]> git.saurik.com Git - apt.git/blobdiff - apt-pkg/edsp.cc
Fix buffer overflow in debListParser::VersionHash()
[apt.git] / apt-pkg / edsp.cc
index fcff208c102ed2e734b103b71edf28105090a533..49873f2438ddcbd8652567ebade9fae35df58d65 100644 (file)
@@ -12,6 +12,8 @@
 #include <apt-pkg/depcache.h>
 #include <apt-pkg/pkgcache.h>
 #include <apt-pkg/cacheiterators.h>
+#include <apt-pkg/prettyprinters.h>
+#include <apt-pkg/packagemanager.h>
 #include <apt-pkg/progress.h>
 #include <apt-pkg/fileutl.h>
 #include <apt-pkg/edsp.h>
@@ -625,7 +627,7 @@ bool EDSP::ReadResponse(int const input, pkgDepCache &Cache, OpProgress *Progres
        }
 
        FileFd in;
-       in.OpenDescriptor(input, FileFd::ReadOnly);
+       in.OpenDescriptor(input, FileFd::ReadOnly, true);
        pkgTagFile response(&in, 100);
        pkgTagSection section;
 
@@ -659,8 +661,12 @@ bool EDSP::ReadResponse(int const input, pkgDepCache &Cache, OpProgress *Progres
                        return false;
                } else if (section.Exists("Autoremove") == true)
                        type = "Autoremove";
-               else
+               else {
+                       char const *Start, *End;
+                       section.GetSection(Start, End);
+                       _error->Warning("Encountered an unexpected section with %d fields: %s", section.Count(), std::string(Start, End).c_str());
                        continue;
+               }
 
                size_t const id = section.FindULL(type.c_str(), VersionCount);
                if (id == VersionCount) {
@@ -968,14 +974,19 @@ static pid_t ExecuteExternal(char const* const type, char const * const binary,
                dup2(external[3], STDOUT_FILENO);
                auto const dumpfile = _config->FindFile((std::string("Dir::Log::") + type).c_str());
                auto const dumpdir = flNotFile(dumpfile);
+               auto const runasuser = _config->Find(std::string("APT::") + type + "::" + binary + "::RunAsUser",
+                     _config->Find(std::string("APT::") + type + "::RunAsUser",
+                        _config->Find("APT::Sandbox::User")));
                if (dumper.empty() || dumpfile.empty() || dumper == file || CreateAPTDirectoryIfNeeded(dumpdir, dumpdir) == false)
                {
+                  _config->Set("APT::Sandbox::User", runasuser);
+                  DropPrivileges();
                   char const * const calling[] = { file.c_str(), nullptr };
                   execv(calling[0], const_cast<char**>(calling));
                }
                else
                {
-                  char const * const calling[] = { dumper.c_str(), dumpfile.c_str(), file.c_str(), nullptr };
+                  char const * const calling[] = { dumper.c_str(), "--user", runasuser.c_str(), dumpfile.c_str(), file.c_str(), nullptr };
                   execv(calling[0], const_cast<char**>(calling));
                }
                std::cerr << "Failed to execute " << type << " '" << binary << "'!" << std::endl;
@@ -1059,3 +1070,399 @@ bool EDSP::ResolveExternal(const char* const solver, pkgDepCache &Cache,
    return ResolveExternal(solver, Cache, flags, Progress);
 }
                                                                        /*}}}*/
+
+bool EIPP::OrderInstall(char const * const solver, pkgPackageManager * const PM,       /*{{{*/
+                        unsigned int const flags, OpProgress * const Progress)
+{
+   if (strcmp(solver, "internal") == 0)
+   {
+      auto const dumpfile = _config->FindFile("Dir::Log::Planer");
+      if (dumpfile.empty())
+        return false;
+      auto const dumpdir = flNotFile(dumpfile);
+      FileFd output;
+      if (CreateAPTDirectoryIfNeeded(dumpdir, dumpdir) == false ||
+           output.Open(dumpfile, FileFd::WriteOnly | FileFd::Exclusive | FileFd::Create, FileFd::Extension, 0644) == false)
+        return _error->WarningE("EIPP::OrderInstall", _("Could not open file '%s'"), dumpfile.c_str());
+      bool Okay = EIPP::WriteRequest(PM->Cache, output, flags, nullptr);
+      return Okay && EIPP::WriteScenario(PM->Cache, output, nullptr);
+   }
+
+   int solver_in, solver_out;
+   pid_t const solver_pid = ExecuteExternal("planer", solver, "Dir::Bin::Planers", &solver_in, &solver_out);
+   if (solver_pid == 0)
+      return false;
+
+   FileFd output;
+   if (output.OpenDescriptor(solver_in, FileFd::WriteOnly | FileFd::BufferedWrite, true) == false)
+      return _error->Errno("EIPP::OrderInstall", "Opening planer %s stdin on fd %d for writing failed", solver, solver_in);
+
+   bool Okay = output.Failed() == false;
+   if (Progress != NULL)
+      Progress->OverallProgress(0, 100, 5, _("Execute external planer"));
+   Okay &= EIPP::WriteRequest(PM->Cache, output, flags, Progress);
+   if (Progress != NULL)
+      Progress->OverallProgress(5, 100, 20, _("Execute external planer"));
+   Okay &= EIPP::WriteScenario(PM->Cache, output, Progress);
+   output.Close();
+
+   if (Progress != NULL)
+      Progress->OverallProgress(25, 100, 75, _("Execute external planer"));
+
+   // we don't tell the external planers about boring things
+   for (auto Pkg = PM->Cache.PkgBegin(); Pkg.end() == false; ++Pkg)
+   {
+      if (Pkg->CurrentState == pkgCache::State::ConfigFiles && PM->Cache[Pkg].Purge() == true)
+        PM->Remove(Pkg, true);
+   }
+
+   if (Okay && EIPP::ReadResponse(solver_out, PM, Progress) == false)
+      return false;
+
+   return ExecWait(solver_pid, solver);
+}
+                                                                       /*}}}*/
+bool EIPP::WriteRequest(pkgDepCache &Cache, FileFd &output,            /*{{{*/
+                       unsigned int const flags,
+                       OpProgress * const Progress)
+{
+   if (Progress != NULL)
+      Progress->SubProgress(Cache.Head().PackageCount, _("Send request to planer"));
+   unsigned long p = 0;
+   string del, inst, reinst;
+   for (pkgCache::PkgIterator Pkg = Cache.PkgBegin(); Pkg.end() == false; ++Pkg, ++p)
+   {
+      if (Progress != NULL && p % 100 == 0)
+         Progress->Progress(p);
+      string* req;
+      pkgDepCache::StateCache &P = Cache[Pkg];
+      if (P.Purge() == true && Pkg->CurrentState == pkgCache::State::ConfigFiles)
+        continue;
+      if (P.Delete() == true)
+        req = &del;
+      else if (P.NewInstall() == true || P.Upgrade() == true || P.Downgrade() == true)
+        req = &inst;
+      else if (P.ReInstall() == true)
+        req = &reinst;
+      else
+        continue;
+      req->append(" ").append(Pkg.FullName());
+   }
+   bool Okay = WriteOkay(output, "Request: EIPP 0.1\n");
+
+   const char *arch = _config->Find("APT::Architecture").c_str();
+   std::vector<string> archs = APT::Configuration::getArchitectures();
+   WriteOkay(Okay, output, "Architecture: ", arch, "\n",
+        "Architectures:");
+   for (std::vector<string>::const_iterator a = archs.begin(); a != archs.end(); ++a)
+       WriteOkay(Okay, output, " ", *a);
+   WriteOkay(Okay, output, "\n");
+
+   if (del.empty() == false)
+      WriteOkay(Okay, output, "Remove:", del, "\n");
+   if (inst.empty() == false)
+      WriteOkay(Okay, output, "Install:", inst, "\n");
+   if (reinst.empty() == false)
+      WriteOkay(Okay, output, "ReInstall:", reinst, "\n");
+   WriteOkay(Okay, output, "Planer: ", _config->Find("APT::Planer", "internal"), "\n");
+   if ((flags & Request::IMMEDIATE_CONFIGURATION_ALL) != 0)
+      WriteOkay(Okay, output, "Immediate-Configuration: yes\n");
+   else if ((flags & Request::NO_IMMEDIATE_CONFIGURATION) != 0)
+      WriteOkay(Okay, output, "Immediate-Configuration: no\n");
+   else if ((flags & Request::ALLOW_TEMPORARY_REMOVE_OF_ESSENTIALS) != 0)
+      WriteOkay(Okay, output, "Allow-Temporary-Remove-of-Essentials: yes\n");
+   return WriteOkay(Okay, output, "\n");
+}
+                                                                       /*}}}*/
+static bool WriteScenarioEIPPVersion(pkgDepCache &, FileFd &output, pkgCache::PkgIterator const &Pkg,/*{{{*/
+                               pkgCache::VerIterator const &Ver)
+{
+   bool Okay = true;
+   if (Pkg.CurrentVer() == Ver)
+      switch (Pkg->CurrentState)
+      {
+        case pkgCache::State::NotInstalled: WriteOkay(Okay, output, "\nStatus: not-installed"); break;
+        case pkgCache::State::ConfigFiles: WriteOkay(Okay, output, "\nStatus: config-files"); break;
+        case pkgCache::State::HalfInstalled: WriteOkay(Okay, output, "\nStatus: half-installed"); break;
+        case pkgCache::State::UnPacked: WriteOkay(Okay, output, "\nStatus: unpacked"); break;
+        case pkgCache::State::HalfConfigured: WriteOkay(Okay, output, "\nStatus: half-configured"); break;
+        case pkgCache::State::TriggersAwaited: WriteOkay(Okay, output, "\nStatus: triggers-awaited"); break;
+        case pkgCache::State::TriggersPending: WriteOkay(Okay, output, "\nStatus: triggers-pending"); break;
+        case pkgCache::State::Installed: WriteOkay(Okay, output, "\nStatus: installed"); break;
+      }
+   return Okay;
+}
+                                                                       /*}}}*/
+// EIPP::WriteScenario - to the given file descriptor                  /*{{{*/
+template<typename forVersion> void forAllInterestingVersions(pkgDepCache &Cache, pkgCache::PkgIterator const &Pkg, forVersion const &func)
+{
+   if (Pkg->CurrentState == pkgCache::State::NotInstalled)
+   {
+      auto P = Cache[Pkg];
+      if (P.Install() == false)
+        return;
+      func(Pkg, P.InstVerIter(Cache));
+   }
+   else
+   {
+      if (Pkg->CurrentVer != 0)
+        func(Pkg, Pkg.CurrentVer());
+      auto P = Cache[Pkg];
+      auto const V = P.InstVerIter(Cache);
+      if (P.Delete() == false && Pkg.CurrentVer() != V)
+        func(Pkg, V);
+   }
+}
+
+bool EIPP::WriteScenario(pkgDepCache &Cache, FileFd &output, OpProgress * const Progress)
+{
+   if (Progress != NULL)
+      Progress->SubProgress(Cache.Head().PackageCount, _("Send scenario to planer"));
+   unsigned long p = 0;
+   bool Okay = output.Failed() == false;
+   std::vector<std::string> archs = APT::Configuration::getArchitectures();
+   std::vector<bool> pkgset(Cache.Head().PackageCount, false);
+   auto const MarkVersion = [&](pkgCache::PkgIterator const &Pkg, pkgCache::VerIterator const &Ver) {
+      pkgset[Pkg->ID] = true;
+      for (auto D = Ver.DependsList(); D.end() == false; ++D)
+      {
+        if (D.IsCritical() == false)
+           continue;
+        auto const P = D.TargetPkg();
+        for (auto Prv = P.ProvidesList(); Prv.end() == false; ++Prv)
+        {
+           auto const V = Prv.OwnerVer();
+           auto const PV = V.ParentPkg();
+           if (V == PV.CurrentVer() || V == Cache[PV].InstVerIter(Cache))
+              pkgset[PV->ID] = true;
+        }
+        pkgset[P->ID] = true;
+        if (strcmp(P.Arch(), "any") == 0)
+        {
+           APT::StringView const pkgname(P.Name());
+           auto const idxColon = pkgname.find(':');
+           if (idxColon != APT::StringView::npos)
+           {
+              pkgCache::PkgIterator PA;
+              if (pkgname.substr(idxColon + 1) == "any")
+              {
+                 auto const GA = Cache.FindGrp(pkgname.substr(0, idxColon).to_string());
+                 for (auto PA = GA.PackageList(); PA.end() == false; PA = GA.NextPkg(PA))
+                 {
+                    pkgset[PA->ID] = true;
+                 }
+              }
+              else
+              {
+                 auto const PA = Cache.FindPkg(pkgname.to_string());
+                 if (PA.end() == false)
+                    pkgset[PA->ID] = true;
+              }
+           }
+        }
+        else
+        {
+           auto const PA = Cache.FindPkg(P.FullName(false), "any");
+           if (PA.end() == false)
+              pkgset[PA->ID] = true;
+        }
+      }
+   };
+   for (pkgCache::PkgIterator Pkg = Cache.PkgBegin(); Pkg.end() == false; ++Pkg)
+      forAllInterestingVersions(Cache, Pkg, MarkVersion);
+   auto const WriteVersion = [&](pkgCache::PkgIterator const &Pkg, pkgCache::VerIterator const &Ver) {
+      Okay &= WriteScenarioVersion(output, Pkg, Ver);
+      Okay &= WriteScenarioEIPPVersion(Cache, output, Pkg, Ver);
+      Okay &= WriteScenarioLimitedDependency(output, Ver, pkgset, true);
+      WriteOkay(Okay, output, "\n");
+      if (Progress != NULL && p % 100 == 0)
+        Progress->Progress(p);
+   };
+   for (pkgCache::PkgIterator Pkg = Cache.PkgBegin(); Pkg.end() == false && likely(Okay); ++Pkg, ++p)
+   {
+      if (pkgset[Pkg->ID] == false || Pkg->VersionList == 0)
+        continue;
+      forAllInterestingVersions(Cache, Pkg, WriteVersion);
+   }
+   return true;
+}
+                                                                       /*}}}*/
+// EIPP::ReadResponse - from the given file descriptor                 /*{{{*/
+bool EIPP::ReadResponse(int const input, pkgPackageManager * const PM, OpProgress *Progress) {
+   /* We build an map id to mmap offset here
+      In theory we could use the offset as ID, but then VersionCount
+      couldn't be used to create other versionmappings anymore and it
+      would be too easy for a (buggy) solver to segfault APT… */
+   unsigned long long const VersionCount = PM->Cache.Head().VersionCount;
+   unsigned long VerIdx[VersionCount];
+   for (pkgCache::PkgIterator P = PM->Cache.PkgBegin(); P.end() == false; ++P) {
+      for (pkgCache::VerIterator V = P.VersionList(); V.end() == false; ++V)
+        VerIdx[V->ID] = V.Index();
+   }
+
+   FileFd in;
+   in.OpenDescriptor(input, FileFd::ReadOnly);
+   pkgTagFile response(&in, 100);
+   pkgTagSection section;
+
+   while (response.Step(section) == true) {
+      char const * type = nullptr;
+      if (section.Exists("Progress") == true) {
+        if (Progress != NULL) {
+           string msg = section.FindS("Message");
+           if (msg.empty() == true)
+              msg = _("Prepare for receiving solution");
+           Progress->SubProgress(100, msg, section.FindI("Percentage", 0));
+        }
+        continue;
+      } else if (section.Exists("Error") == true) {
+        std::string msg = SubstVar(SubstVar(section.FindS("Message"), "\n .\n", "\n\n"), "\n ", "\n");
+        if (msg.empty() == true) {
+           msg = _("External planer failed without a proper error message");
+           _error->Error("%s", msg.c_str());
+        } else
+           _error->Error("External planer failed with: %s", msg.substr(0,msg.find('\n')).c_str());
+        if (Progress != NULL)
+           Progress->Done();
+        std::cerr << "The planer encountered an error of type: " << section.FindS("Error") << std::endl;
+        std::cerr << "The following information might help you to understand what is wrong:" << std::endl;
+        std::cerr << msg << std::endl << std::endl;
+        return false;
+      } else if (section.Exists("Unpack") == true)
+        type = "Unpack";
+      else if (section.Exists("Configure") == true)
+        type = "Configure";
+      else if (section.Exists("Remove") == true)
+        type = "Remove";
+      else {
+        char const *Start, *End;
+        section.GetSection(Start, End);
+        _error->Warning("Encountered an unexpected section with %d fields: %s", section.Count(), std::string(Start, End).c_str());
+        continue;
+      }
+
+      if (type == nullptr)
+        continue;
+      size_t const id = section.FindULL(type, VersionCount);
+      if (id == VersionCount) {
+        _error->Warning("Unable to parse %s request with id value '%s'!", type, section.FindS(type).c_str());
+        continue;
+      } else if (id > PM->Cache.Head().VersionCount) {
+        _error->Warning("ID value '%s' in %s request stanza is to high to refer to a known version!", section.FindS(type).c_str(), type);
+        continue;
+      }
+
+      pkgCache::VerIterator Ver(PM->Cache.GetCache(), PM->Cache.GetCache().VerP + VerIdx[id]);
+      auto const Pkg = Ver.ParentPkg();
+      if (strcmp(type, "Unpack") == 0)
+        PM->Install(Pkg, PM->FileNames[Pkg->ID]);
+      else if (strcmp(type, "Configure") == 0)
+        PM->Configure(Pkg);
+      else if (strcmp(type, "Remove") == 0)
+        PM->Remove(Pkg, PM->Cache[Pkg].Purge());
+   }
+   return true;
+}
+                                                                       /*}}}*/
+bool EIPP::ReadRequest(int const input, std::list<std::pair<std::string,PKG_ACTION>> &actions,/*{{{*/
+      unsigned int &flags)
+{
+   actions.clear();
+   flags = 0;
+   std::string line;
+   while (ReadLine(input, line) == true)
+   {
+      // Skip empty lines before request
+      if (line.empty() == true)
+        continue;
+      // The first Tag must be a request, so search for it
+      if (line.compare(0, 8, "Request:") != 0)
+        continue;
+
+      while (ReadLine(input, line) == true)
+      {
+        // empty lines are the end of the request
+        if (line.empty() == true)
+           return true;
+
+        PKG_ACTION pkgact = PKG_ACTION::NOOP;
+        if (LineStartsWithAndStrip(line, "Install:"))
+           pkgact = PKG_ACTION::INSTALL;
+        else if (LineStartsWithAndStrip(line, "ReInstall:"))
+           pkgact = PKG_ACTION::REINSTALL;
+        else if (LineStartsWithAndStrip(line, "Remove:"))
+           pkgact = PKG_ACTION::REMOVE;
+        else if (LineStartsWithAndStrip(line, "Architecture:"))
+           _config->Set("APT::Architecture", line);
+        else if (LineStartsWithAndStrip(line, "Architectures:"))
+           _config->Set("APT::Architectures", SubstVar(line, " ", ","));
+        else if (LineStartsWithAndStrip(line, "Planer:"))
+           ; // purely informational line
+        else if (LineStartsWithAndStrip(line, "Immediate-Configuration:"))
+        {
+           if (localStringToBool(line, true))
+              flags |= Request::IMMEDIATE_CONFIGURATION_ALL;
+           else
+              flags |= Request::NO_IMMEDIATE_CONFIGURATION;
+        }
+        else if (ReadFlag(flags, line, "Allow-Temporary-Remove-of-Essentials:", Request::ALLOW_TEMPORARY_REMOVE_OF_ESSENTIALS))
+           ;
+        else
+           _error->Warning("Unknown line in EIPP Request stanza: %s", line.c_str());
+
+        if (pkgact == PKG_ACTION::NOOP)
+           continue;
+        for (auto && p: VectorizeString(line, ' '))
+           actions.emplace_back(std::move(p), pkgact);
+      }
+   }
+   return false;
+
+
+   return false;
+}
+                                                                       /*}}}*/
+bool EIPP::ApplyRequest(std::list<std::pair<std::string,PKG_ACTION>> &actions,/*{{{*/
+        pkgDepCache &Cache)
+{
+   for (auto Pkg = Cache.PkgBegin(); Pkg.end() == false; ++Pkg)
+   {
+      short versions = 0;
+      for (auto Ver = Pkg.VersionList(); Ver.end() == false; ++Ver)
+      {
+        ++versions;
+        if (Pkg.CurrentVer() == Ver)
+           continue;
+        Cache.SetCandidateVersion(Ver);
+      }
+      if (unlikely(versions > 2))
+        _error->Warning("Package %s has %d versions, but should have at most 2!", Pkg.FullName().c_str(), versions);
+   }
+   for (auto && a: actions)
+   {
+      pkgCache::PkgIterator P = Cache.FindPkg(a.first);
+      if (P.end() == true)
+      {
+        _error->Warning("Package %s is not known, so can't be acted on", a.first.c_str());
+        continue;
+      }
+      switch (a.second)
+      {
+        case PKG_ACTION::NOOP:
+           _error->Warning("Package %s has NOOP as action?!?", a.first.c_str());
+           break;
+        case PKG_ACTION::INSTALL:
+           Cache.MarkInstall(P, false);
+           break;
+        case PKG_ACTION::REINSTALL:
+           Cache.MarkInstall(P, false);
+           Cache.SetReInstall(P, true);
+           break;
+        case PKG_ACTION::REMOVE:
+           Cache.MarkDelete(P);
+           break;
+      }
+   }
+   return true;
+}
+                                                                       /*}}}*/