Bug#1071219: apt: debListParser fails to parse arch lists with extraneous whitespace: terminate called after throwing an instance of 'std::length_error'

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1071219: apt: debListParser fails to parse arch lists with extraneous whitespace: terminate called after throwing an instance of 'std::length_error'
From: Andreas Beckmann <anbe@debian.org>
Date: Thu, 16 May 2024 14:11:41 +0200
Message-id: <[🔎] 171586150138.2716965.14857863335153677630.reportbug@zam504.zam.kfa-juelich.de>
Reply-to: Andreas Beckmann <anbe@debian.org>, 1071219@bugs.debian.org

Package: apt
Version: 2.9.2
Severity: serious

one package to reproduce this bug is mpich 4.2.0-5.1

mpich-4.2.0# apt-get build-dep -y .
Note, using directory '.' to get the build dependencies
terminate called after throwing an instance of 'std::length_error'
  what():  basic_string::_M_create
Aborted (core dumped)

Running this through gdb and extracting the interesting part of the
backtrace:

#11 0x00007ffff7e28c6c in std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string<char const*, void> (__a=...,
    __end=0x5555555baade " amd64 powerpc armhf],\n"...,
    __beg=0x5555555baadf "amd64 powerpc armhf],\n"..., this=0x7fffffffd670) at /usr/include/c++/13/bits/basic_string.h:765
#12 debListParser::ParseDepends (Start=<optimized out>,
    Start@entry=0x5555555baabb "valgrind [i386 arm64 ppc64el ppc64  amd64 powerpc armhf],\n"...,
    Stop=Stop@entry=0x5555555bab15 "\nBuild-Conflicts: libamdhip64-dev\n"..., Package=..., Ver=..., Op=@0x7fffffffd930: 0, ParseArchFlags=<optimized out>, StripMultiArch=<optimized out>, ParseRestrictionsList=<optimized out>, Arch=...) at ./apt-pkg/deb/deblistparser.cc:667

Note the double space in ..."ppc64  amd64"...
It tries to create a std::string with __end < __beg resulting in a
negative (or insane) length.

The nasty thing is that the error only happens if there has been no
match, yet. I.e on amd64  ..."amd64  ppc64el"... would *not* have
caused the error.
I'm not sure how to build a test string that reliably works on all
architectures...

Anyway, apt should be able to parse the following string correctly:

"Build-Depends:  foobar  [  i386 armhf  armel  amd64  ]  ,  blah  [  !arm64 !x32  !amd64  ]  ,  baz"
not sure if it is allowed to inject spaces between '!' and arch as in
..."  ppc64  !  mips64el ! s390x "...

(I noticed this due to the salsa-ci failure while building mpich)
e.g. https://salsa.debian.org/science-team/mpich/-/jobs/5731958

Andreas

PS: This will probably be "fixed" in mpich 4.2.0-6

Reply to:

Follow-Ups:
- Bug#1071219: apt: debListParser fails to parse arch lists with extraneous whitespace: terminate called after throwing an instance of 'std::length_error'
  - From: Julian Andres Klode <jak@debian.org>
- Processed: Re: Bug#1071219: apt: debListParser fails to parse arch lists with extraneous whitespace: terminate called after throwing an instance of 'std::length_error'
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>
- Bug#1071219: apt: debListParser fails to parse arch lists with extraneous whitespace: terminate called after throwing an instance of 'std::length_error'
  - From: David Kalnischkies <david@kalnischkies.de>
- Processed: Bug#1071219 marked as pending in apt
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>
- Bug#1071219: marked as done (apt: debListParser fails to parse arch lists with extraneous whitespace: terminate called after throwing an instance of 'std::length_error')
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: Processed: notfound 1070959 apt/2.9.2
Next by Date: Bug#1071219: apt: debListParser fails to parse arch lists with extraneous whitespace: terminate called after throwing an instance of 'std::length_error'
Previous by thread: Processed: notfound 1070959 apt/2.9.2
Next by thread: Bug#1071219: apt: debListParser fails to parse arch lists with extraneous whitespace: terminate called after throwing an instance of 'std::length_error'
Index(es):
- Date
- Thread