| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
| |
The --cli-version argument can be used to request a specific
CLI version. The default CLI version is the APT version for apt(8)
and 0 for the other apt-get tools.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
We were rather inconsistent in using it and as our public headers
contain deduction guides (a c++17 feature) it seems silly to try to hide
a c++11 feature in a macro, so lets stop this charade and drop the
macro and while we are changing all these lines lets apply [[nodiscard]]
(another c++17 feature) and other suggestions from clang-tidy and
formatting for a little more consistency.
|
| |
|
|
|
| |
There were some references to APT::StringView that don't make much
sense anymore.
|
| | |
|
| |
|
|
|
|
|
|
| |
Lifted from the dpkg mtree code that mjg59 submitted in
https://lists.debian.org/debian-dpkg/2018/05/msg00005.html
Which as dpkg is GPL-2.0+ also is GPL-2.0+
|
| |
|
|
|
|
|
|
| |
The anonymous std::string we were using here to create the view expires
after the construction of the view and so the gcc warning
| warning: ‘<anonymous>’ may be used uninitialized [-Wmaybe-uninitialized]
is correct in that the memory we are pointing to is potentially
overridden/reused already, if a bit roundabout in saying so.
|
| | |
|
| |
|
|
| |
This checks whether a public key algorithm is asserted.
|
| |
|
|
|
|
|
|
| |
Another instance of our parser written for sane clean input, but
nowadays used also for user-provided input which can contain very many
strange formatting and especially white spaces all over the place.
Closes: #1071219
|
| |
|
|
|
| |
GTest has a lot of broken things with signed vs unsigned,
and double integer promotions, let's silence them.
|
| |
|
|
|
|
| |
This avoids us polluting the configuration for later tests, since
the test order apparently is not deterministic. We probably should
fix some common test case thingy instead.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All other entries in a dependency line get substantial leeway about the
amount of spaces surrounding the entry itself and its individual parts,
but the very last entry was required to have a version constraint be
at least 4 chars long (excluding opening bracket and spaces following
it), so if the version is short and a single-char relation used a space
had to make up for it. This is a bit unfair in comparison to the other
entries who do not have such unreasonable demands, so we reduce our
demand to 3 chars or longer, which is satisfied by "=1)".
If it is a good idea to hate spaces that much remains unanswered by this
commit, but in practice most tools (re)writing the files we parse will
include spaces, so its only in files (or on the satisfy command line)
directly edited by users that we can encounter such a situation, which
is a relatively new development given this line came unchanged from
the introduction of this method in 1998.
LP: #2061834
|
| |
|
|
|
| |
This produces a much more appealing progress bar and it can even
show parts of the progress being done.
|
| |
|
|
|
|
| |
This was automated with sed and git-clang-format, and then I had to
fix up the top of policy.cc by hand as git-clang-format accidentally
indented it by two spaces.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We used GTEST_ROOT, which becomes an issue with 3.27 as that variable
would influence find_package behaviour by providing PREFIXES –
introduced with potentially mixed-cased name in 3.12.
CMake Warning (dev) at test/libapt/CMakeLists.txt:8 (find_package):
Policy CMP0144 is not set: find_package uses upper-case <PACKAGENAME>_ROOT
variables. Run "cmake --help-policy CMP0144" for policy details. Use the
cmake_policy command to set the policy and suppress this warning.
CMake variable GTEST_ROOT is set to:
/usr/src/googletest/googletest
For compatibility, find_package is ignoring the variable, but code in a
.cmake module might still use it.
As using this new feature isn't what we wanted at all, we just use a
different variable name to avoid the warning and potential future
problems if we would keep using this name.
|
| |
|
|
|
|
|
| |
Some of our headers use APT_COMPILING_APT trickery to avoid exposing too
broadly details we don't want external clients to know and make use of.
The flip-side is that this can lead to different compilation units
seeing different definitions if they aren't all using the same config.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
APT is not the place this information should be stored at, but it is a
good place to experiment and see what will be (not) needed in the future
for a proper implementation higher up the stack.
This is why "BarbarianArchitectures" is chosen instead of a more neutral
and/or sensible "VeryForeign" and isn't readily exported in the API to
other clients for this PoC as a to be drawn up standard will likely
require potentially incompatible changes. Having a then outdated and
slightly different implementation block a "good" name would be bad.
The functionality itself mostly exists (ignoring bugs) since the
introduction of MultiArch as we always had the risk of encountering
packages of architectures not known to dpkg (forced onto the system,
potentially before MultiArch) we had to deal with somehow and other
edge cases.
All this commit really does is allowing what could previously only be
achieved with editing sources.list and some conf options via a single
config option: -o APT::BarbarianArchitectures=foo,bar
|
| |
|
|
| |
This is the only nullable thing we have here.
|
| |
|
|
|
|
|
|
|
|
|
| |
The JSON encoder only looked at the top state, but did not
pop it, so if we nested objects, we got stuck in whatever
the last state we pushed aside was, so in our example, we
wrongly get a comma inserted _after_ key "b":
{"a":[{}],
"b":,[{}]
}
|
| |
|
|
|
|
|
|
| |
This allows us to correctly encode strings containing quotation
marks, escape characters and control characters.
The test case is a bit nasty because it embeds private-cachefile.cc
for linkage reasons.
|
| |
|
|
|
|
|
|
|
| |
MaybeAddAuth() here tells us that it refused to use the credentials
for an http source; but that caused the test suite to fail at a later
stage because we checked if there were any errors/warning. Strangely,
this is only triggered with LTO enabled.
Actually check that the warning is being set and then reject it.
|
| |
|
|
|
|
|
| |
Our configuration files are not security relevant, but having a parser
which avoids crashing on them even if they are seriously messed up is
not a bad idea anyway. It is also a good opportunity to brush up the
code a bit avoiding a few small string copies with our string_view.
|
| |
|
|
|
|
|
| |
strtoul(l) surprises us with parsing negative values which should not
exist in the places we use to parse them, so we can just downright
refuse them rather than trying to work with them by having them promoted
to huge positive values.
|
| |
|
|
|
|
| |
This has no attack surface though as the loop is to end very soon anyhow
and the method only used while reading CD-ROM mountpoints which seems
like a very unlikely attack vector…
|
| |
|
|
|
|
|
| |
For \xff and friends with the highest bit set and hence being a negative
value on signed char systems the wrong encoding is produced as we run
into undefined behaviour accessing negative array indexes.
We can avoid this problem simply by using an unsigned data type.
|
| |
|
|
|
| |
References: 2497198e9599a6a8d4d0ad08627bcfc7ea49c644
Gbp-Dch: Ignore
|
| |
|
|
|
|
|
|
|
|
| |
This allows patterns like ~nalpha~nbeta and ~nalpha!~nbeta to
work like they do in APT.
Also add a comment to remind readers that everything in START
should be in short too.
Cc: stable >= 2.0
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Our testcases had their own implementation of GetTempFile with the
feature of a temporary file with a choosen suffix. Merging this into
GetTempFile lets us drop this duplicate and hence test more our code
rather than testing our helpers for test implementation.
And then hashsums_test had another implementation… and extracttar wasn't
even trying to use a real tempfile… one GetTempFile to rule them all!
That also ensures that these tempfiles are created in a temporary
directory rather than the current directory which is a nice touch and
tries a little harder to clean up those tempfiles.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
No sensible file should include these, but even insensible files do not
gain unfair advantages with it as this parser does not deal with
security critical files before they haven't passed other checks like
signatures or hashsums.
The problem is that the parser accepts and parses empty tag names
correctly, but does not store the data parsed which will effect later
passes over the data resulting e.g. in the following tag containing
the name and value of the previous (empty) tag, its own tagname and its
own value or a crash due to an attempt to access invalid memory
depending on who passes over the data and what is done with it.
This commit fixes both, the incidient of the crash reported by
Anatoly Trosinenko who reproduced it via apt-sortpkgs:
| $ cat /tmp/Packages-null
| 0:
| PACKAGE:0
|
| :
| PACKAGE:
|
| PACKAGE::
| $ apt-sortpkgs /tmp/Packages-null
and the deeper parsing issue shown by the included testcase.
Reported-By: Anatoly Trosinenko <anatoly.trosinenko@gmail.com>
References: 8710a36a01c0cb1648926792c2ad05185535558e
|
| |
|
|
|
|
| |
Remove all code scheduled to be removed after 5.90, and fix
files to include files they previously got from hashes.h
including more headers.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
we have to stop parsing on space so that things like ~ramd64 | ~rall
work correctly.
aptitude does not stop parsing on ?, but we'll do as it gets very
confusing otherwise if you write stuff like ~ramd64?name(foo), and
it resolves to ?and(?architecture(amd64?name), (foo))...
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This changes the syntax from approximately
expr = unary
unary = '!'? primary
primary = pattern | short-pattern | word | quoted-word
pattern = '?' name [ '(' expr [',' expr]* ')' ]
short-pattern = ~ name | ~name expr
to:
primary = pattern | short-pattern
argument = word | quoted-word | expr
pattern = '?' name [ '(' argument [',' argument]* ')' ]
short-pattern = ~ name | ~name argument
|
| | |
|
| |
|
|
|
|
| |
Also make pattern detector in cacheset and private's list accept
such patterns. We probably should just try to parse and see if it
is a (start of a) pattern.
|
| | |
|
| |
|
|
|
|
| |
We missed that because the CI never ran GTests, because it did
not find the GTest library and failed silently (until the previous
commit).
|
| |
|
|
|
|
| |
Require passing -DWITH_TESTS=OFF to CMakeList to disable
unit tests, rather than ignoring them if GTest cannot be
found; which just happened on CI...
|
| |
|
|
|
|
| |
GTest 1.9 uses a variable defined in the parent directory, thus
failing to configure. Configure the project in the parent directory
instead.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce a parser for patterns that generates a parse tree. The
language understood by the parser is:
pattern = '?'TERM
| '?'TERM '(' pattern (',' pattern)* ','? ')'
| WORD
| QUOTED-WORD
TERM = [0-9a-zA-Z-]
WORD = [0-9a-ZA-Z-.*^$\[\]_\\]
QUOTED_WORD = "..." # you know what I mean
This language is context free, which is a massive simplification
from aptitude's language, where ?foo(bar) could have two different
meanings depending on whether ?foo takes an argument or not.
|
| | |
|
| | |
|
| |
|
|
|
| |
This ensures that we do not accidentally stop overriding a
method because it's signature changed in an API break.
|
| | |
|