Bug#718349: lintian: Emits malformed-deb-archive on valid deb packages
Hi!
On Mon, 2013-08-05 at 23:41:41 +0200, Niels Thykier wrote:
> On 2013-07-30 17:43, Guillem Jover wrote:
> > Package: lintian
> > Version: 2.5.15
> > Severity: wishlist
> > The malformed-deb-archive gets emitted on valid .deb archives as
> > specified in deb(5) and accepted by dpkg-deb, although those are not
> > accepted by the Debian archive. It would be nice to separate what's
> > a trully malformed .deb archive from what's not accepted by Debian,
> > probably through a profile?
> >
> > For example the format explicitly supports extra members after the
> > known ones, and additional members inbetween the known ones as long
> > as they start with an underscore. Also uncompressed data.tar members
> > (as mentioned in another bug report).
> I am proposing the following patch to resolve this issue.
Thanks! Very quick review:
> diff --git a/checks/deb-format.pm b/checks/deb-format.pm
> index dc95b03..4d17f98 100644
> --- a/checks/deb-format.pm
> +++ b/checks/deb-format.pm
> @@ -43,26 +48,63 @@ my $opts = {};
> my $success = spawn ($opts, ['ar', 't', $deb]);
> if ($success) {
> my @members = split("\n", ${ $opts->{out} });
> - if (@members != 3) {
> - my $count = scalar(@members);
> + my $count = scalar(@members);
> + if ($count < 3) {
> tag 'malformed-deb-archive',
> - "found $count members instead of 3";
> + "found only $count members instead of 3";
> } elsif ($members[0] ne 'debian-binary') {
> tag 'malformed-deb-archive',
> "first member $members[0] not debian-binary";
> } elsif ($members[1] ne 'control.tar.gz') {
> tag 'malformed-deb-archive',
> "second member $members[1] not control.tar.gz";
[…]
> } else {
> + # for now
> $okay = 1;
> + # Remove already accepted members
> + shift(@members); shift(@members);
> + }
> + if ($okay) {
> + # The data.tar member is the first member after the control.tar.gz,
> + # which does not start with a "_" (man deb(5)).
Actually, “_” members can be inserted before data.tar and after
debian-binary (which is the only member with a hardcoded index), so
control.tar.gz might not be the second (absolute) member. I guess this
was not really clear from the deb(5) man page, so I'll try to clarify it.
(I also just noticed dpkg-deb does not enforce control.tar > data.tar
index order :/, I'll be fixing this for 1.17.2 too…)
Thanks,
Guillem
Reply to: