subject:"Re\: \[Fink\-devel\] dpkg on 10.9"

Re: [Fink-devel] dpkg on 10.9

2013-11-04 Thread Alexander Hansen

On 11/4/13 7:28 AM, Daniel Macks wrote:
> On Mon, 04 Nov 2013 06:53:55 -0800, Alexander Hansen
>  wrote:
> On 11/4/13 6:29 AM, TheSin wrote:
>>> great thanks for testing I'll be sure to add this patch to my
>> dpkg/tar maybe someone could get the current versions?
>>> ---
>>> TS
>>> http://www.southofheaven.org/
>>> Life begins and ends with chaos, live between the chaos!
>>>
>>> On 2013-11-04, at 2:59 AM, Martin Costabel  wrote:
>>>
>>
>> Sounds good.  I was holding off to make sure we had a solution that
>> folks were happy with. :-)
>>
>> It's probably worth freshening tar to the latest upstream while we're at it.
>
> I'm seeing some serious-sounding bug on bug-tar in tar-1.27. Might want
> to let that version shake out a bit unless there's something critical
> in it we need "now".
>
> dan
>
>--
> Daniel Macks
> dma...@netspace.org
>
>
>
>

I was just assuming that newer was better, without checking ChangeLogs. 
:-)

-- 
Alexander Hansen, Ph.D.
Fink User Liaison
My package updates: http://finkakh.wordpress.com/

--
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
___
Fink-devel mailing list
Fink-devel@lists.sourceforge.net
List archive:
http://news.gmane.org/gmane.os.apple.fink.devel
Subscription management:
https://lists.sourceforge.net/lists/listinfo/fink-devel

Re: [Fink-devel] dpkg on 10.9

2013-11-04 Thread Daniel Macks

On Mon, 04 Nov 2013 06:53:55 -0800, Alexander Hansen 
 wrote:
On 11/4/13 6:29 AM, TheSin wrote:
> > great thanks for testing I'll be sure to add this patch to my 
> dpkg/tar maybe someone could get the current versions?
> > ---
> > TS
> > http://www.southofheaven.org/
> > Life begins and ends with chaos, live between the chaos!
> >
> > On 2013-11-04, at 2:59 AM, Martin Costabel  wrote:
> >
>
> Sounds good.  I was holding off to make sure we had a solution that 
> folks were happy with. :-)
>
> It's probably worth freshening tar to the latest upstream while we're at it. 

I'm seeing some serious-sounding bug on bug-tar in tar-1.27. Might want 
to let that version shake out a bit unless there's something critical 
in it we need "now". 

dan

  --
Daniel Macks
dma...@netspace.org



--
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
___
Fink-devel mailing list
Fink-devel@lists.sourceforge.net
List archive:
http://news.gmane.org/gmane.os.apple.fink.devel
Subscription management:
https://lists.sourceforge.net/lists/listinfo/fink-devel

Re: [Fink-devel] dpkg on 10.9

2013-11-04 Thread TheSin

I completely agree with tar maybe I'll give it a shot today, just got to work 
so I'll see how busy things are.
---
TS
http://www.southofheaven.org/
Life begins and ends with chaos, live between the chaos!

On 2013-11-04, at 7:53 AM, Alexander Hansen  wrote:

> On 11/4/13 6:29 AM, TheSin wrote:
>> great thanks for testing I'll be sure to add this patch to my dpkg/tar maybe 
>> someone could get the current versions?
>> ---
>> TS
>> http://www.southofheaven.org/
>> Life begins and ends with chaos, live between the chaos!
>> 
>> On 2013-11-04, at 2:59 AM, Martin Costabel  wrote:
>> 
> 
> Sounds good.  I was holding off to make sure we had a solution that folks 
> were happy with. :-)
> 
> It's probably worth freshening tar to the latest upstream while we're at it.
> -- 
> Alexander Hansen, Ph.D.
> Fink User Liaison
> My package updates: http://finkakh.wordpress.com/


--
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
___
Fink-devel mailing list
Fink-devel@lists.sourceforge.net
List archive:
http://news.gmane.org/gmane.os.apple.fink.devel
Subscription management:
https://lists.sourceforge.net/lists/listinfo/fink-devel

Re: [Fink-devel] dpkg on 10.9

2013-11-04 Thread Alexander Hansen

On 11/4/13 6:29 AM, TheSin wrote:
> great thanks for testing I'll be sure to add this patch to my dpkg/tar maybe 
> someone could get the current versions?
> ---
> TS
> http://www.southofheaven.org/
> Life begins and ends with chaos, live between the chaos!
>
> On 2013-11-04, at 2:59 AM, Martin Costabel  wrote:
>

Sounds good.  I was holding off to make sure we had a solution that 
folks were happy with. :-)

It's probably worth freshening tar to the latest upstream while we're at it.
-- 
Alexander Hansen, Ph.D.
Fink User Liaison
My package updates: http://finkakh.wordpress.com/

--
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
___
Fink-devel mailing list
Fink-devel@lists.sourceforge.net
List archive:
http://news.gmane.org/gmane.os.apple.fink.devel
Subscription management:
https://lists.sourceforge.net/lists/listinfo/fink-devel

Re: [Fink-devel] dpkg on 10.9

2013-11-04 Thread TheSin

great thanks for testing I'll be sure to add this patch to my dpkg/tar maybe 
someone could get the current versions?
---
TS
http://www.southofheaven.org/
Life begins and ends with chaos, live between the chaos!

On 2013-11-04, at 2:59 AM, Martin Costabel  wrote:

> On 4/11/13 05:03, TheSin wrote:
>> Thought I'd post this here, this is the reply from the dpkg author that I 
>> have been trying to fix the u-a tests with.  I haven't had a chance to apply 
>> and test the patch or even look at it, but I hope to do so this week.
> 
>> diff --git a/dpkg-deb/main.c b/dpkg-deb/main.c
>> index 28bcd7b..abfe336 100644
>> --- a/dpkg-deb/main.c
>> +++ b/dpkg-deb/main.c
>> @@ -216,6 +216,8 @@ int main(int argc, const char *const *argv) {
>>bindtextdomain(PACKAGE, LOCALEDIR);
>>textdomain(PACKAGE);
>> 
>> +  gettext("");
>> +
>>dpkg_set_progname(BACKEND);
>>standard_startup();
>>myopt(&argv, cmdinfos, printforhelp);
> 
> This does indeed work (I guess that is what I meant when I wrote 
> "understanding what the precise mechanism of the crash is would
> require a deep understanding of CoreFoundation's innards" :-) ). I tested it 
> in dpkg and in tar (remember that these are two independent bugs, both need 
> fixing).
> 
> For the current dpkg-1.10.21 in Fink, the insertion of gettext("") can be 
> done as is in include/dpkg.h ( that's where textdomain(PACKAGE) appears), or 
> in dpkg-deb.main.c after the line
> 
>  standard_startup(&ejbuf, argc, &argv, NULL, 0, cmdinfos);
> 
> The patch works also for tar, when it is applied in /src/tar.c.
> 
> -- 
> Martin
> 
> 
> 
> 
> 


--
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
___
Fink-devel mailing list
Fink-devel@lists.sourceforge.net
List archive:
http://news.gmane.org/gmane.os.apple.fink.devel
Subscription management:
https://lists.sourceforge.net/lists/listinfo/fink-devel

Re: [Fink-devel] dpkg on 10.9

2013-11-04 Thread Martin Costabel

On 4/11/13 05:03, TheSin wrote:
> Thought I'd post this here, this is the reply from the dpkg author that I 
> have been trying to fix the u-a tests with.  I haven't had a chance to apply 
> and test the patch or even look at it, but I hope to do so this week.

> diff --git a/dpkg-deb/main.c b/dpkg-deb/main.c
> index 28bcd7b..abfe336 100644
> --- a/dpkg-deb/main.c
> +++ b/dpkg-deb/main.c
> @@ -216,6 +216,8 @@ int main(int argc, const char *const *argv) {
> bindtextdomain(PACKAGE, LOCALEDIR);
> textdomain(PACKAGE);
>
> +  gettext("");
> +
> dpkg_set_progname(BACKEND);
> standard_startup();
> myopt(&argv, cmdinfos, printforhelp);

This does indeed work (I guess that is what I meant when I wrote 
"understanding what the precise mechanism of the crash is would
require a deep understanding of CoreFoundation's innards" :-) ). I 
tested it in dpkg and in tar (remember that these are two independent 
bugs, both need fixing).

For the current dpkg-1.10.21 in Fink, the insertion of gettext("") can 
be done as is in include/dpkg.h ( that's where textdomain(PACKAGE) 
appears), or in dpkg-deb.main.c after the line

   standard_startup(&ejbuf, argc, &argv, NULL, 0, cmdinfos);

The patch works also for tar, when it is applied in /src/tar.c.

-- 
Martin






--
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
___
Fink-devel mailing list
Fink-devel@lists.sourceforge.net
List archive:
http://news.gmane.org/gmane.os.apple.fink.devel
Subscription management:
https://lists.sourceforge.net/lists/listinfo/fink-devel

Re: [Fink-devel] dpkg on 10.9

2013-11-03 Thread TheSin

Thought I'd post this here, this is the reply from the dpkg author that I have 
been trying to fix the u-a tests with.  I haven't had a chance to apply and 
test the patch or even look at it, but I hope to do so this week.

Martin and thoughts or insights on this?
---
TS
http://www.southofheaven.org/
Life begins and ends with chaos, live between the chaos!

On 2013-11-03, at 8:10 PM, Guillem Jover  wrote:

> Hi!
> 
> On Fri, 2013-11-01 at 07:32:55 -0600, TheSin wrote:
>> Hey Guillem, I doubt this has anything to do with our failing tests,
>> but this is a bug i have been trying very HARD to track down that
>> just showed up on 10.9.
> 
>> I have a small fix for it where I can all dpkg-dev commands with
>> LANG=C LC_ALL=C dpkg-deb
>> 
>> But now that we know the real cause of these issues maybe I could
>> help go over to the code base and find all the instances of forks
>> that use gettext inline and convert them like bellow?
> 
> Unfortunately there's parts of the code base that would be very
> cumbersome and unwieldy to fix, for something I consider an issue
> between gettext and CoreFoundation. And performing the proposed
> changes would result in pretty annoying code. I'll report this to
> gettext upstream.
> 
>> Would you like an official bug report on this?
> 
> Filing these on the Debian BTS is a sure way to guarantee they won't
> get missed or forgotten.
> 
>> On 2013-11-01, at 5:15 AM, Martin Costabel  wrote:
>>> I don't think we can do much about the behavior of gettext. As long
>>> as it uses the CoreFoundation framework, it will not be "async-signal
>>> safe", so it must not be used in the child process after a 'fork' and
>>> before 'exec'. This is documented in many places.
> 
> Actually given how gettext uses the CoreFoundation framework (which I
> guess is starting other threads behind the program's back :), it seems
> to me it should be pretty safe, as long as a gettext function is
> called on the main thread.
> 
> The only two places inside gettext where it calls CoreFoundation
> functions, cache their results, so if we call gettext once before the
> fork() that looks to me it should pre-initialize the cache and avoid
> the subsequent crash?
> 
>>> After reading some of the docs, I find it rather astonishing that
>>> dpkg did not crash before. That it crashes when LANG is unset is
>>> less surprising than that it does not crash when LANG is set and
>>> that it waited until OSX 10.8 or 10.9 to show the crash, but
>>> understanding what the precise mechanism of the crash is would
>>> require a deep understanding of CoreFoundation's innards.
>>> 
>>> I think that these are real programming errors in dpkg and tar. They
>>> should not use any '_("")' type strings in the child process after
>>> 'fork'. If they really want to transmit localized messages as
>>> parameters to some function in the child process, they should
>>> evaluate the string *before* the 'fork' and transmit a variable
>>> to the function, like so:
> 
> The way I see the issue here, is that yes calling async-signal-unsafe
> functions after a fork is a problem, but not one created by dpkg,
> because that's only an issue if the program is multi-threaded, and if
> in this case the CoreFoundation framework is creating threads behind
> dpkg's back, the dpkg expectations don't hold true.
> 
> In any case, could you try the attached patch, if that workarounds the
> issue for now, I'll apply something like this until a possibly fixed
> gettext is released.
> 
> Thanks,
> Guillem
diff --git a/dpkg-deb/main.c b/dpkg-deb/main.c
index 28bcd7b..abfe336 100644
--- a/dpkg-deb/main.c
+++ b/dpkg-deb/main.c
@@ -216,6 +216,8 @@ int main(int argc, const char *const *argv) {
   bindtextdomain(PACKAGE, LOCALEDIR);
   textdomain(PACKAGE);
 
+  gettext("");
+
   dpkg_set_progname(BACKEND);
   standard_startup();
   myopt(&argv, cmdinfos, printforhelp);
--
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk___
Fink-devel mailing list
Fink-devel@lists.sourceforge.net
List archive:
http://news.gmane.org/gmane.os.apple.fink.devel
Subscription management:
https://lists.sourceforge.net/lists/listinfo/fink-devel

Re: [Fink-devel] dpkg on 10.9

2013-11-01 Thread TheSin

thanks for the really good explanation of this Martin I'm going to open a 
report with debian and talk to the author about this.
---
TS
http://www.southofheaven.org/
Life begins and ends with chaos, live between the chaos!

On 2013-11-01, at 5:15 AM, Martin Costabel  wrote:

> On 1/11/13 02:10, TheSin wrote:
>> shouldn't get text have a fallback or maybe we should create one, this type 
>> of thing is going to cause issue all over, and setting it to N or not 
>> translate isn't really a good solution.  Maybe get text needs to have a 
>> fallback added to it instead?
> 
> I don't think we can do much about the behavior of gettext. As long as it 
> uses the CoreFoundation framework, it will not be "async-signal safe", so it 
> must not be used in the child process after a 'fork' and before 'exec'. This 
> is documented in many places.
> 
> After reading some of the docs, I find it rather astonishing that dpkg did 
> not crash before. That it crashes when LANG is unset is less surprising than 
> that it does not crash when LANG is set and that it waited until OSX 10.8 or 
> 10.9 to show the crash, but understanding what the precise mechanism of the 
> crash is would require a deep understanding of CoreFoundation's innards.
> 
> I think that these are real programming errors in dpkg and tar. They should 
> not use any '_("")' type strings in the child process after 'fork'. If they 
> really want to transmit localized messages as parameters to some function in 
> the child process, they should evaluate the string *before* the 'fork' and 
> transmit a variable to the function, like so:
> 
> --- dpkg-deb/extract.c~   2013-11-01 11:28:21.0 +0100
> +++ dpkg-deb/extract.c2013-11-01 11:30:51.0 +0100
> @@ -244,5 +244,7 @@
> m_pipe(p1);
> +char* failedtowrite = _("failed to write to pipe in copy");
> if (!(c1= m_fork())) {
>   close(p1[0]);
> -  stream_fd_copy(ar, p1[1], memberlen, _("failed to write to pipe in 
> copy"));
> +  stream_fd_copy(ar, p1[1], memberlen, failedtowrite);
>   if (close(p1[1]) == EOF) ohshite(_("failed to close pipe in copy"));
> 
> -- 
> Martin
> 
> 
> 
> 
> 


--
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
___
Fink-devel mailing list
Fink-devel@lists.sourceforge.net
List archive:
http://news.gmane.org/gmane.os.apple.fink.devel
Subscription management:
https://lists.sourceforge.net/lists/listinfo/fink-devel

Re: [Fink-devel] dpkg on 10.9

2013-11-01 Thread Martin Costabel

On 1/11/13 02:10, TheSin wrote:
> shouldn't get text have a fallback or maybe we should create one, this type 
> of thing is going to cause issue all over, and setting it to N or not 
> translate isn't really a good solution.  Maybe get text needs to have a 
> fallback added to it instead?

I don't think we can do much about the behavior of gettext. As long as 
it uses the CoreFoundation framework, it will not be "async-signal 
safe", so it must not be used in the child process after a 'fork' and 
before 'exec'. This is documented in many places.

After reading some of the docs, I find it rather astonishing that dpkg 
did not crash before. That it crashes when LANG is unset is less 
surprising than that it does not crash when LANG is set and that it 
waited until OSX 10.8 or 10.9 to show the crash, but understanding what 
the precise mechanism of the crash is would require a deep understanding 
of CoreFoundation's innards.

I think that these are real programming errors in dpkg and tar. They 
should not use any '_("")' type strings in the child process after 
'fork'. If they really want to transmit localized messages as parameters 
to some function in the child process, they should evaluate the string 
*before* the 'fork' and transmit a variable to the function, like so:

--- dpkg-deb/extract.c~ 2013-11-01 11:28:21.0 +0100
+++ dpkg-deb/extract.c  2013-11-01 11:30:51.0 +0100
@@ -244,5 +244,7 @@
  m_pipe(p1);
+char* failedtowrite = _("failed to write to pipe in copy");
  if (!(c1= m_fork())) {
close(p1[0]);
-  stream_fd_copy(ar, p1[1], memberlen, _("failed to write to pipe 
in copy"));
+  stream_fd_copy(ar, p1[1], memberlen, failedtowrite);
if (close(p1[1]) == EOF) ohshite(_("failed to close pipe in copy"));

-- 
Martin

--
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
___
Fink-devel mailing list
Fink-devel@lists.sourceforge.net
List archive:
http://news.gmane.org/gmane.os.apple.fink.devel
Subscription management:
https://lists.sourceforge.net/lists/listinfo/fink-devel

Re: [Fink-devel] dpkg on 10.9

2013-10-31 Thread TheSin

shouldn't get text have a fallback or maybe we should create one, this type of 
thing is going to cause issue all over, and setting it to N or not translate 
isn't really a good solution.  Maybe get text needs to have a fallback added to 
it instead?
---
TS
http://www.southofheaven.org/
Life begins and ends with chaos, live between the chaos!

On 2013-10-31, at 6:43 PM, Martin Costabel  wrote:

> On 31/10/13 20:25, TheSin wrote:
>> ChangeLog:dpkg-deb: Use fd_fd_copy instead of stream_fd_copy
>> 
>> dpkg-deb/extract.c:if (fd_fd_copy(arfd, p1[1], memberlen, &err) < 0)
>> 
>> need to check &err I think.
> 
> Yes, I see now that this line has been fixed in new dpkg
>  
> but purely by accident, for a different reason 
> .
> 
> However, since they are not aware of our problem on MacOSX, it is possible 
> that they introduced the same kind of bug elsewhere. I see, for example, in 
> dpkg-1.16.12/dpkg-deb/extract.c:61
> 
>  pid = subproc_fork();
>  if (pid == 0) {
>command_shell(buf, _("shell command to move files"));
>  }
>  subproc_wait_check(pid, _("shell command to move files"), 0);
> 
> and similar things at two other places. This looks like it might break on OSX 
> 10.9.
> 
> -- 
> Martin
> 
> 


--
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
___
Fink-devel mailing list
Fink-devel@lists.sourceforge.net
List archive:
http://news.gmane.org/gmane.os.apple.fink.devel
Subscription management:
https://lists.sourceforge.net/lists/listinfo/fink-devel

Re: [Fink-devel] dpkg on 10.9

2013-10-31 Thread Martin Costabel

On 31/10/13 20:25, TheSin wrote:
> ChangeLog:dpkg-deb: Use fd_fd_copy instead of stream_fd_copy
>
> dpkg-deb/extract.c:if (fd_fd_copy(arfd, p1[1], memberlen, &err) < 0)
>
> need to check &err I think.

Yes, I see now that this line has been fixed in new dpkg
 
but purely by accident, for a different reason 
.

However, since they are not aware of our problem on MacOSX, it is 
possible that they introduced the same kind of bug elsewhere. I see, for 
example, in dpkg-1.16.12/dpkg-deb/extract.c:61

   pid = subproc_fork();
   if (pid == 0) {
 command_shell(buf, _("shell command to move files"));
   }
   subproc_wait_check(pid, _("shell command to move files"), 0);

and similar things at two other places. This looks like it might break 
on OSX 10.9.

-- 
Martin



--
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
___
Fink-devel mailing list
Fink-devel@lists.sourceforge.net
List archive:
http://news.gmane.org/gmane.os.apple.fink.devel
Subscription management:
https://lists.sourceforge.net/lists/listinfo/fink-devel

Re: [Fink-devel] dpkg on 10.9

2013-10-31 Thread TheSin

ChangeLog:dpkg-deb: Use fd_fd_copy instead of stream_fd_copy

dpkg-deb/extract.c:if (fd_fd_copy(arfd, p1[1], memberlen, &err) < 0)

need to check &err I think.
---
TS
http://www.southofheaven.org/
Life begins and ends with chaos, live between the chaos!

On 2013-10-31, at 12:03 PM, Martin Costabel  wrote:

> On 29/10/13 16:31, TheSin wrote:
>> I honestly believe we need to patch tar to have a fallback when they aren't 
>> set.  All this patching everywhere could easily be fixed if we fix tar 
>> instead.  Sadly I'm not well enough versed in C to do so but if someone 
>> could that would be super.
> 
> I think I found it. At least I have now fixed versions of dpkg and tar that 
> no longer crash as before.
> 
> In fact, the crash of dpkg comes from a bug in dpkg that is independent of a 
> similar bug in tar. That is, if you only fix dpkg as described below, it will 
> work correctly even with the unfixed tar, but tar has its own crash that 
> happens when it is run with LANG unset.
> 
> The fix is a one-line patch for dpkg that can be written as a perl pie:
> 
>  perl -pi.bak -e 's| (_\(\"failed)| N$1|' dpkg-deb/extract.c
> 
> or as a diff:
> 
> --- dpkg-deb/extract.c~   2003-10-25 22:03:21.0 +0200
> +++ dpkg-deb/extract.c2013-10-31 18:00:47.0 +0100
> @@ -247 +247 @@
> -  stream_fd_copy(ar, p1[1], memberlen, _("failed to write to pipe in 
> copy"));
> +  stream_fd_copy(ar, p1[1], memberlen, N_("failed to write to pipe in 
> copy"));
> 
> (this is for Fink's dpkg-1.10.21; I don't know if the bug is still present in 
> the same form in new versions of dpkg).
> 
> For tar, the corresponding perl script fixes 4 lines (it is possible that 
> only one of them is essential)
> 
>  perl -pi.bak -e 's|_\(\"tar|N$&|g' src/system.c
> 
> (Here the bug is still present in the new version 1.27).
> 
> Explanation:
> The error appears when a child process (tar in the case of dpkg, gzip or 
> similar in the case of tar) is spawned via 'fork' and a string of the form 
> _("string") appears between 'fork' and 'exec' commands. This calls gettext 
> and hence libintl and the CoreFoundation framework. Calling frameworks 
> between 'fork' and 'exec' is not safe, see CAVEATS in `man fork`. If one 
> replaces '_("string")' by 'N_("string")', no gettext call is involved. One 
> could also just replace it by '"string"', which is the same thing.
> 
> -- 
> Martin
> 
> 
> 


--
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
___
Fink-devel mailing list
Fink-devel@lists.sourceforge.net
List archive:
http://news.gmane.org/gmane.os.apple.fink.devel
Subscription management:
https://lists.sourceforge.net/lists/listinfo/fink-devel

Re: [Fink-devel] dpkg on 10.9

2013-10-31 Thread Alexander Hansen

On 10/31/13 11:03 AM, Martin Costabel wrote:
> On 29/10/13 16:31, TheSin wrote:
>> I honestly believe we need to patch tar to have a fallback when they
>> aren't set.  All this patching everywhere could easily be fixed if we
>> fix tar instead.  Sadly I'm not well enough versed in C to do so but
>> if someone could that would be super.
>
> I think I found it. At least I have now fixed versions of dpkg and tar
> that no longer crash as before.
>
> In fact, the crash of dpkg comes from a bug in dpkg that is independent
> of a similar bug in tar. That is, if you only fix dpkg as described
> below, it will work correctly even with the unfixed tar, but tar has its
> own crash that happens when it is run with LANG unset.
>
> The fix is a one-line patch for dpkg that can be written as a perl pie:
>
>perl -pi.bak -e 's| (_\(\"failed)| N$1|' dpkg-deb/extract.c
>
> or as a diff:
>
> --- dpkg-deb/extract.c~2003-10-25 22:03:21.0 +0200
> +++ dpkg-deb/extract.c2013-10-31 18:00:47.0 +0100
> @@ -247 +247 @@
> -  stream_fd_copy(ar, p1[1], memberlen, _("failed to write to pipe
> in copy"));
> +  stream_fd_copy(ar, p1[1], memberlen, N_("failed to write to pipe
> in copy"));
>
> (this is for Fink's dpkg-1.10.21; I don't know if the bug is still
> present in the same form in new versions of dpkg).
>
> For tar, the corresponding perl script fixes 4 lines (it is possible
> that only one of them is essential)
>
>perl -pi.bak -e 's|_\(\"tar|N$&|g' src/system.c
>
> (Here the bug is still present in the new version 1.27).
>
> Explanation:
> The error appears when a child process (tar in the case of dpkg, gzip or
> similar in the case of tar) is spawned via 'fork' and a string of the
> form _("string") appears between 'fork' and 'exec' commands. This calls
> gettext and hence libintl and the CoreFoundation framework. Calling
> frameworks between 'fork' and 'exec' is not safe, see CAVEATS in `man
> fork`. If one replaces '_("string")' by 'N_("string")', no gettext call
> is involved. One could also just replace it by '"string"', which is the
> same thing.
>

Thanks!

We can put these fixes out independently of the various wrappers that 
fink uses.  It'd be nice to take those out, too, but we'd have to be 
sure to avoid packaging deadlocks.
-- 
Alexander Hansen, Ph.D.
Fink User Liaison
My package updates: http://finkakh.wordpress.com/

--
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
___
Fink-devel mailing list
Fink-devel@lists.sourceforge.net
List archive:
http://news.gmane.org/gmane.os.apple.fink.devel
Subscription management:
https://lists.sourceforge.net/lists/listinfo/fink-devel

Re: [Fink-devel] dpkg on 10.9

2013-10-31 Thread Martin Costabel

On 29/10/13 16:31, TheSin wrote:
> I honestly believe we need to patch tar to have a fallback when they aren't 
> set.  All this patching everywhere could easily be fixed if we fix tar 
> instead.  Sadly I'm not well enough versed in C to do so but if someone could 
> that would be super.

I think I found it. At least I have now fixed versions of dpkg and tar 
that no longer crash as before.

In fact, the crash of dpkg comes from a bug in dpkg that is independent 
of a similar bug in tar. That is, if you only fix dpkg as described 
below, it will work correctly even with the unfixed tar, but tar has its 
own crash that happens when it is run with LANG unset.

The fix is a one-line patch for dpkg that can be written as a perl pie:

   perl -pi.bak -e 's| (_\(\"failed)| N$1|' dpkg-deb/extract.c

or as a diff:

--- dpkg-deb/extract.c~ 2003-10-25 22:03:21.0 +0200
+++ dpkg-deb/extract.c  2013-10-31 18:00:47.0 +0100
@@ -247 +247 @@
-  stream_fd_copy(ar, p1[1], memberlen, _("failed to write to pipe 
in copy"));
+  stream_fd_copy(ar, p1[1], memberlen, N_("failed to write to pipe 
in copy"));

(this is for Fink's dpkg-1.10.21; I don't know if the bug is still 
present in the same form in new versions of dpkg).

For tar, the corresponding perl script fixes 4 lines (it is possible 
that only one of them is essential)

   perl -pi.bak -e 's|_\(\"tar|N$&|g' src/system.c

(Here the bug is still present in the new version 1.27).

Explanation:
The error appears when a child process (tar in the case of dpkg, gzip or 
similar in the case of tar) is spawned via 'fork' and a string of the 
form _("string") appears between 'fork' and 'exec' commands. This calls 
gettext and hence libintl and the CoreFoundation framework. Calling 
frameworks between 'fork' and 'exec' is not safe, see CAVEATS in `man 
fork`. If one replaces '_("string")' by 'N_("string")', no gettext call 
is involved. One could also just replace it by '"string"', which is the 
same thing.

-- 
Martin

--
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
___
Fink-devel mailing list
Fink-devel@lists.sourceforge.net
List archive:
http://news.gmane.org/gmane.os.apple.fink.devel
Subscription management:
https://lists.sourceforge.net/lists/listinfo/fink-devel

Re: [Fink-devel] dpkg on 10.9

2013-10-29 Thread TheSin

I honestly believe we need to patch tar to have a fallback when they aren't 
set.  All this patching everywhere could easily be fixed if we fix tar instead. 
 Sadly I'm not well enough versed in C to do so but if someone could that would 
be super.
---
TS
http://www.southofheaven.org/
Life begins and ends with chaos, live between the chaos!

On 2013-10-29, at 9:05 AM, Martin Costabel  wrote:

> On 28/10/13 23:17, Alexander Hansen wrote:
>> On 10/28/13 2:58 PM, Martin Costabel wrote:
>>> I remember a discussion 2 months ago about dpkg producing en error
>>> 
>>> tar: This does not look like a tar archive
>>> tar: Exiting with failure status due to previous errors
>>> /sw/bin/dpkg-deb: subprocess tar returned error exit status 2
> []
>> There's something weird going on with dpkg/tar/gettext.
>> 
>> As an interim workaround, fink's calls to dpkg are wrapped setting
>> environment variables LANG="C" and LC_ALL="C".
> 
> Indeed, 'env LANG=C dpkg' works correctly and does not produce the 
> errors, same as 'env LANG=en dpkg' or even 'env LANG=zh_HK.Big5HKSCS 
> dpkg'. I have to add that in my environment, LANG and LC_ALL are not set:
> 
> costabel% locale
> LANG=
> LC_COLLATE="C"
> LC_CTYPE="C"
> LC_MESSAGES="C"
> LC_MONETARY="C"
> LC_NUMERIC="C"
> LC_TIME="C"
> LC_ALL=
> 
> The problem is in Fink's tar which does not work with compressed 
> archives if LANG is not set. I have not yet understood where exactly 
> hides the bug.
> 
> -- 
> Martin
> 
> 
> 
> --
> Android is increasing in popularity, but the open development platform that
> developers love is also attractive to malware creators. Download this white
> paper to learn more about secure code signing practices that can help keep
> Android apps secure.
> http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
> ___
> Fink-devel mailing list
> Fink-devel@lists.sourceforge.net
> List archive:
> http://news.gmane.org/gmane.os.apple.fink.devel
> Subscription management:
> https://lists.sourceforge.net/lists/listinfo/fink-devel


--
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
___
Fink-devel mailing list
Fink-devel@lists.sourceforge.net
List archive:
http://news.gmane.org/gmane.os.apple.fink.devel
Subscription management:
https://lists.sourceforge.net/lists/listinfo/fink-devel

Re: [Fink-devel] dpkg on 10.9

2013-10-29 Thread Martin Costabel

On 28/10/13 23:17, Alexander Hansen wrote:
> On 10/28/13 2:58 PM, Martin Costabel wrote:
>> I remember a discussion 2 months ago about dpkg producing en error
>>
>> tar: This does not look like a tar archive
>> tar: Exiting with failure status due to previous errors
>> /sw/bin/dpkg-deb: subprocess tar returned error exit status 2
[]
> There's something weird going on with dpkg/tar/gettext.
>
> As an interim workaround, fink's calls to dpkg are wrapped setting
> environment variables LANG="C" and LC_ALL="C".

Indeed, 'env LANG=C dpkg' works correctly and does not produce the 
errors, same as 'env LANG=en dpkg' or even 'env LANG=zh_HK.Big5HKSCS 
dpkg'. I have to add that in my environment, LANG and LC_ALL are not set:

costabel% locale
LANG=
LC_COLLATE="C"
LC_CTYPE="C"
LC_MESSAGES="C"
LC_MONETARY="C"
LC_NUMERIC="C"
LC_TIME="C"
LC_ALL=

The problem is in Fink's tar which does not work with compressed 
archives if LANG is not set. I have not yet understood where exactly 
hides the bug.

-- 
Martin



--
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
___
Fink-devel mailing list
Fink-devel@lists.sourceforge.net
List archive:
http://news.gmane.org/gmane.os.apple.fink.devel
Subscription management:
https://lists.sourceforge.net/lists/listinfo/fink-devel

Re: [Fink-devel] dpkg on 10.9

2013-10-28 Thread Alexander Hansen

On 10/28/13 2:58 PM, Martin Costabel wrote:
> I remember a discussion 2 months ago about dpkg producing en error
>
> tar: This does not look like a tar archive
> tar: Exiting with failure status due to previous errors
> /sw/bin/dpkg-deb: subprocess tar returned error exit status 2
>
> I thought this was fixed, but I am seeing it now, with dpkg-
> 1.10.21-1238 on 10.9. What is weird is that fink's use of dpkg does
> actually work, namely 'dpkg-lockwait -i' does not give the error.
>
> Otherwise, I get the error with 'dpkg -c', 'dpkg -x', 'dpkg -i'. For
> example:
>
> costabel% sudo dpkg -i
> /sw/fink/debs/fink_0.35.99.git-20131025.0654_darwin-x86_64.deb
> tar: This does not look like a tar archive
> tar: Exiting with failure status due to previous errors
> /sw/bin/dpkg-deb: subprocess tar returned error exit status 2
> /sw/bin/dpkg: error processing
> /sw/fink/debs/fink_0.35.99.git-20131025.0654_darwin-x86_64.deb (--install):
>subprocess /sw/bin/dpkg-deb --control returned error exit status 2
> Errors were encountered while processing:
>/sw/fink/debs/fink_0.35.99.git-20131025.0654_darwin-x86_64.deb
>
> But:
>
> costabel% sudo dpkg-lockwait -i
> /sw/fink/debs/fink_0.35.99.git-20131025.0654_darwin-x86_64.deb
> (Reading database ... 204220 files and directories currently installed.)
> Preparing to replace fink 0.35.99.git-20131025.0654 (using
> .../fink_0.35.99.git-20131025.0654_darwin-x86_64.deb) ...
> Unpacking replacement fink ...
> Setting up fink (0.35.99.git-20131025.0654) ...
>
> What is going on?
>

There's something weird going on with dpkg/tar/gettext.

As an interim workaround, fink's calls to dpkg are wrapped setting 
environment variables LANG="C" and LC_ALL="C".
-- 
Alexander Hansen, Ph.D.
Fink User Liaison
My package updates: http://finkakh.wordpress.com/

--
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
___
Fink-devel mailing list
Fink-devel@lists.sourceforge.net
List archive:
http://news.gmane.org/gmane.os.apple.fink.devel
Subscription management:
https://lists.sourceforge.net/lists/listinfo/fink-devel

Re: [Fink-devel] dpkg on 10.9

Re: [Fink-devel] dpkg on 10.9

Re: [Fink-devel] dpkg on 10.9

Re: [Fink-devel] dpkg on 10.9

Re: [Fink-devel] dpkg on 10.9

Re: [Fink-devel] dpkg on 10.9

Re: [Fink-devel] dpkg on 10.9

Re: [Fink-devel] dpkg on 10.9

Re: [Fink-devel] dpkg on 10.9

Re: [Fink-devel] dpkg on 10.9

Re: [Fink-devel] dpkg on 10.9

Re: [Fink-devel] dpkg on 10.9

Re: [Fink-devel] dpkg on 10.9

Re: [Fink-devel] dpkg on 10.9

Re: [Fink-devel] dpkg on 10.9

Re: [Fink-devel] dpkg on 10.9

Re: [Fink-devel] dpkg on 10.9

17 matches

Site Navigation

Mail list logo

Footer information