From: Michael Vogt Date: Sun, 28 Jul 2013 07:25:57 +0000 (+0200) Subject: Merge remote-tracking branch 'mvo/bugfix/coverity' into debian/sid X-Git-Tag: 0.9.11~15 X-Git-Url: https://git.saurik.com/apt.git/commitdiff_plain/0c33605d981ceb78a4761e39043dc79ef9a571b2?hp=-c Merge remote-tracking branch 'mvo/bugfix/coverity' into debian/sid --- 0c33605d981ceb78a4761e39043dc79ef9a571b2 diff --combined apt-pkg/contrib/fileutl.cc index 5debb4f92,0b6e07f75..f24df65fc --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@@ -244,17 -244,20 +244,20 @@@ int GetLock(string File,bool Errors fl.l_len = 0; if (fcntl(FD,F_SETLK,&fl) == -1) { + // always close to not leak resources + int Tmp = errno; + close(FD); + errno = Tmp; + if (errno == ENOLCK) { _error->Warning(_("Not using locking for nfs mounted lock file %s"),File.c_str()); return dup(0); // Need something for the caller to close - } + } + if (Errors == true) _error->Errno("open",_("Could not get lock %s"),File.c_str()); - int Tmp = errno; - close(FD); - errno = Tmp; return -1; } @@@ -1218,11 -1221,9 +1221,9 @@@ FileFd::~FileFd( { Close(); if (d != NULL) - { d->CloseDown(FileName); - delete d; - d = NULL; - } + delete d; + d = NULL; } /*}}}*/ // FileFd::Read - Read a bit of the file /*{{{*/ @@@ -1598,11 -1599,7 +1599,11 @@@ unsigned long long FileFd::Size( char ignore[1000]; unsigned long long read = 0; do { - Read(ignore, sizeof(ignore), &read); + if (Read(ignore, sizeof(ignore), &read) == false) + { + Seek(oldSeek); + return 0; + } } while(read != 0); size = Tell(); Seek(oldSeek); @@@ -1619,16 -1616,10 +1620,16 @@@ * bits of the file */ // FIXME: Size for gz-files is limited by 32bit… no largefile support if (lseek(iFd, -4, SEEK_END) < 0) - return FileFdErrno("lseek","Unable to seek to end of gzipped file"); - size = 0L; + { + FileFdErrno("lseek","Unable to seek to end of gzipped file"); + return 0; + } + size = 0; if (read(iFd, &size, 4) != 4) - return FileFdErrno("read","Unable to read original size of gzipped file"); + { + FileFdErrno("read","Unable to read original size of gzipped file"); + return 0; + } #ifdef WORDS_BIGENDIAN uint32_t tmp_size = size; @@@ -1638,10 -1629,7 +1639,10 @@@ #endif if (lseek(iFd, oldPos, SEEK_SET) < 0) - return FileFdErrno("lseek","Unable to seek in gzipped file"); + { + FileFdErrno("lseek","Unable to seek in gzipped file"); + return 0; + } return size; } diff --combined apt-pkg/deb/dpkgpm.cc index d8fc8ef68,588ab68c4..b0bd6b184 --- a/apt-pkg/deb/dpkgpm.cc +++ b/apt-pkg/deb/dpkgpm.cc @@@ -134,6 -134,7 +134,7 @@@ static void dpkgChrootDirectory( std::cerr << "Chrooting into " << chrootDir << std::endl; if (chroot(chrootDir.c_str()) != 0) _exit(100); + chdir("/"); } /*}}}*/ @@@ -294,7 -295,7 +295,7 @@@ bool pkgDPkgPM::SendPkgsInfo(FILE * con if (CurVer.end() == true && (I->Op == Item::Remove || I->Op == Item::Purge)) CurVer = FindNowVersion(I->Pkg); - else if (CurVer.end() == true) + if (CurVer.end() == true) { if (Version <= 2) fprintf(F, "- "); diff --combined methods/http.cc index 82456d78b,ec5b1ff52..278ddb290 --- a/methods/http.cc +++ b/methods/http.cc @@@ -682,27 -682,28 +682,27 @@@ void HttpMethod::SendReq(FetchItem *Itm // Just in case. if (Itm->Uri.length() >= sizeof(Buf)) abort(); - - /* Build the request. We include a keep-alive header only for non-proxy - requests. This is to tweak old http/1.0 servers that do support keep-alive - but not HTTP/1.1 automatic keep-alive. Doing this with a proxy server - will glitch HTTP/1.0 proxies because they do not filter it out and - pass it on, HTTP/1.1 says the connection should default to keep alive - and we expect the proxy to do this */ + + /* RFC 2616 §5.1.2 requires absolute URIs for requests to proxies, + but while its a must for all servers to accept absolute URIs, + it is assumed clients will sent an absolute path for non-proxies */ + std::string requesturi; if (Proxy.empty() == true || Proxy.Host.empty()) - { - // see LP bugs #1003633 and #1086997. The "+" is encoded as a workaround - // for a amazon S3 bug - sprintf(Buf,"GET %s HTTP/1.1\r\nHost: %s\r\nConnection: keep-alive\r\n", - QuoteString(Uri.Path,"+~ ").c_str(),ProperHost.c_str()); - } + requesturi = Uri.Path; else - { - /* Generate a cache control header if necessary. We place a max - cache age on index files, optionally set a no-cache directive - and a no-store directive for archives. */ - sprintf(Buf,"GET %s HTTP/1.1\r\nHost: %s\r\n", - Itm->Uri.c_str(),ProperHost.c_str()); - } + requesturi = Itm->Uri; + + // The "+" is encoded as a workaround for a amazon S3 bug + // see LP bugs #1003633 and #1086997. + requesturi = QuoteString(requesturi, "+~ "); + + /* Build the request. No keep-alive is included as it is the default + in 1.1, can cause problems with proxies, and we are an HTTP/1.1 + client anyway. + C.f. https://tools.ietf.org/wg/httpbis/trac/ticket/158 */ + sprintf(Buf,"GET %s HTTP/1.1\r\nHost: %s\r\n", + requesturi.c_str(),ProperHost.c_str()); + // generate a cache control header (if needed) if (_config->FindB("Acquire::http::No-Cache",false) == true) { @@@ -1400,7 -1401,7 +1400,7 @@@ bool HttpMethod::AutoDetectProxy( char buf[512]; int InFd = Pipes[0]; close(Pipes[1]); - int res = read(InFd, buf, sizeof(buf)); + int res = read(InFd, buf, sizeof(buf)-1); ExecWait(Process, "ProxyAutoDetect", true); if (res < 0)