Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=2.1.2 2020-05-13T20:04:13Z 2020-05-13T20:04:13Z Julian Andres Klode julian.klode@canonical.com 2020-05-13T08:51:10Z urn:sha1:3368ae121112405259288c9139a300dc0cac31fe 2020-05-12T16:55:55Z Julian Andres Klode julian.klode@canonical.com 2020-05-12T09:49:09Z urn:sha1:dceb1e49e4b8e4dadaf056be34088b415939cda6 When normalizing ar member names by removing trailing whitespace and slashes, an out-out-bound read can be caused if the ar member name consists only of such characters, because the code did not stop at 0, but would wrap around and continue reading from the stack, without any limit. Add a check to abort if we reached the first character in the name, effectively rejecting the use of names consisting just of slashes and spaces. Furthermore, certain error cases in arfile.cc and extracttar.cc have included member names in the output that were not checked at all and might hence not be nul terminated, leading to further out of bound reads. Fixes Debian/apt#111 LP: #1878177 2020-05-08T13:52:14Z David Kalnischkies david@kalnischkies.de 2020-05-08T10:38:02Z urn:sha1:30fa50e8d593556553147478a2d5ea7a550f9e16 apt marks packages coming from the commandline among others as protected to ensure the various resolver parts do not fiddle with the state of these packages. aptitude (and potentially others) do not so the state is modified (to a Keep which for uninstalled means it is not going to be installed) due to being uninstallable before the call fails – basically reverting at least some state changes the call made before it realized it has to fail, which is usually a good idea, except if users expect you to not do it. They do set the FromUser option though which has beside controlling autobit also gained the notion of "the user is always right" over time and can be used for this one here as well preventing the state revert. References: 0de399391372450d0162b5a09bfca554b2d27c3d Reported-By: Jessica Clarke <jrtc27@debian.org> on IRC 2020-05-04T11:08:33Z Julian Andres Klode julian.klode@canonical.com 2020-05-04T11:08:33Z urn:sha1:c4f85bcb8bee1b5e647c7e629f616cffc7d12bbc Previously (and still in cacheset), patterns where only allowed to start with ? or ~, which ignores the fact that a pattern might just as well start with a negation, such a !~nfoo. Also, we ignored the --regex flag if it looked like this, which was somewhat bad. Let's change this all: * If --regex is given, arguments are always interpreted as regex * If it is a valid package wildcard (name or * characters), then it will be interpreted as a wildcard - this set of characters is free from meaningful overlap with patterns. * Otherwise, the argument is interpreted as a pattern. For a future version, we need to adapt parsing for cacheset and list to use a common parser, to avoid differences in their interpretation. Likely, this code will go into the pattern parser, such that it generates a pattern given a valid fnmatch argument for example. 2020-05-04T10:48:56Z Julian Andres Klode julian.klode@canonical.com 2020-05-04T10:23:50Z urn:sha1:75f59b16312523ab3deb995c48e8c8ae07586c23 Reinstate * wildcards as they are safe to use, but do not allow any other special characters such as ? or []. Notably, ? would overlap with patterns, and [] might overlap with future pattern extensions (alternative bracketing style), it's also hard to explain. Closes: #953531 LP: #1872200 2020-04-27T11:51:46Z David Kalnischkies david@kalnischkies.de 2020-04-27T11:51:46Z urn:sha1:ae23e53f99ea0b7920744a7303fdee64796b7cce Strange things happen if while resolving the dependencies of a package said dependencies want to remove the package. The allow-scores test e.g. removed the preferred alternative in favor of the last one now that they were exclusive. In our or-group for Recommends we would "just" not statisfy the Recommends and for Depends we engage the ProblemResolver… 2020-04-27T11:49:43Z David Kalnischkies david@kalnischkies.de 2020-04-26T19:09:14Z urn:sha1:ca14e1e2c3f3c9782f374757ca4605ce7e5670ad In normal upgrade scenarios this is no problem as the orgroup member will be marked for upgrade already, but on a not fully upgraded system (or while you operate on a different target release) we would go with our usual "first come first serve" approach which might lead us to install another provider who comes earlier – bad if the providers conflict. 2020-04-27T11:49:19Z David Kalnischkies david@kalnischkies.de 2020-04-27T11:49:19Z urn:sha1:f76a8d331a81bc7b102bdd4e0f8363e8a59f64f6 If a package is protected and has a dependency satisfied only by a single package (or conflicts with a package) this package must be part of the solution and so we can help later actions not exploring dead ends by propagating the protected flag to these "pseudo-protected" packages. An (obscure) bug this can help prevent (to some extend) is shown in test-apt-never-markauto-sections by not causing irreversible autobit transfers. As a sideeffect it seems also to help our crude ShowBroken to display slightly more helpful messages involving the packages which are actually in conflict. 2020-04-27T11:45:59Z David Kalnischkies david@kalnischkies.de 2020-04-26T11:11:31Z urn:sha1:0de399391372450d0162b5a09bfca554b2d27c3d We do pretty much the same in IsInstallOk, but here we have already set the state, so we have to unroll the state as well to sort-of replicate the state we were in before this MarkInstall failed. 2020-04-27T11:44:24Z David Kalnischkies david@kalnischkies.de 2020-04-25T09:28:47Z urn:sha1:ff4555c72df967e40590d9e8c6ce83e9df4c46ea MarkInstall only looks at the first alternative in an or-group which has a fighting chance of being satisfiable (= the package itself satisfies the dependency, if it is installable itself is not considered). This is "hidden" for Depends by the problem resolver who will try another member of the or-group later, but Recommends are not a problem for it, so for them the alternatives are never further explored. Exploring the or-group in MarkInstall seems like the better choice for both types as that frees the problem resolver to deal with the hard things like package conflicts.