Bug#554349: apt: Method rred has died unexpectedly!

[Michael Vogt <mvo@ubuntu.com>]

On Wed, Nov 04, 2009 at 11:12:25AM +0100, David Kalnischkies wrote:
> tags 554349 + confirmed
> thanks
> 
> Hello Faheem Mitha & all other co-bug-reporters :)
> 
> First of all: Thanks for the report!
> 
> I have currently no time to dig into it a bit deeper,
> (hopefully i can do it tonight or tomorrow)
> but my first guess is an overflow of an internal variable:
> apt-get update -o Debug::pkgAcquire::RRed=1 -qq
> results in 65,442 lines of output which is near the value
> of a signed integer (65,535).
> 
> A patch of this size (~9 MB) is a bit uncommon as it
> is bigger than the complete download of the new file.
> It would be good if APT could detect it... we will see. :)
[..]

Attached is a patch that should add detection for patches that are
bigger than the actual file to patch. Unfortuantely I can no longer
reproduce the failure. Testing/feedback is welcome. 

Cheers,
 Michael

=== modified file 'apt-pkg/acquire-item.cc'
--- apt-pkg/acquire-item.cc	2009-06-30 19:37:30 +0000
+++ apt-pkg/acquire-item.cc	2009-11-04 17:07:24 +0000
@@ -247,7 +247,7 @@
 	    std::clog << "SHA1-Current: " << ServerSha1 << std::endl;
 
 	 // check the historie and see what patches we need
-	 string history = Tags.FindS("SHA1-History");     
+	 string history = Tags.FindS("SHA1-History");
 	 std::stringstream hist(history);
 	 while(hist >> d.sha1 >> size >> d.file) 
 	 {
@@ -258,6 +258,16 @@
 	    // from that point on, we probably need all diffs
 	    if(found) 
 	    {
+	       string sha1, size, file;
+	       std::stringstream patches(Tags.FindS("SHA1-Patches"));
+	       while(patches >> sha1 >> size >> file)  {
+		  if (sha1 == d.sha1 && atoi(size.c_str()) > fd.Size()) {
+		     std::clog << "patch size bigger than package file size?!?" << std::endl;
+		     return false;
+		  }
+	       }
+	    
+
 	       if(Debug)
 		  std::clog << "Need to get diff: " << d.file << std::endl;
 	       available_patches.push_back(d);

=== modified file 'apt-pkg/acquire-item.h'
--- apt-pkg/acquire-item.h	2009-06-30 19:37:30 +0000
+++ apt-pkg/acquire-item.h	2009-11-04 16:55:25 +0000
@@ -267,10 +267,10 @@
    /** The filename of the diff. */
    string file;
 
-   /** The sha1 hash of the diff. */
+   /** The sha1 hash of the patched file. */
    string sha1;
 
-   /** The size of the diff. */
+   /** The size of the patched file. */
    unsigned long size;
 };
 									/*}}}*/

=== modified file 'debian/changelog'
--- debian/changelog	2009-10-29 10:53:01 +0000
+++ debian/changelog	2009-11-04 14:56:53 +0000
@@ -9,6 +9,8 @@
   * apt-pkg/packagemanager.cc:
     - add output about pre-depends configuring when debug::pkgPackageManager
       is used
+  * apt-pkg/acquire-item.cc:
+    - ignore patches if the patch is larger than the file 
 
   [ Brian Murray ]
   * apt-pkg/depcache.cc, apt-pkg/indexcopy.cc: