[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#539366: cron.daily/apt: $VERBOSE accessed before sanitised: [: 324: Illegal number

tags 539366 patch

Found this existing bug report last minute, so here's what I almost
submitted as new:

/etc/cron.daily/apt uses the following logic at line 324:

  eval $(apt-config shell VERBOSE APT::Periodic::Verbose)
  debug_echo "verbose level $VERBOSE"
  if [ -z "$VERBOSE" ]; then

Since debug_echo numerically compares $VERBOSE, this results in

  + apt-config shell VERBOSE APT::Periodic::Verbose
  + eval
  + debug_echo verbose level 
  + [  -ge 1 ]
  [: 1: Illegal number: 

and the following message mailed by cron:

  [: 324: Illegal number: 

The patch could be to set $VERBOSE if unset while passing it to

--- /tmp/apt    2009-08-05 07:37:48.441667500 +0200
+++ /etc/cron.daily/apt 2009-08-05 07:37:08.956785843 +0200
@@ -322,10 +322,7 @@
 set -x
 # Set VERBOSE mode from  apt-config (or inherit from environment)
 eval $(apt-config shell VERBOSE APT::Periodic::Verbose)
-debug_echo "verbose level $VERBOSE"
-if [ -z "$VERBOSE" ]; then
-    VERBOSE="0"
+debug_echo "verbose level ${VERBOSE:=0}"
 if [ "$VERBOSE" -le 2 ]; then
     # quiet for 0,1,2

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.31-rc3-amd64 (SMP w/1 CPU core)
Locale: LANG=en_GB, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages apt depends on:
ii  debian-archive-keyring        2009.01.31 GnuPG archive keys of the Debian a
ii  libc6                         2.9-23     GNU C Library: Shared libraries
ii  libgcc1                       1:4.4.1-1  GCC support library
ii  libstdc++6                    4.4.1-1    The GNU Standard C++ Library v3

apt recommends no packages.

Versions of packages apt suggests:
pn  apt-doc                   <none>         (no description available)
ii  aptitude         terminal-based package manager
ii  bzip2                     1.0.5-3        high-quality block-sorting file co
ii  dpkg-dev               Debian package development tools
ii  lzma                      4.43-14        Compression method of 7z format in
ii  python-apt             Python interface to libapt-pkg

-- debconf-show failed

 .''`.   martin f. krafft <madduck@d.o>      Related projects:
: :'  :  proud Debian developer               http://debiansystem.info
`. `'`   http://people.debian.org/~madduck    http://vcs-pkg.org
  `-  Debian - when you have better things to do than fixing systems

Attachment: digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/)

Reply to: