 used during scanning to find the right package */
60 const char **debSrcRecordParser::Binaries()
61 {
62 const char *Start, *End;
63 if (Sect.Find("Binary", Start, End) == false)
64 return NULL;
65 for (; isspace_ascii(*Start) != 0; ++Start);
66 if (Start >= End)
67 return NULL;
68
69 StaticBinList.clear();
70 free(Buffer);
71 Buffer = strndup(Start, End - Start);
72
73 char* bin = Buffer;
74 do {
75 char* binStartNext = strchrnul(bin, ',');
76 // Found a comma, clean up any space before it
77 if (binStartNext > Buffer) {
78 char* binEnd = binStartNext - 1;
79 for (; binEnd > Buffer && isspace_ascii(*binEnd) != 0; --binEnd)
80 *binEnd = 0;
81 }
82 StaticBinList.push_back(bin);
83 if (*binStartNext != ',')
84 break;
85 *binStartNext = '\0';
86 for (bin = binStartNext + 1; isspace_ascii(*bin) != 0; ++bin)
87 ;
88 } while (*bin != '\0');
89 StaticBinList.push_back(NULL);
90
91 return &StaticBinList[0];
92 }
93 /*}}}*/
94 // SrcRecordParser::BuildDepends - Return the Build-Depends information /*{{{*/
95 // ---------------------------------------------------------------------
96 /* This member parses the build-depends information and returns a list of
97 package/version records representing the build dependency. The returned
98 array need not be freed and will be reused by the next call to this
99 function */
100 bool debSrcRecordParser::BuildDepends(std::vector<pkgSrcRecords::Parser::BuildDepRec> &BuildDeps,
101 bool const &ArchOnly, bool const &StripMultiArch)
102 {
103 unsigned int I;
104 const char *Start, *Stop;
105 BuildDepRec rec;
106 const char *fields[] = {"Build-Depends",
107 "Build-Depends-Indep",
108 "Build-Conflicts",
109 "Build-Conflicts-Indep"};
110
111 BuildDeps.clear();
112
113 for (I = 0; I < 4; I++)
114 {
115 if (ArchOnly && (I == 1 || I == 3))
116 continue;
117
118 if (Sect.Find(fields[I], Start, Stop) == false)
119 continue;
120
121 while (1)
122 {
123 Start = debListParser::ParseDepends(Start, Stop,
124 rec.Package,rec.Version,rec.Op,true,StripMultiArch,true);
125
126 if (Start == 0)
127 return _error->Error("Problem parsing dependency: %s", fields[I]);
128 rec.Type = I;
129
130 if (rec.Package != "")
131 BuildDeps.push_back(rec);
132
133 if (Start == Stop)
134 break;
135 }
136 }
137
138 return true;
139 }
140 /*}}}*/
141 // SrcRecordParser::Files - Return a list of files for this source /*{{{*/
142 // ---------------------------------------------------------------------
143 /* This parses the list of files and returns it, each file is required to have
144 a complete source package */
145 bool debSrcRecordParser::Files(std::vector<pkgSrcRecords::File> &F)
146 {
147 std::vector<pkgSrcRecords::File2> F2;
148 if (Files2(F2) == false)
149 return false;
150 for (std::vector<pkgSrcRecords::File2>::const_iterator f2 = F2.begin(); f2 != F2.end(); ++f2)
151 {
152 pkgSrcRecords::File2 f;
153 #if __GNUC__ >= 4
154 #pragma GCC diagnostic push
155 #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
156 #endif
157 f.MD5Hash = f2->MD5Hash;
158 f.Size = f2->Size;
159 #if __GNUC__ >= 4
160 #pragma GCC diagnostic pop
161 #endif
162 f.Path = f2->Path;
163 f.Type = f2->Type;
164 F.push_back(f);
165 }
166 return true;
167 }
168 bool debSrcRecordParser::Files2(std::vector<pkgSrcRecords::File2> &List)
169 {
170 List.clear();
171
172 // Stash the / terminated directory prefix
173 string Base = Sect.FindS("Directory");
174 if (Base.empty() == false && Base[Base.length()-1] != '/')
175 Base += '/';
176
177 std::vector<std::string> const compExts = APT::Configuration::getCompressorExtensions();
178
179 for (char const * const * type = HashString::SupportedHashes(); *type != NULL; ++type)
180 {
181 // derive field from checksum type
182 std::string checksumField("Checksums-");
183 if (strcmp(*type, "MD5Sum") == 0)
184 checksumField = "Files"; // historic name for MD5 checksums
185 else
186 checksumField.append(*type);
187
188 string const Files = Sect.FindS(checksumField.c_str());
189 if (Files.empty() == true)
190 continue;
191
192 // Iterate over the entire list grabbing each triplet
193 const char *C = Files.c_str();
194 while (*C != 0)
195 {
196 string hash, size, path;
197
198 // Parse each of the elements
199 if (ParseQuoteWord(C, hash) == false ||
200 ParseQuoteWord(C, size) == false ||
201 ParseQuoteWord(C, path) == false)
202 return _error->Error("Error parsing file record in %s of source package %s", checksumField.c_str(), Package().c_str());
203
204 if (iIndex == nullptr && checksumField == "Files")
205 {
206 // the Files field has a different format than the rest in deb-changes files
207 std::string ignore;
208 if (ParseQuoteWord(C, ignore) == false ||
209 ParseQuoteWord(C, path) == false)
210 return _error->Error("Error parsing file record in %s of source package %s", checksumField.c_str(), Package().c_str());
211 }
212
213 HashString const hashString(*type, hash);
214 if (Base.empty() == false)
215 path = Base + path;
216
217 // look if we have a record for this file already
218 std::vector<pkgSrcRecords::File2>::iterator file = List.begin();
219 for (; file != List.end(); ++file)
220 if (file->Path == path)
221 break;
222
223 // we have it already, store the new hash and be done
224 if (file != List.end())
225 {
226 if (checksumField == "Files")
227 APT_IGNORE_DEPRECATED(file->MD5Hash = hash;)
228 // an error here indicates that we have two different hashes for the same file
229 if (file->Hashes.push_back(hashString) == false)
230 return _error->Error("Error parsing checksum in %s of source package %s", checksumField.c_str(), Package().c_str());
231 continue;
232 }
233
234 // we haven't seen this file yet
235 pkgSrcRecords::File2 F;
236 F.Path = path;
237 F.FileSize = strtoull(size.c_str(), NULL, 10);
238 F.Hashes.push_back(hashString);
239 F.Hashes.FileSize(F.FileSize);
240
241 APT_IGNORE_DEPRECATED_PUSH
242 F.Size = F.FileSize;
243 if (checksumField == "Files")
244 F.MD5Hash = hash;
245 APT_IGNORE_DEPRECATED_POP
246
247 // Try to guess what sort of file it is we are getting.
248 string::size_type Pos = F.Path.length()-1;
249 while (1)
250 {
251 string::size_type Tmp = F.Path.rfind('.',Pos);
252 if (Tmp == string::npos)
253 break;
254 if (F.Type == "tar") {
255 // source v3 has extension 'debian.tar.*' instead of 'diff.*'
256 if (string(F.Path, Tmp+1, Pos-Tmp) == "debian")
257 F.Type = "diff";
258 break;
259 }
260 F.Type = string(F.Path,Tmp+1,Pos-Tmp);
261
262 if (std::find(compExts.begin(), compExts.end(), std::string(".").append(F.Type)) != compExts.end() ||
263 F.Type == "tar")
264 {
265 Pos = Tmp-1;
266 continue;
267 }
268
269 break;
270 }
271 List.push_back(F);
272 }
273 }
274
275 return true;
276 }
277 /*}}}*/
278 // SrcRecordParser::~SrcRecordParser - Destructor /*{{{*/
279 // ---------------------------------------------------------------------
280 /* */
281 debSrcRecordParser::~debSrcRecordParser()
282 {
283 // was allocated via strndup()
284 free(Buffer);
285 }
286 /*}}}*/
287
288
289 debDscRecordParser::debDscRecordParser(std::string const &DscFile, pkgIndexFile const *Index)
290 : debSrcRecordParser("", Index)
291 {
292 // support clear signed files
293 if (OpenMaybeClearSignedFile(DscFile, Fd) == false)
294 {
295 _error->Error("Failed to open %s", DscFile.c_str());
296 return;
297 }
298
299 // re-init to ensure the updated Fd is used
300 Tags.Init(&Fd, pkgTagFile::SUPPORT_COMMENTS);
301 // read the first (and only) record
302 Step();
303
304 }
APT (for Cydia)