Bug#244835: apt-get: hangs with long value in config file

[Matt Zimmerman <mdz@debian.org>]

On Sat, Apr 24, 2004 at 01:49:55PM +0000, Gerrit Pape wrote:
> On Tue, Apr 20, 2004 at 10:19:04AM -0700, Matt Zimmerman wrote:
> > It sounds like something's wrong in ReadConfigFile; there is a 300-character
> > buffer in there used with istream::getline.  It looks like it attempts to
> > deal with longer lines, but perhaps there is a bug in it.
> 
> Ok, see http://gcc.gnu.org/bugzilla/show_bug.cgi?id=6238

Yes, I came to the same conclusion.  I don't have a copy of the standard, but
it at least matches the documentation:

     If DELIM was _not_ found before LEN characters or end of file,
     `getline' sets the `ios::fail' flag, as well as the `ios::eof'
     flag if appropriate.

> I don't know the c++ library that much, and if this it right or wrong.
> The patch below at least lets apt-get barf instead of entering an
> infinite loop.

I was thinking of something more like this...

--- configuration.cc.~1.27.~	2003-07-25 17:27:36.000000000 -0700
+++ configuration.cc	2004-04-24 13:42:59.000000000 -0700
@@ -452,7 +452,7 @@
    if (!F != 0)
       return _error->Errno("ifstream::ifstream",_("Opening configuration file %s"),FName.c_str());
    
-   char Buffer[300];
+   char Buffer[1024];
    string LineBuffer;
    string Stack[100];
    unsigned int StackPos = 0;
@@ -466,6 +466,9 @@
    {
       F.getline(Buffer,sizeof(Buffer));
       CurLine++;
+      if (F.fail() && !F.eof())
+         return _error->Error(_("Line %d too long (max %d)"), CurLine, sizeof(Buffer));
+
       _strtabexpand(Buffer,sizeof(Buffer));
       _strstrip(Buffer);
 
-- 
 - mdz