Package: release.debian.org Severity: normal Tags: stretch User: release.debian....@packages.debian.org Usertags: pu
Hi! I'd like to update dpkg in stretch. This includes several fixes for documentation, regressions, misbheavior, minor security issues, and a new arch definition so that DAK can accept packages using it. The fixes have been in sid/buster for a while now. Attached the git diff 1.18.24..next/1.18.x (excluding translation updates). Also given that unfortunately this time around there are several string changes, I might need to do a translation round before the upload, if the changes get approved. Also available as a branch at <https://git.hadrons.org/cgit/debian/dpkg/dpkg.git/log/?h=next/1.18.x>. Thanks, Guillem
diff --git a/data/cputable b/data/cputable index a2bd7d687..9f2a8e0e4 100644 --- a/data/cputable +++ b/data/cputable @@ -41,6 +41,7 @@ powerpc powerpc (powerpc|ppc) 32 big powerpcel powerpcle powerpcle 32 little ppc64 powerpc64 (powerpc|ppc)64 64 big ppc64el powerpc64le powerpc64le 64 little +riscv64 riscv64 riscv64 64 little s390 s390 s390 32 big s390x s390x s390x 64 big sh3 sh3 sh3 32 little diff --git a/debian/changelog b/debian/changelog index 26a8b14cd..64d09cb40 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,44 @@ +dpkg (1.18.25) stretch; urgency=medium + + [ Guillem Jover ] + * Parse start-stop-daemon usernames and groupnames starting with digits in + -u and -c correctly. Reported by Bodo Eggert <7egg...@online.de>. + * Always use the binary version for the .buildinfo filename in + dpkg-genbuildinfo. Reported by Raphaƫl Hertzog <hert...@debian.org>. + Closes: #869236 + * Fix integer overflow in deb(5) format version parser. + Closes: #868356 + * Fix directory traversal with dpkg-deb --raw-extract, by guaranteeing + that the DEBIAN pathname does not exist. Closes: #879982 + Reported by Jakub Wilk <jw...@jwilk.net>. + * Do not try to recompute hashes for the .dsc file when signing binary-only + builds in dpkg-buildpackage. Reported by Ximin Luo <infini...@debian.org>. + * Architecture support: + - Add support for riscv64 CPU. Closes: #822914 + Thanks to Manuel A. Fernandez Montecelo <m...@debian.org> + * Perl modules: + - Do not normalize args past a passthrough stop word in Dpkg::Getopt. + Some commands pass some arguments through to another command, and + those must not be normalized as that might break their invocation. + Reported by Helmut Grohne <hel...@subdivi.de>. + * Documentation: + - Update buildinfo information in dpkg-buildpackage man page to match + the current implementation. + - Use correct name for archname validator value in dpkg(1) man page. + Reported by Niels Thykier <ni...@thykier.net. + * Packaging: + - Add versioned Build-Depends on tar, due to the --clamp-mtime option + being used in Dpkg::Source::Archive which is used by dpkg-source, + used by the test suite. Closes: #877330 + + [ Updated programs translations ] + * German (Sven Joachim). + + [ Updated man pages translations ] + * German (Helge Kreutzmann). + + -- Guillem Jover <guil...@debian.org> Sun, 18 Feb 2018 22:15:36 +0100 + dpkg (1.18.24) unstable; urgency=medium [ Guillem Jover ] diff --git a/debian/control b/debian/control index f2cd11766..1b20f8f04 100644 --- a/debian/control +++ b/debian/control @@ -14,6 +14,8 @@ Build-Depends: dpkg-dev (>= 1.17.14), debhelper (>= 9.20141010), pkg-config, +# Needed for --clamp-mtime in dpkg-source -b. + tar (>= 1.28-1) <!nocheck>, # Needed for --add-location. gettext (>= 0.19), # Needed for --porefs. diff --git a/dpkg-deb/dpkg-deb.h b/dpkg-deb/dpkg-deb.h index bc90c271e..54a5d71fd 100644 --- a/dpkg-deb/dpkg-deb.h +++ b/dpkg-deb/dpkg-deb.h @@ -53,6 +53,8 @@ enum dpkg_tar_options { DPKG_TAR_PERMS = DPKG_BIT(2), /** Do not set tar mtime on extract. */ DPKG_TAR_NOMTIME = DPKG_BIT(3), + /** Guarantee extraction into a new directory, abort if it exists. */ + DPKG_TAR_CREATE_DIR = DPKG_BIT(4), }; void extracthalf(const char *debar, const char *dir, diff --git a/dpkg-deb/extract.c b/dpkg-deb/extract.c index b1d66ee15..f91d18ad8 100644 --- a/dpkg-deb/extract.c +++ b/dpkg-deb/extract.c @@ -336,15 +336,15 @@ extracthalf(const char *debar, const char *dir, unsetenv("TAR_OPTIONS"); if (dir) { - if (chdir(dir)) { - if (errno != ENOENT) - ohshite(_("failed to chdir to directory")); - - if (mkdir(dir, 0777)) + if (mkdir(dir, 0777) != 0) { + if (errno != EEXIST) ohshite(_("failed to create directory")); - if (chdir(dir)) - ohshite(_("failed to chdir to directory after creating it")); + + if (taroption & DPKG_TAR_CREATE_DIR) + ohshite(_("unexpected pre-existing pathname %s"), dir); } + if (chdir(dir) != 0) + ohshite(_("failed to chdir to directory")); } command_exec(&cmd); @@ -490,7 +490,7 @@ do_raw_extract(const char *const *argv) data_options |= DPKG_TAR_LIST; extracthalf(debar, dir, data_options, 0); - extracthalf(debar, control_dir, DPKG_TAR_EXTRACT, 1); + extracthalf(debar, control_dir, DPKG_TAR_EXTRACT | DPKG_TAR_CREATE_DIR, 1); free(control_dir); diff --git a/lib/dpkg/deb-version.c b/lib/dpkg/deb-version.c index ea53a592a..cee5ddd6a 100644 --- a/lib/dpkg/deb-version.c +++ b/lib/dpkg/deb-version.c @@ -21,6 +21,7 @@ #include <config.h> #include <compat.h> +#include <limits.h> #include <string.h> #include <stdlib.h> @@ -46,19 +47,33 @@ const char * deb_version_parse(struct deb_version *version, const char *str) { const char *str_minor, *end; - int major = 0; - int minor = 0; + unsigned int major = 0; + unsigned int minor = 0; + unsigned int divlimit = INT_MAX / 10; + int modlimit = INT_MAX % 10; - for (end = str; *end && c_isdigit(*end); end++) - major = major * 10 + *end - '0'; + for (end = str; *end && c_isdigit(*end); end++) { + int ord = *end - '0'; + + if (major > divlimit || (major == divlimit && ord > modlimit)) + return _("format version with too big major component"); + + major = major * 10 + ord; + } if (end == str) return _("format version with empty major component"); if (*end != '.') return _("format version has no dot"); - for (end = str_minor = end + 1; *end && c_isdigit(*end); end++) - minor = minor * 10 + *end - '0'; + for (end = str_minor = end + 1; *end && c_isdigit(*end); end++) { + int ord = *end - '0'; + + if (minor > divlimit || (minor == divlimit && ord > modlimit)) + return _("format version with too big minor component"); + + minor = minor * 10 + ord; + } if (end == str_minor) return _("format version with empty minor component"); diff --git a/lib/dpkg/t/t-deb-version.c b/lib/dpkg/t/t-deb-version.c index 2e069073c..88b94e95e 100644 --- a/lib/dpkg/t/t-deb-version.c +++ b/lib/dpkg/t/t-deb-version.c @@ -21,6 +21,9 @@ #include <config.h> #include <compat.h> +#include <limits.h> +#include <stdio.h> + #include <dpkg/test.h> #include <dpkg/deb-version.h> @@ -28,6 +31,7 @@ static void test_deb_version_parse(void) { struct deb_version v; + char *vs; /* Test valid versions. */ test_pass(deb_version_parse(&v, "0.0") == NULL); @@ -59,12 +63,28 @@ test_deb_version_parse(void) test_fail(deb_version_parse(&v, "4.4 ") == NULL); test_fail(deb_version_parse(&v, " 5.5 ") == NULL); + /* Test integer limits. */ + if (asprintf(&vs, "%d.0", INT_MAX) < 0) + test_bail("cannot allocate memory for asprintf()"); + test_pass(deb_version_parse(&v, vs) == NULL); + free(vs); + + if (asprintf(&vs, "%d.0", INT_MAX - 1) < 0) + test_bail("cannot allocate memory for asprintf()"); + test_pass(deb_version_parse(&v, vs) == NULL); + free(vs); + + if (asprintf(&vs, "%u.0", 1U + (unsigned int)INT_MAX) < 0) + test_bail("cannot allocate memory for asprintf()"); + test_fail(deb_version_parse(&v, vs) == NULL); + free(vs); + /* FIXME: Complete. */ } TEST_ENTRY(test) { - test_plan(21); + test_plan(24); test_deb_version_parse(); } diff --git a/man/deb-buildinfo.man b/man/deb-buildinfo.man index 60109baf8..82a7fc7bb 100644 --- a/man/deb-buildinfo.man +++ b/man/deb-buildinfo.man @@ -49,9 +49,9 @@ as specified in RFC4880. The name of the \fB.buildinfo\fP file will depend on the type of build and will be as specific as necessary but not more; for a build that includes \fBany\fP the name will be -\fIsource-name\fP\fB_\fP\fIsource-version\fP\fB_\fP\fIarch\fP\fB.buildinfo\fP, +\fIsource-name\fP\fB_\fP\fIbinary-version\fP\fB_\fP\fIarch\fP\fB.buildinfo\fP, or otherwise for a build that includes \fBall\fP the name will be -\fIsource-name\fP\fB_\fP\fIsource-version\fP\fB_\fP\fBall.buildinfo\fP, +\fIsource-name\fP\fB_\fP\fIbinary-version\fP\fB_\fP\fBall.buildinfo\fP, or otherwise for a build that includes \fBsource\fP the name will be \fIsource-name\fP\fB_\fP\fIsource-version\fP\fB_\fP\fBsource.buildinfo\fP. . diff --git a/man/dpkg-buildpackage.man b/man/dpkg-buildpackage.man index 79aa18f58..2b5983e56 100644 --- a/man/dpkg-buildpackage.man +++ b/man/dpkg-buildpackage.man @@ -63,7 +63,7 @@ build has been requested with \fB\-\-build\fP or equivalent options), or \fBbuild\-indep\fP and \fBbinary\-indep\fP (if an \fBall\fP and not \fBany\fP build has been requested with \fB\-\-build\fP or equivalent options). .IP \fB6.\fP 3 -Unless a source-only build has been requested, it runs the \fBbuildinfo\fP +It runs the \fBbuildinfo\fP hook and calls \fBdpkg\-genbuildinfo\fP to generate a \fB.buildinfo\fP file. Several \fBdpkg\-buildpackage\fP options are forwarded to \fBdpkg\-genbuildinfo\fP. @@ -73,9 +73,9 @@ generate a \fB.changes\fP file. The name of the \fB.changes\fP file will depend on the type of build and will be as specific as necessary but not more; for a build that includes \fBany\fP the name will be -\fIsource-name\fP\fB_\fP\fIsource-version\fP\fB_\fP\fIarch\fP\fB.changes\fP, +\fIsource-name\fP\fB_\fP\fIbinary-version\fP\fB_\fP\fIarch\fP\fB.changes\fP, or otherwise for a build that includes \fBall\fP the name will be -\fIsource-name\fP\fB_\fP\fIsource-version\fP\fB_\fP\fBall.changes\fP, +\fIsource-name\fP\fB_\fP\fIbinary-version\fP\fB_\fP\fBall.changes\fP, or otherwise for a build that includes \fBsource\fP the name will be \fIsource-name\fP\fB_\fP\fIsource-version\fP\fB_\fP\fBsource.changes\fP. Many \fBdpkg\-buildpackage\fP options are forwarded to @@ -353,7 +353,7 @@ their commands fail, so watch out for unintended consequences. The current \fIhook-name\fP supported are: -.B init preclean source build binary changes postclean check sign done +.B init preclean source build binary buildinfo changes postclean check sign done The \fIhook-command\fP supports the following substitution format string, which will get applied to it before execution: diff --git a/man/dpkg-genbuildinfo.man b/man/dpkg-genbuildinfo.man index 98f910726..aaf54a38a 100644 --- a/man/dpkg-genbuildinfo.man +++ b/man/dpkg-genbuildinfo.man @@ -92,7 +92,7 @@ for information about alternative formats. .BR \-O [\fIfilename\fP] Print the buildinfo file to standard output (or \fIfilename\fP if specified) rather than to -.IB dir / source-name _ source-version _ arch .buildinfo +.IB dir / source-name _ binary-version _ arch .buildinfo (where \fIdir\fP is \fB..\fP by default or \fIupload-files-dir\fP if \fB\-u\fP was used). .TP diff --git a/man/dpkg.man b/man/dpkg.man index de2a07188..4f6f14bb9 100644 --- a/man/dpkg.man +++ b/man/dpkg.man @@ -388,7 +388,7 @@ Validates the given package name (since dpkg 1.18.16). .B trigname Validates the given trigger name (since dpkg 1.18.16). .TP -.B pkgname +.B archname Validates the given architecture name (since dpkg 1.18.16). .TP .B version diff --git a/scripts/Dpkg/Getopt.pm b/scripts/Dpkg/Getopt.pm index 4d677f391..bebe9f8d3 100644 --- a/scripts/Dpkg/Getopt.pm +++ b/scripts/Dpkg/Getopt.pm @@ -18,7 +18,7 @@ package Dpkg::Getopt; use strict; use warnings; -our $VERSION = '0.01'; +our $VERSION = '0.02'; our @EXPORT = qw( normalize_options ); @@ -27,17 +27,20 @@ use Exporter qw(import); sub normalize_options { - my (@args) = @_; + my (%opts) = @_; + my $norm = 1; + my @args; @args = map { - if (m/^(-[A-Za-z])(.+)$/) { + if ($norm and m/^(-[A-Za-z])(.+)$/) { ($1, $2) - } elsif (m/^(--[A-Za-z-]+)=(.*)$/) { + } elsif ($norm and m/^(--[A-Za-z-]+)=(.*)$/) { ($1, $2) } else { + $norm = 0 if defined $opts{delim} and $_ eq $opts{delim}; $_; } - } @args; + } @{$opts{args}}; return @args; } diff --git a/scripts/dpkg-architecture.pl b/scripts/dpkg-architecture.pl index aa77ea4ea..c3c0c003f 100755 --- a/scripts/dpkg-architecture.pl +++ b/scripts/dpkg-architecture.pl @@ -172,7 +172,7 @@ sub action_needs($) { return (($req_vars & $bits) == $bits); } -@ARGV = normalize_options(@ARGV); +@ARGV = normalize_options(args => \@ARGV, delim => '-c'); while (@ARGV) { my $arg = shift; diff --git a/scripts/dpkg-buildpackage.pl b/scripts/dpkg-buildpackage.pl index dd17abb25..3cfe1a512 100755 --- a/scripts/dpkg-buildpackage.pl +++ b/scripts/dpkg-buildpackage.pl @@ -645,11 +645,13 @@ if ($signsource or $signbuildinfo) { # Recompute the checksums as the .dsc and/or .buildinfo have changed. my $checksums = Dpkg::Checksums->new(); $checksums->add_from_control($changes); - $checksums->add_from_file("../$pv.dsc", update => 1, key => "$pv.dsc"); + $checksums->add_from_file("../$pv.dsc", update => 1, key => "$pv.dsc") + if $signsource; $checksums->add_from_file("../$pva.buildinfo", update => 1, key => "$pva.buildinfo"); $checksums->export_to_control($changes); delete $changes->{'Checksums-Md5'}; - update_files_field($changes, $checksums, "$pv.dsc"); + update_files_field($changes, $checksums, "$pv.dsc") + if $signsource; update_files_field($changes, $checksums, "$pva.buildinfo"); $changes->save($chg); } diff --git a/scripts/dpkg-genbuildinfo.pl b/scripts/dpkg-genbuildinfo.pl index c7d6cb144..134d5c8fb 100755 --- a/scripts/dpkg-genbuildinfo.pl +++ b/scripts/dpkg-genbuildinfo.pl @@ -356,7 +356,7 @@ my $prev_changelog = changelog_parse(%options); my $sourceversion = $changelog->{'Binary-Only'} ? $prev_changelog->{'Version'} : $changelog->{'Version'}; -my $binaryversion = $changelog->{'Version'}; +my $binaryversion = Dpkg::Version->new($changelog->{'Version'}); # Include .dsc if available. my $spackage = $changelog->{'Source'}; @@ -451,7 +451,8 @@ if ($stdout) { $arch = 'source'; } - $buildinfo = "${spackage}_${sversion}_${arch}.buildinfo"; + my $bversion = $binaryversion->as_string(omit_epoch => 1); + $buildinfo = "${spackage}_${bversion}_${arch}.buildinfo"; $outputfile = "$uploadfilesdir/$buildinfo"; } diff --git a/scripts/dpkg-parsechangelog.pl b/scripts/dpkg-parsechangelog.pl index 9f826a9eb..86c30b451 100755 --- a/scripts/dpkg-parsechangelog.pl +++ b/scripts/dpkg-parsechangelog.pl @@ -70,7 +70,7 @@ sub usage { "), $Dpkg::PROGNAME; } -@ARGV = normalize_options(@ARGV); +@ARGV = normalize_options(args => \@ARGV, delim => '--'); while (@ARGV) { last unless $ARGV[0] =~ m/^-/; diff --git a/scripts/t/Dpkg_Arch.t b/scripts/t/Dpkg_Arch.t index d478b497d..8f6301cea 100644 --- a/scripts/t/Dpkg_Arch.t +++ b/scripts/t/Dpkg_Arch.t @@ -16,7 +16,7 @@ use strict; use warnings; -use Test::More tests => 16367; +use Test::More tests => 16830; use_ok('Dpkg::Arch', qw(debarch_to_debtuple debarch_to_multiarch debarch_eq debarch_is debarch_is_wildcard @@ -162,7 +162,7 @@ is(gnutriplet_to_debarch(undef), undef, 'undef gnutriplet'); is(gnutriplet_to_debarch('unknown-unknown-unknown'), undef, 'unknown gnutriplet'); is(gnutriplet_to_debarch('x86_64-linux-gnu'), 'amd64', 'known gnutriplet'); -is(scalar get_valid_arches(), 524, 'expected amount of known architectures'); +is(scalar get_valid_arches(), 539, 'expected amount of known architectures'); { local $ENV{CC} = 'false'; diff --git a/scripts/t/Dpkg_Getopt.t b/scripts/t/Dpkg_Getopt.t index 186679636..32edeec53 100644 --- a/scripts/t/Dpkg_Getopt.t +++ b/scripts/t/Dpkg_Getopt.t @@ -16,7 +16,7 @@ use strict; use warnings; -use Test::More tests => 3; +use Test::More tests => 4; BEGIN { use_ok('Dpkg::Getopt'); @@ -24,12 +24,17 @@ BEGIN { my @expect_argv; -@ARGV = normalize_options(qw(-a -bfoo -c var)); +@ARGV = normalize_options(args => [ qw(-a -bfoo -c var) ]); @expect_argv = qw(-a -b foo -c var); is_deeply(\@ARGV, \@expect_argv, 'unbundle short options'); -@ARGV = normalize_options(qw(--option-a --option-b value --option-c=value)); +@ARGV = normalize_options(args => [ qw(--option-a --option-b value --option-c=value) ]); @expect_argv = qw(--option-a --option-b value --option-c value); is_deeply(\@ARGV, \@expect_argv, 'unbundle long options'); +@ARGV = normalize_options(args => [ qw(-aaa -bbb --option-a=oa -- --opt=arg -dval) ], + delim => '--'); +@expect_argv = qw(-a aa -b bb --option-a oa -- --opt=arg -dval); +is_deeply(\@ARGV, \@expect_argv, 'unbundle options with delimiter'); + 1; diff --git a/utils/start-stop-daemon.c b/utils/start-stop-daemon.c index 3931f5c79..813575044 100644 --- a/utils/start-stop-daemon.c +++ b/utils/start-stop-daemon.c @@ -1205,7 +1205,7 @@ setup_options(void) free(fullexecname); } - if (userspec && sscanf(userspec, "%d", &user_id) != 1) { + if (userspec && parse_unsigned(userspec, 10, &user_id) < 0) { struct passwd *pw; pw = getpwnam(userspec); @@ -1215,7 +1215,7 @@ setup_options(void) user_id = pw->pw_uid; } - if (changegroup && sscanf(changegroup, "%d", &runas_gid) != 1) { + if (changegroup && parse_unsigned(changegroup, 10, &runas_gid) < 0) { struct group *gr; gr = getgrnam(changegroup); @@ -1228,7 +1228,7 @@ setup_options(void) struct passwd *pw; struct stat st; - if (sscanf(changeuser, "%d", &runas_uid) == 1) + if (parse_unsigned(changeuser, 10, &runas_uid) == 0) pw = getpwuid(runas_uid); else pw = getpwnam(changeuser);