Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=2.1.4 2020-05-18T13:55:36Z 2020-05-18T13:55:36Z David Kalnischkies david@kalnischkies.de 2020-05-18T09:55:54Z urn:sha1:c470d92366d7c3c239a689f0a10d6d0d9daafbff Our testcases had their own implementation of GetTempFile with the feature of a temporary file with a choosen suffix. Merging this into GetTempFile lets us drop this duplicate and hence test more our code rather than testing our helpers for test implementation. And then hashsums_test had another implementation… and extracttar wasn't even trying to use a real tempfile… one GetTempFile to rule them all! That also ensures that these tempfiles are created in a temporary directory rather than the current directory which is a nice touch and tries a little harder to clean up those tempfiles. 2020-02-26T17:12:18Z David Kalnischkies david@kalnischkies.de 2020-02-20T11:49:15Z urn:sha1:110078022a6c6103be8f557aef1e268c4b680d88 No sensible file should include these, but even insensible files do not gain unfair advantages with it as this parser does not deal with security critical files before they haven't passed other checks like signatures or hashsums. The problem is that the parser accepts and parses empty tag names correctly, but does not store the data parsed which will effect later passes over the data resulting e.g. in the following tag containing the name and value of the previous (empty) tag, its own tagname and its own value or a crash due to an attempt to access invalid memory depending on who passes over the data and what is done with it. This commit fixes both, the incidient of the crash reported by Anatoly Trosinenko who reproduced it via apt-sortpkgs: | $ cat /tmp/Packages-null | 0: | PACKAGE:0 | | : | PACKAGE: | | PACKAGE:: | $ apt-sortpkgs /tmp/Packages-null and the deeper parsing issue shown by the included testcase. Reported-By: Anatoly Trosinenko <anatoly.trosinenko@gmail.com> References: 8710a36a01c0cb1648926792c2ad05185535558e 2020-02-18T11:48:38Z Julian Andres Klode julian.klode@canonical.com 2020-02-18T11:48:38Z urn:sha1:e8016805b87bead8eb3dff0d0559c5d9590b721b Remove all code scheduled to be removed after 5.90, and fix files to include files they previously got from hashes.h including more headers. 2020-02-03T11:55:54Z Julian Andres Klode julian.klode@canonical.com 2020-02-03T11:15:07Z urn:sha1:404771d0ec11f26a0b631018719e2918a049455b 2020-02-03T11:55:54Z Julian Andres Klode julian.klode@canonical.com 2020-02-01T16:33:08Z urn:sha1:11a40ab11f72f85e905bdba4d3274870fbcaeaee we have to stop parsing on space so that things like ~ramd64 | ~rall work correctly. aptitude does not stop parsing on ?, but we'll do as it gets very confusing otherwise if you write stuff like ~ramd64?name(foo), and it resolves to ?and(?architecture(amd64?name), (foo))... 2020-02-03T11:55:54Z Julian Andres Klode julian.klode@canonical.com 2020-02-01T16:21:40Z urn:sha1:8886ea163032fb8bf64211a94c5dc252a4572a9c 2020-02-03T11:55:54Z Julian Andres Klode julian.klode@canonical.com 2020-02-01T16:12:35Z urn:sha1:d6f38436a229dc4421e77b58bf42d07bdb28b808 2020-02-03T11:55:54Z Julian Andres Klode julian.klode@canonical.com 2020-01-28T21:38:46Z urn:sha1:250119362e44599aad7e75462fa4298ad1ab1ad9 2020-02-03T11:55:54Z Julian Andres Klode julian.klode@canonical.com 2020-01-28T22:06:08Z urn:sha1:ebe5f39bfbb64921d5d31e0a6e49287356a5e6e2 This changes the syntax from approximately expr = unary unary = '!'? primary primary = pattern | short-pattern | word | quoted-word pattern = '?' name [ '(' expr [',' expr]* ')' ] short-pattern = ~ name | ~name expr to: primary = pattern | short-pattern argument = word | quoted-word | expr pattern = '?' name [ '(' argument [',' argument]* ')' ] short-pattern = ~ name | ~name argument 2020-02-03T11:55:54Z Julian Andres Klode julian.klode@canonical.com 2020-01-28T20:46:10Z urn:sha1:8d4967d3a187dd66cf14b070a9db63f8ea21b21f