On 29/10/13 16:31, TheSin wrote:
> I honestly believe we need to patch tar to have a fallback when they aren't
> set. All this patching everywhere could easily be fixed if we fix tar
> instead. Sadly I'm not well enough versed in C to do so but if someone could
> that would be super.
I think I found it. At least I have now fixed versions of dpkg and tar
that no longer crash as before.
In fact, the crash of dpkg comes from a bug in dpkg that is independent
of a similar bug in tar. That is, if you only fix dpkg as described
below, it will work correctly even with the unfixed tar, but tar has its
own crash that happens when it is run with LANG unset.
The fix is a one-line patch for dpkg that can be written as a perl pie:
perl -pi.bak -e 's| (_\(\"failed)| N$1|' dpkg-deb/extract.c
or as a diff:
--- dpkg-deb/extract.c~ 2003-10-25 22:03:21.000000000 +0200
+++ dpkg-deb/extract.c 2013-10-31 18:00:47.000000000 +0100
@@ -247 +247 @@
- stream_fd_copy(ar, p1[1], memberlen, _("failed to write to pipe
in copy"));
+ stream_fd_copy(ar, p1[1], memberlen, N_("failed to write to pipe
in copy"));
(this is for Fink's dpkg-1.10.21; I don't know if the bug is still
present in the same form in new versions of dpkg).
For tar, the corresponding perl script fixes 4 lines (it is possible
that only one of them is essential)
perl -pi.bak -e 's|_\(\"tar|N$&|g' src/system.c
(Here the bug is still present in the new version 1.27).
Explanation:
The error appears when a child process (tar in the case of dpkg, gzip or
similar in the case of tar) is spawned via 'fork' and a string of the
form _("string") appears between 'fork' and 'exec' commands. This calls
gettext and hence libintl and the CoreFoundation framework. Calling
frameworks between 'fork' and 'exec' is not safe, see CAVEATS in `man
fork`. If one replaces '_("string")' by 'N_("string")', no gettext call
is involved. One could also just replace it by '"string"', which is the
same thing.
--
Martin
------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________
Fink-devel mailing list
[email protected]
List archive:
http://news.gmane.org/gmane.os.apple.fink.devel
Subscription management:
https://lists.sourceforge.net/lists/listinfo/fink-devel
