Hi,
On Sat, Nov 05, 2011 at 11:17:05AM -0400, Joey Hess wrote:
> Code review:
>
> + while (fgets(buf, sizeof(buf), infp)) {
> + if (strncmp(buf, "data.tar.", 9) == 0) {
> + compression_type = buf + 9;
> + break;
> + }
> + }
>
> There is no point in looping here, because if the ar -t output is somehow
> longer than sizeof(buf), the data.tar.* output could be split across buffers
> and so you've already lost. Anyway, with a buffer of 8192, that won't
> happen unless the deb format changes in a very unexpected way.
it's looping over the lines, as fgets stops at newlines.
> FWIW, this code would fail if the dpkg format got a new member named something
> like data.tar.gz.sign.
True. OTOH udebs are a very restricted environment. Should I look out for
additional dots? That might break compression formats with multiple
components. ;-)
> + puts(buf);
> leftover debugging?
Yep, thanks for spotting it.
Kind regards,
Philipp Kern
--
.''`. Philipp Kern Debian Developer
: :' : http://philkern.de Stable Release Manager
`. `' xmpp:phil@0x539.de Wanna-Build Admin
`- finger pkern/key@db.debian.org
Attachment:
signature.asc
Description: Digital signature