Bug#691647: unblock: schroot/1.6.4-1
On Sun, Oct 28, 2012 at 12:53:08PM +0000, Roger Leigh wrote:
> On Sun, Oct 28, 2012 at 12:39:28AM +0100, Roger Leigh wrote:
> > Please unblock package schroot
> >
> > I have uploaded schroot 1.6.4-1 to unstable. This contains some
> > documentation for wheezy upgrade issues, plus some fixes for
> > serious and important bugs in wheezy:
>
> I had to make an additional 3 line change to fix building on
> hurd and kfreebsd (attached)
And an additional change to allow for symlinks in paths on the
host.
unblock schroot/1.6.4-3
--
.''`. Roger Leigh
: :' : Debian GNU/Linux http://people.debian.org/~rleigh/
`. `' schroot and sbuild http://alioth.debian.org/projects/buildd-tools
`- GPG Public Key F33D 281D 470A B443 6756 147C 07B3 C8BC 4083 E800
diff -Nru schroot-1.6.4/debian/changelog schroot-1.6.4/debian/changelog
--- schroot-1.6.4/debian/changelog 2012-10-28 11:53:31.000000000 +0000
+++ schroot-1.6.4/debian/changelog 2012-10-29 20:06:47.000000000 +0000
@@ -1,3 +1,10 @@
+schroot (1.6.4-3) unstable; urgency=low
+
+ * schroot-mount canonicalises both the base path and full
+ path when sanity checking mountpoints (Closes: #691694).
+
+ -- Roger Leigh <rleigh@debian.org> Mon, 29 Oct 2012 19:25:30 +0000
+
schroot (1.6.4-2) unstable; urgency=low
* sbuild::chroot_facet_session_clonable: Include
diff -Nru schroot-1.6.4/debian/patches/1.6.4-3 schroot-1.6.4/debian/patches/1.6.4-3
--- schroot-1.6.4/debian/patches/1.6.4-3 1970-01-01 01:00:00.000000000 +0100
+++ schroot-1.6.4/debian/patches/1.6.4-3 2012-10-29 20:07:33.000000000 +0000
@@ -0,0 +1,41 @@
+Description: 1.6.4-3
+ schroot (1.6.4-3) unstable; urgency=low
+ .
+ * schroot-mount canonicalises both the base path and full
+ path when sanity checking mountpoints (Closes: #691694).
+Author: Roger Leigh <rleigh@debian.org>
+Bug-Debian: http://bugs.debian.org/691694
+
+---
+--- schroot-1.6.4.orig/bin/schroot-mount/schroot-mount-main.cc
++++ schroot-1.6.4/bin/schroot-mount/schroot-mount-main.cc
+@@ -96,9 +96,15 @@ main::resolve_path (std::string const& m
+ if (absmountpoint.empty() || absmountpoint[0] != '/')
+ absmountpoint = std::string("/") + absmountpoint;
+
++ char *resolved_path = realpath(opts->mountpoint.c_str(), 0);
++ if (!resolved_path)
++ throw error(opts->mountpoint, REALPATH, strerror(errno));
++ std::string basepath(resolved_path);
++ std::free(resolved_path);
++
+ std::string directory(opts->mountpoint + absmountpoint);
+ // Canonicalise path to remove any symlinks.
+- char *resolved_path = realpath(directory.c_str(), 0);
++ resolved_path = realpath(directory.c_str(), 0);
+ if (resolved_path == 0)
+ {
+ // The path is either not present or is an invalid link. If
+@@ -137,9 +143,9 @@ main::resolve_path (std::string const& m
+ // If the link was absolute (i.e. points somewhere on the host,
+ // outside the chroot, make sure that this is modified to be
+ // inside.
+- if (directory.size() < opts->mountpoint.size() ||
+- directory.substr(0,opts->mountpoint.size()) != opts->mountpoint)
+- directory = opts->mountpoint + directory;
++ if (directory.size() < basepath.size() ||
++ directory.substr(0,basepath.size()) != basepath)
++ directory = basepath + directory;
+
+ return directory;
+ }
diff -Nru schroot-1.6.4/debian/patches/series schroot-1.6.4/debian/patches/series
--- schroot-1.6.4/debian/patches/series 2012-10-28 11:53:59.000000000 +0000
+++ schroot-1.6.4/debian/patches/series 2012-10-29 20:07:06.000000000 +0000
@@ -1 +1,2 @@
1.6.4-2
+1.6.4-3
Reply to: