[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#383487: marked as done (parsing packages files: Reads from pipe results in corrupt data)

Your message dated Thu, 21 Sep 2006 01:47:05 -0700
with message-id <E1GQKD3-0000Qt-OZ@spohr.debian.org>
and subject line Bug#383487: fixed in apt 0.6.46
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: python-apt
Version: 0.6.19
Severity: serious

Please find attached a simple python script that can parse and print a
package file, via a pipe using cat or directly with 'open()'. With open,
the result will be identical to the original, as verifiable via 'diff'.
However, using os.popen with cat will result in inserted newlines, which
indicates that stanza's with packages are not read in correctly. In some
bigger files, such as current i386 packages files, you'll also see
partial reads of the long descriptions. So far, I can reproduce this
with all Packages files in unstable/main, or basicly any packages file
that has sufficient many entries. I cannot at first sight find and
pattern, it's seemingly random, but it's reproducible to the exact same
places when dealing with the same packages file.

I've reproduced (actually, first encountered) this bug on the
0.6.19.dsa.1 backport as installed on merkel.debian.org (otherwise ia64
stable). The places where stanza's were broken up were identical there.

On merkel this is with python 2.3, on my own system I could reproduce it
with both python2.3 and python2.4.


-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.8-3-k7
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages python-apt depends on:
ii  apt [libapt-pkg-libc6.3-6-3.1 0.6.45     Advanced front-end for dpkg
ii  apt-utils [libapt-inst-libc6. 0.6.45     APT utility programs
ii  libc6                         2.3.6-19   GNU C Library: Shared libraries
ii  libgcc1                       1:4.1.1-10 GCC support library
ii  libstdc++6                    4.1.1-10   The GNU Standard C++ Library v3
ii  python                        2.4.3-11   An interactive high-level object-o
ii  python-central                0.5.5      register and build utility for Pyt

python-apt recommends no packages.

-- no debconf information

Jeroen van Wolffelaar
Jeroen@wolffelaar.nl (also for Jabber & MSN; ICQ: 33944357)

import os, sys, apt_pkg

# Doesn't trigger bug:
#file = open(sys.argv[1])

# Does trigger bug:
file = os.popen("cat "+sys.argv[1], 'r')

parse = apt_pkg.ParseTagFile(file)
while parse.Step() == 1:
    for k in parse.Section.keys():
        print k + ": " + parse.Section.get(k)

    print ""

--- End Message ---
--- Begin Message ---
Source: apt
Source-Version: 0.6.46

We believe that the bug you reported is fixed in the latest version of
apt, which is due to be installed in the Debian FTP archive:

  to pool/main/a/apt/apt-doc_0.6.46_all.deb
  to pool/main/a/apt/apt-utils_0.6.46_i386.deb
  to pool/main/a/apt/apt_0.6.46.dsc
  to pool/main/a/apt/apt_0.6.46.tar.gz
  to pool/main/a/apt/apt_0.6.46_i386.deb
  to pool/main/a/apt/libapt-pkg-dev_0.6.46_i386.deb
  to pool/main/a/apt/libapt-pkg-doc_0.6.46_all.deb

A summary of the changes between this version and the previous one is

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 383487@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
Michael Vogt <mvo@debian.org> (supplier of updated apt package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)

Hash: SHA1

Format: 1.7
Date: Thu, 21 Sep 2006 10:25:03 +0200
Source: apt
Binary: apt-utils libapt-pkg-doc libapt-pkg-dev apt-doc apt
Architecture: source all i386
Version: 0.6.46
Distribution: unstable
Urgency: low
Maintainer: APT Development Team <deity@lists.debian.org>
Changed-By: Michael Vogt <mvo@debian.org>
 apt        - Advanced front-end for dpkg
 apt-doc    - Documentation for APT
 apt-utils  - APT utility programs
 libapt-pkg-dev - Development files for APT's libapt-pkg and libapt-inst
 libapt-pkg-doc - Documentation for APT development
Closes: 257054 311619 316196 341537 378868 380030 381019 382702 383487 384182 386397 386537 386851 387766 387812 388184 388402
 apt (0.6.46) unstable; urgency=low
   * debian/control:
     - switched to libdb4.4 for building (closes: #381019)
   * cmdline/apt-get.cc:
     - show only the recommends/suggests for the candidate-version, not for all
       versions of the package (closes: #257054)
     - properly handle recommends/suggests or-groups when printing the list of
       suggested/recommends packages (closes: #311619)
   * methods/http.cc:
     - check more careful for incorrect proxy settings (closes: #378868)
   * methods/gzip.cc:
     - don't hang when /var is full (closes: #341537), thanks to
       Luis Rodrigo Gallardo Cruz for the patch
   * doc/examples/sources.list:
     - removed non-us.debian.org from the example (closes: #380030,#316196)
   * Merged from Christian Perrier bzr branch:
     * ro.po: Updated to 514t. Closes: #388402
     * dz.po: Updated to 514t. Closes: #388184
     * it.po: Fixed typos. Closes: #387812
     * ku.po: New kurdish translation. Closes: #387766
     * sk.po: Updated to 514t. Closes: #386851
     * ja.po: Updated to 514t. Closes: #386537
     * gl.po: Updated to 514t. Closes: #386397
     * fr.po: Updated to 516t.
     * fi.po: Updated to 512t. Closes: #382702
   * share/archive-archive.gpg:
     - removed the outdated amd64 and debian-2004 keys
   * apt-pkg/tagfile.cc:
     - applied patch from Jeroen van Wolffelaar to make the tags
       caseinsensitive (closes: #384182)
     - reverted MMap use in the tagfile because it does not work
       across pipes (closes: #383487)
 950e3f0ed7af804704d5380b89c88b88 784 admin important apt_0.6.46.dsc
 65309fd35da4d3844f63cdc0f173e23b 1692242 admin important apt_0.6.46.tar.gz
 9cf6cfd9dfb19a1cfb8ae287706cd6fa 89032 doc optional apt-doc_0.6.46_all.deb
 edee780be69c279f3236b4325f62dba7 112384 doc optional libapt-pkg-doc_0.6.46_all.deb
 0c34e053105fe1d44ee14b096531387d 1414300 admin important apt_0.6.46_i386.deb
 cc9cab84d135ac63f20526789e14baa9 83106 libdevel optional libapt-pkg-dev_0.6.46_i386.deb
 a9307f0e7bce31884ac390fbf97c194c 193534 admin important apt-utils_0.6.46_i386.deb

Version: GnuPG v1.4.5 (GNU/Linux)


--- End Message ---

Reply to: