Bug#890791: stretch-pu: package dpkg/1.18.25
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian.org@packages.debian.org
Usertags: pu
Hi!
I'd like to update dpkg in stretch. This includes several fixes for
documentation, regressions, misbheavior, minor security issues, and
a new arch definition so that DAK can accept packages using it. The
fixes have been in sid/buster for a while now.
Attached the git diff 1.18.24..next/1.18.x (excluding translation
updates). Also given that unfortunately this time around there are
several string changes, I might need to do a translation round before
the upload, if the changes get approved.
Also available as a branch at
<https://git.hadrons.org/cgit/debian/dpkg/dpkg.git/log/?h=next/1.18.x>.
Thanks,
Guillem
diff --git a/data/cputable b/data/cputable
index a2bd7d687..9f2a8e0e4 100644
--- a/data/cputable
+++ b/data/cputable
@@ -41,6 +41,7 @@ powerpc powerpc (powerpc|ppc) 32 big
powerpcel powerpcle powerpcle 32 little
ppc64 powerpc64 (powerpc|ppc)64 64 big
ppc64el powerpc64le powerpc64le 64 little
+riscv64 riscv64 riscv64 64 little
s390 s390 s390 32 big
s390x s390x s390x 64 big
sh3 sh3 sh3 32 little
diff --git a/debian/changelog b/debian/changelog
index 26a8b14cd..64d09cb40 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,44 @@
+dpkg (1.18.25) stretch; urgency=medium
+
+ [ Guillem Jover ]
+ * Parse start-stop-daemon usernames and groupnames starting with digits in
+ -u and -c correctly. Reported by Bodo Eggert <7eggert@online.de>.
+ * Always use the binary version for the .buildinfo filename in
+ dpkg-genbuildinfo. Reported by Raphaël Hertzog <hertzog@debian.org>.
+ Closes: #869236
+ * Fix integer overflow in deb(5) format version parser.
+ Closes: #868356
+ * Fix directory traversal with dpkg-deb --raw-extract, by guaranteeing
+ that the DEBIAN pathname does not exist. Closes: #879982
+ Reported by Jakub Wilk <jwilk@jwilk.net>.
+ * Do not try to recompute hashes for the .dsc file when signing binary-only
+ builds in dpkg-buildpackage. Reported by Ximin Luo <infinity0@debian.org>.
+ * Architecture support:
+ - Add support for riscv64 CPU. Closes: #822914
+ Thanks to Manuel A. Fernandez Montecelo <mafm@debian.org>
+ * Perl modules:
+ - Do not normalize args past a passthrough stop word in Dpkg::Getopt.
+ Some commands pass some arguments through to another command, and
+ those must not be normalized as that might break their invocation.
+ Reported by Helmut Grohne <helmut@subdivi.de>.
+ * Documentation:
+ - Update buildinfo information in dpkg-buildpackage man page to match
+ the current implementation.
+ - Use correct name for archname validator value in dpkg(1) man page.
+ Reported by Niels Thykier <niels@thykier.net.
+ * Packaging:
+ - Add versioned Build-Depends on tar, due to the --clamp-mtime option
+ being used in Dpkg::Source::Archive which is used by dpkg-source,
+ used by the test suite. Closes: #877330
+
+ [ Updated programs translations ]
+ * German (Sven Joachim).
+
+ [ Updated man pages translations ]
+ * German (Helge Kreutzmann).
+
+ -- Guillem Jover <guillem@debian.org> Sun, 18 Feb 2018 22:15:36 +0100
+
dpkg (1.18.24) unstable; urgency=medium
[ Guillem Jover ]
diff --git a/debian/control b/debian/control
index f2cd11766..1b20f8f04 100644
--- a/debian/control
+++ b/debian/control
@@ -14,6 +14,8 @@ Build-Depends:
dpkg-dev (>= 1.17.14),
debhelper (>= 9.20141010),
pkg-config,
+# Needed for --clamp-mtime in dpkg-source -b.
+ tar (>= 1.28-1) <!nocheck>,
# Needed for --add-location.
gettext (>= 0.19),
# Needed for --porefs.
diff --git a/dpkg-deb/dpkg-deb.h b/dpkg-deb/dpkg-deb.h
index bc90c271e..54a5d71fd 100644
--- a/dpkg-deb/dpkg-deb.h
+++ b/dpkg-deb/dpkg-deb.h
@@ -53,6 +53,8 @@ enum dpkg_tar_options {
DPKG_TAR_PERMS = DPKG_BIT(2),
/** Do not set tar mtime on extract. */
DPKG_TAR_NOMTIME = DPKG_BIT(3),
+ /** Guarantee extraction into a new directory, abort if it exists. */
+ DPKG_TAR_CREATE_DIR = DPKG_BIT(4),
};
void extracthalf(const char *debar, const char *dir,
diff --git a/dpkg-deb/extract.c b/dpkg-deb/extract.c
index b1d66ee15..f91d18ad8 100644
--- a/dpkg-deb/extract.c
+++ b/dpkg-deb/extract.c
@@ -336,15 +336,15 @@ extracthalf(const char *debar, const char *dir,
unsetenv("TAR_OPTIONS");
if (dir) {
- if (chdir(dir)) {
- if (errno != ENOENT)
- ohshite(_("failed to chdir to directory"));
-
- if (mkdir(dir, 0777))
+ if (mkdir(dir, 0777) != 0) {
+ if (errno != EEXIST)
ohshite(_("failed to create directory"));
- if (chdir(dir))
- ohshite(_("failed to chdir to directory after creating it"));
+
+ if (taroption & DPKG_TAR_CREATE_DIR)
+ ohshite(_("unexpected pre-existing pathname %s"), dir);
}
+ if (chdir(dir) != 0)
+ ohshite(_("failed to chdir to directory"));
}
command_exec(&cmd);
@@ -490,7 +490,7 @@ do_raw_extract(const char *const *argv)
data_options |= DPKG_TAR_LIST;
extracthalf(debar, dir, data_options, 0);
- extracthalf(debar, control_dir, DPKG_TAR_EXTRACT, 1);
+ extracthalf(debar, control_dir, DPKG_TAR_EXTRACT | DPKG_TAR_CREATE_DIR, 1);
free(control_dir);
diff --git a/lib/dpkg/deb-version.c b/lib/dpkg/deb-version.c
index ea53a592a..cee5ddd6a 100644
--- a/lib/dpkg/deb-version.c
+++ b/lib/dpkg/deb-version.c
@@ -21,6 +21,7 @@
#include <config.h>
#include <compat.h>
+#include <limits.h>
#include <string.h>
#include <stdlib.h>
@@ -46,19 +47,33 @@ const char *
deb_version_parse(struct deb_version *version, const char *str)
{
const char *str_minor, *end;
- int major = 0;
- int minor = 0;
+ unsigned int major = 0;
+ unsigned int minor = 0;
+ unsigned int divlimit = INT_MAX / 10;
+ int modlimit = INT_MAX % 10;
- for (end = str; *end && c_isdigit(*end); end++)
- major = major * 10 + *end - '0';
+ for (end = str; *end && c_isdigit(*end); end++) {
+ int ord = *end - '0';
+
+ if (major > divlimit || (major == divlimit && ord > modlimit))
+ return _("format version with too big major component");
+
+ major = major * 10 + ord;
+ }
if (end == str)
return _("format version with empty major component");
if (*end != '.')
return _("format version has no dot");
- for (end = str_minor = end + 1; *end && c_isdigit(*end); end++)
- minor = minor * 10 + *end - '0';
+ for (end = str_minor = end + 1; *end && c_isdigit(*end); end++) {
+ int ord = *end - '0';
+
+ if (minor > divlimit || (minor == divlimit && ord > modlimit))
+ return _("format version with too big minor component");
+
+ minor = minor * 10 + ord;
+ }
if (end == str_minor)
return _("format version with empty minor component");
diff --git a/lib/dpkg/t/t-deb-version.c b/lib/dpkg/t/t-deb-version.c
index 2e069073c..88b94e95e 100644
--- a/lib/dpkg/t/t-deb-version.c
+++ b/lib/dpkg/t/t-deb-version.c
@@ -21,6 +21,9 @@
#include <config.h>
#include <compat.h>
+#include <limits.h>
+#include <stdio.h>
+
#include <dpkg/test.h>
#include <dpkg/deb-version.h>
@@ -28,6 +31,7 @@ static void
test_deb_version_parse(void)
{
struct deb_version v;
+ char *vs;
/* Test valid versions. */
test_pass(deb_version_parse(&v, "0.0") == NULL);
@@ -59,12 +63,28 @@ test_deb_version_parse(void)
test_fail(deb_version_parse(&v, "4.4 ") == NULL);
test_fail(deb_version_parse(&v, " 5.5 ") == NULL);
+ /* Test integer limits. */
+ if (asprintf(&vs, "%d.0", INT_MAX) < 0)
+ test_bail("cannot allocate memory for asprintf()");
+ test_pass(deb_version_parse(&v, vs) == NULL);
+ free(vs);
+
+ if (asprintf(&vs, "%d.0", INT_MAX - 1) < 0)
+ test_bail("cannot allocate memory for asprintf()");
+ test_pass(deb_version_parse(&v, vs) == NULL);
+ free(vs);
+
+ if (asprintf(&vs, "%u.0", 1U + (unsigned int)INT_MAX) < 0)
+ test_bail("cannot allocate memory for asprintf()");
+ test_fail(deb_version_parse(&v, vs) == NULL);
+ free(vs);
+
/* FIXME: Complete. */
}
TEST_ENTRY(test)
{
- test_plan(21);
+ test_plan(24);
test_deb_version_parse();
}
diff --git a/man/deb-buildinfo.man b/man/deb-buildinfo.man
index 60109baf8..82a7fc7bb 100644
--- a/man/deb-buildinfo.man
+++ b/man/deb-buildinfo.man
@@ -49,9 +49,9 @@ as specified in RFC4880.
The name of the \fB.buildinfo\fP file will depend on the type of build and
will be as specific as necessary but not more;
for a build that includes \fBany\fP the name will be
-\fIsource-name\fP\fB_\fP\fIsource-version\fP\fB_\fP\fIarch\fP\fB.buildinfo\fP,
+\fIsource-name\fP\fB_\fP\fIbinary-version\fP\fB_\fP\fIarch\fP\fB.buildinfo\fP,
or otherwise for a build that includes \fBall\fP the name will be
-\fIsource-name\fP\fB_\fP\fIsource-version\fP\fB_\fP\fBall.buildinfo\fP,
+\fIsource-name\fP\fB_\fP\fIbinary-version\fP\fB_\fP\fBall.buildinfo\fP,
or otherwise for a build that includes \fBsource\fP the name will be
\fIsource-name\fP\fB_\fP\fIsource-version\fP\fB_\fP\fBsource.buildinfo\fP.
.
diff --git a/man/dpkg-buildpackage.man b/man/dpkg-buildpackage.man
index 79aa18f58..2b5983e56 100644
--- a/man/dpkg-buildpackage.man
+++ b/man/dpkg-buildpackage.man
@@ -63,7 +63,7 @@ build has been requested with \fB\-\-build\fP or equivalent options), or
\fBbuild\-indep\fP and \fBbinary\-indep\fP (if an \fBall\fP and not \fBany\fP
build has been requested with \fB\-\-build\fP or equivalent options).
.IP \fB6.\fP 3
-Unless a source-only build has been requested, it runs the \fBbuildinfo\fP
+It runs the \fBbuildinfo\fP
hook and calls \fBdpkg\-genbuildinfo\fP to generate a \fB.buildinfo\fP file.
Several \fBdpkg\-buildpackage\fP options are forwarded to
\fBdpkg\-genbuildinfo\fP.
@@ -73,9 +73,9 @@ generate a \fB.changes\fP file.
The name of the \fB.changes\fP file will depend on the type of build and
will be as specific as necessary but not more;
for a build that includes \fBany\fP the name will be
-\fIsource-name\fP\fB_\fP\fIsource-version\fP\fB_\fP\fIarch\fP\fB.changes\fP,
+\fIsource-name\fP\fB_\fP\fIbinary-version\fP\fB_\fP\fIarch\fP\fB.changes\fP,
or otherwise for a build that includes \fBall\fP the name will be
-\fIsource-name\fP\fB_\fP\fIsource-version\fP\fB_\fP\fBall.changes\fP,
+\fIsource-name\fP\fB_\fP\fIbinary-version\fP\fB_\fP\fBall.changes\fP,
or otherwise for a build that includes \fBsource\fP the name will be
\fIsource-name\fP\fB_\fP\fIsource-version\fP\fB_\fP\fBsource.changes\fP.
Many \fBdpkg\-buildpackage\fP options are forwarded to
@@ -353,7 +353,7 @@ their commands fail, so watch out for unintended consequences.
The current \fIhook-name\fP supported are:
-.B init preclean source build binary changes postclean check sign done
+.B init preclean source build binary buildinfo changes postclean check sign done
The \fIhook-command\fP supports the following substitution format string,
which will get applied to it before execution:
diff --git a/man/dpkg-genbuildinfo.man b/man/dpkg-genbuildinfo.man
index 98f910726..aaf54a38a 100644
--- a/man/dpkg-genbuildinfo.man
+++ b/man/dpkg-genbuildinfo.man
@@ -92,7 +92,7 @@ for information about alternative formats.
.BR \-O [\fIfilename\fP]
Print the buildinfo file to standard output (or \fIfilename\fP if specified)
rather than to
-.IB dir / source-name _ source-version _ arch .buildinfo
+.IB dir / source-name _ binary-version _ arch .buildinfo
(where \fIdir\fP is \fB..\fP by default or \fIupload-files-dir\fP
if \fB\-u\fP was used).
.TP
diff --git a/man/dpkg.man b/man/dpkg.man
index de2a07188..4f6f14bb9 100644
--- a/man/dpkg.man
+++ b/man/dpkg.man
@@ -388,7 +388,7 @@ Validates the given package name (since dpkg 1.18.16).
.B trigname
Validates the given trigger name (since dpkg 1.18.16).
.TP
-.B pkgname
+.B archname
Validates the given architecture name (since dpkg 1.18.16).
.TP
.B version
diff --git a/scripts/Dpkg/Getopt.pm b/scripts/Dpkg/Getopt.pm
index 4d677f391..bebe9f8d3 100644
--- a/scripts/Dpkg/Getopt.pm
+++ b/scripts/Dpkg/Getopt.pm
@@ -18,7 +18,7 @@ package Dpkg::Getopt;
use strict;
use warnings;
-our $VERSION = '0.01';
+our $VERSION = '0.02';
our @EXPORT = qw(
normalize_options
);
@@ -27,17 +27,20 @@ use Exporter qw(import);
sub normalize_options
{
- my (@args) = @_;
+ my (%opts) = @_;
+ my $norm = 1;
+ my @args;
@args = map {
- if (m/^(-[A-Za-z])(.+)$/) {
+ if ($norm and m/^(-[A-Za-z])(.+)$/) {
($1, $2)
- } elsif (m/^(--[A-Za-z-]+)=(.*)$/) {
+ } elsif ($norm and m/^(--[A-Za-z-]+)=(.*)$/) {
($1, $2)
} else {
+ $norm = 0 if defined $opts{delim} and $_ eq $opts{delim};
$_;
}
- } @args;
+ } @{$opts{args}};
return @args;
}
diff --git a/scripts/dpkg-architecture.pl b/scripts/dpkg-architecture.pl
index aa77ea4ea..c3c0c003f 100755
--- a/scripts/dpkg-architecture.pl
+++ b/scripts/dpkg-architecture.pl
@@ -172,7 +172,7 @@ sub action_needs($) {
return (($req_vars & $bits) == $bits);
}
-@ARGV = normalize_options(@ARGV);
+@ARGV = normalize_options(args => \@ARGV, delim => '-c');
while (@ARGV) {
my $arg = shift;
diff --git a/scripts/dpkg-buildpackage.pl b/scripts/dpkg-buildpackage.pl
index dd17abb25..3cfe1a512 100755
--- a/scripts/dpkg-buildpackage.pl
+++ b/scripts/dpkg-buildpackage.pl
@@ -645,11 +645,13 @@ if ($signsource or $signbuildinfo) {
# Recompute the checksums as the .dsc and/or .buildinfo have changed.
my $checksums = Dpkg::Checksums->new();
$checksums->add_from_control($changes);
- $checksums->add_from_file("../$pv.dsc", update => 1, key => "$pv.dsc");
+ $checksums->add_from_file("../$pv.dsc", update => 1, key => "$pv.dsc")
+ if $signsource;
$checksums->add_from_file("../$pva.buildinfo", update => 1, key => "$pva.buildinfo");
$checksums->export_to_control($changes);
delete $changes->{'Checksums-Md5'};
- update_files_field($changes, $checksums, "$pv.dsc");
+ update_files_field($changes, $checksums, "$pv.dsc")
+ if $signsource;
update_files_field($changes, $checksums, "$pva.buildinfo");
$changes->save($chg);
}
diff --git a/scripts/dpkg-genbuildinfo.pl b/scripts/dpkg-genbuildinfo.pl
index c7d6cb144..134d5c8fb 100755
--- a/scripts/dpkg-genbuildinfo.pl
+++ b/scripts/dpkg-genbuildinfo.pl
@@ -356,7 +356,7 @@ my $prev_changelog = changelog_parse(%options);
my $sourceversion = $changelog->{'Binary-Only'} ?
$prev_changelog->{'Version'} : $changelog->{'Version'};
-my $binaryversion = $changelog->{'Version'};
+my $binaryversion = Dpkg::Version->new($changelog->{'Version'});
# Include .dsc if available.
my $spackage = $changelog->{'Source'};
@@ -451,7 +451,8 @@ if ($stdout) {
$arch = 'source';
}
- $buildinfo = "${spackage}_${sversion}_${arch}.buildinfo";
+ my $bversion = $binaryversion->as_string(omit_epoch => 1);
+ $buildinfo = "${spackage}_${bversion}_${arch}.buildinfo";
$outputfile = "$uploadfilesdir/$buildinfo";
}
diff --git a/scripts/dpkg-parsechangelog.pl b/scripts/dpkg-parsechangelog.pl
index 9f826a9eb..86c30b451 100755
--- a/scripts/dpkg-parsechangelog.pl
+++ b/scripts/dpkg-parsechangelog.pl
@@ -70,7 +70,7 @@ sub usage {
"), $Dpkg::PROGNAME;
}
-@ARGV = normalize_options(@ARGV);
+@ARGV = normalize_options(args => \@ARGV, delim => '--');
while (@ARGV) {
last unless $ARGV[0] =~ m/^-/;
diff --git a/scripts/t/Dpkg_Arch.t b/scripts/t/Dpkg_Arch.t
index d478b497d..8f6301cea 100644
--- a/scripts/t/Dpkg_Arch.t
+++ b/scripts/t/Dpkg_Arch.t
@@ -16,7 +16,7 @@
use strict;
use warnings;
-use Test::More tests => 16367;
+use Test::More tests => 16830;
use_ok('Dpkg::Arch', qw(debarch_to_debtuple debarch_to_multiarch
debarch_eq debarch_is debarch_is_wildcard
@@ -162,7 +162,7 @@ is(gnutriplet_to_debarch(undef), undef, 'undef gnutriplet');
is(gnutriplet_to_debarch('unknown-unknown-unknown'), undef, 'unknown gnutriplet');
is(gnutriplet_to_debarch('x86_64-linux-gnu'), 'amd64', 'known gnutriplet');
-is(scalar get_valid_arches(), 524, 'expected amount of known architectures');
+is(scalar get_valid_arches(), 539, 'expected amount of known architectures');
{
local $ENV{CC} = 'false';
diff --git a/scripts/t/Dpkg_Getopt.t b/scripts/t/Dpkg_Getopt.t
index 186679636..32edeec53 100644
--- a/scripts/t/Dpkg_Getopt.t
+++ b/scripts/t/Dpkg_Getopt.t
@@ -16,7 +16,7 @@
use strict;
use warnings;
-use Test::More tests => 3;
+use Test::More tests => 4;
BEGIN {
use_ok('Dpkg::Getopt');
@@ -24,12 +24,17 @@ BEGIN {
my @expect_argv;
-@ARGV = normalize_options(qw(-a -bfoo -c var));
+@ARGV = normalize_options(args => [ qw(-a -bfoo -c var) ]);
@expect_argv = qw(-a -b foo -c var);
is_deeply(\@ARGV, \@expect_argv, 'unbundle short options');
-@ARGV = normalize_options(qw(--option-a --option-b value --option-c=value));
+@ARGV = normalize_options(args => [ qw(--option-a --option-b value --option-c=value) ]);
@expect_argv = qw(--option-a --option-b value --option-c value);
is_deeply(\@ARGV, \@expect_argv, 'unbundle long options');
+@ARGV = normalize_options(args => [ qw(-aaa -bbb --option-a=oa -- --opt=arg -dval) ],
+ delim => '--');
+@expect_argv = qw(-a aa -b bb --option-a oa -- --opt=arg -dval);
+is_deeply(\@ARGV, \@expect_argv, 'unbundle options with delimiter');
+
1;
diff --git a/utils/start-stop-daemon.c b/utils/start-stop-daemon.c
index 3931f5c79..813575044 100644
--- a/utils/start-stop-daemon.c
+++ b/utils/start-stop-daemon.c
@@ -1205,7 +1205,7 @@ setup_options(void)
free(fullexecname);
}
- if (userspec && sscanf(userspec, "%d", &user_id) != 1) {
+ if (userspec && parse_unsigned(userspec, 10, &user_id) < 0) {
struct passwd *pw;
pw = getpwnam(userspec);
@@ -1215,7 +1215,7 @@ setup_options(void)
user_id = pw->pw_uid;
}
- if (changegroup && sscanf(changegroup, "%d", &runas_gid) != 1) {
+ if (changegroup && parse_unsigned(changegroup, 10, &runas_gid) < 0) {
struct group *gr;
gr = getgrnam(changegroup);
@@ -1228,7 +1228,7 @@ setup_options(void)
struct passwd *pw;
struct stat st;
- if (sscanf(changeuser, "%d", &runas_uid) == 1)
+ if (parse_unsigned(changeuser, 10, &runas_uid) == 0)
pw = getpwuid(runas_uid);
else
pw = getpwnam(changeuser);
Reply to: