Hi! On Thu, 2024-03-28 at 09:54:36 +0000, Grueninger, Tobias wrote: > Package: dpkg > Version: 1.20.12 > Severity: wishlist
> In our case we did install a package from a 3rd party which apparently > uses a non-conforming .deb package building tool (unknown to us) > resulting in a malformed data.tar.gz > dpkg did allow this package to be completely installed but generated a > malformed .list file. Ah, not good, indeed. > This as consequence did prevent later installation of any other package > as dpkg's .list file database was broken resulting in the following > error message > > Selecting previously unselected package <package>. > (Reading database ... > dpkg: unrecoverable fatal error, aborting: > files list file for package 'xxx-config--xxx' contains empty filename > > Analysis of the .deb package showed > > dpkg -c xxx-config-xxx.deb > 1 drwxrwxr-x root/root 0 2023-09-07 08:36 ./ > 2 drwxrwxr-x root/root 0 2023-09-07 08:36 .// > 3 drwxrwxr-x root/root 0 2023-09-07 08:36 .//ddd/ > 4 drwxrwxr-x root/root 0 2023-09-07 08:36 .//ddd/fff/ > ... > > * The offending malform is the second line containing './/' which is not > conform to standard, resulting in the following .list file > > cat -v -t -e ./lib/dpkg/info/xxx-config-xxx.list > 1 /.$ > 2 /$ > 3 /ddd$ > 4 /ddd/fff$ > ... > > * the '/$' does break the .list file parsing when later installing other > .deb packages > > Clearly the root cause is the use of 3rd party malformed .deb package > tooling nevertheless my wish to improve would be following: > > 1. As dpkg does parse all existing .list files during installation of > a .deb package and understand if one of them is malformed it shall > do this also for the newly generated .deb package .list file. > 2. If the newly generated .deb package .list file does fail the check > installation shall be aborted and rolled back. Thank you for the detailed and very helpful report! I've prepare a couple of changes to catch these conditions, will check whether there are more things that should be verified, and add some test cases for these. Will queue these file git main and probably mark them as stable candidates. Thanks, Guillem
