diff options
| author | David Kalnischkies <david@kalnischkies.de> | 2018-01-04 22:57:21 +0100 |
|---|---|---|
| committer | David Kalnischkies <david@kalnischkies.de> | 2018-01-05 01:18:40 +0100 |
| commit | df2d614900476920671779f27fcc4143d3c1b5b7 (patch) | |
| tree | 846e9d66f15b1d08ce140e187821633613d89a97 /apt-pkg/deb | |
| parent | 6ca808480982726cea4f9004d57192905a1f1186 (diff) | |
dpkg status parsing: check if name is valid before use
The summary line sounds a bit much: what we end up doing is just adding
two more guards before using results which should always be validâ„¢.
That these values aren't valid is likely a bug in itself somewhere, but
that is no reason for crashing.
Diffstat (limited to 'apt-pkg/deb')
| -rw-r--r-- | apt-pkg/deb/dpkgpm.cc | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/apt-pkg/deb/dpkgpm.cc b/apt-pkg/deb/dpkgpm.cc index c6d0a50f1..c6900ec77 100644 --- a/apt-pkg/deb/dpkgpm.cc +++ b/apt-pkg/deb/dpkgpm.cc @@ -653,7 +653,13 @@ void pkgDPkgPM::ProcessDpkgStatusLine(char *line) // At this point we have a pkgname, but it might not be arch-qualified ! if (pkgname.find(":") == std::string::npos) { - pkgCache::GrpIterator Grp = Cache.FindGrp(pkgname); + pkgCache::GrpIterator const Grp = Cache.FindGrp(pkgname); + if (unlikely(Grp.end()== true)) + { + if (Debug == true) + std::clog << "unable to figure out which package is dpkg referring to with '" << pkgname << "'! (0)" << std::endl; + return; + } /* No arch means that dpkg believes there can only be one package this can refer to so lets see what could be candidates here: */ std::vector<pkgCache::PkgIterator> candset; @@ -729,7 +735,16 @@ void pkgDPkgPM::ProcessDpkgStatusLine(char *line) if (PackageOps[fullname].size() != PackageOpsDone[fullname]) pkgname = std::move(fullname); else - pkgname = std::find_if_not(candset.begin(), candset.end(), PkgHasCurrentVersion)->FullName(); + { + auto const pkgi = std::find_if_not(candset.begin(), candset.end(), PkgHasCurrentVersion); + if (unlikely(pkgi == candset.end())) + { + if (Debug == true) + std::clog << "situation for '" << pkgname << "' looked like a crossgrade, but all are installed?!" << std::endl; + return; + } + pkgname = pkgi->FullName(); + } } // we are desperate: so "just" take the native one, but that might change mid-air, // so we have to ask dpkg what it believes native is at the moment… all the time |