mirror of
https://github.com/xcat2/xcat-dep.git
synced 2025-01-26 02:48:18 +00:00
177 lines
7.1 KiB
Diff
177 lines
7.1 KiB
Diff
|
diff -ruN dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Archive.pm dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Archive.pm
|
||
|
--- dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Archive.pm 2010-04-15 13:38:58.000000000 +0200
|
||
|
+++ dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Archive.pm 2011-01-06 21:08:30.000000000 +0200
|
||
|
@@ -119,7 +119,7 @@
|
||
|
# Call tar extraction process
|
||
|
$fork_opts{"delete_env"} = [ "TAR_OPTIONS" ];
|
||
|
$fork_opts{'exec'} = [ 'tar', '--no-same-owner', '--no-same-permissions',
|
||
|
- @{$opts{"options"}}, '-xkf', '-' ];
|
||
|
+ @{$opts{"options"}}, '-xf', '-' ];
|
||
|
fork_and_exec(%fork_opts);
|
||
|
$self->cleanup_after_open();
|
||
|
|
||
|
@@ -142,7 +142,7 @@
|
||
|
closedir(D);
|
||
|
my $done = 0;
|
||
|
erasedir($dest);
|
||
|
- if (scalar(@entries) == 1 && -d "$tmp/$entries[0]") {
|
||
|
+ if (scalar(@entries) == 1 && ! -l "$tmp/$entries[0]" && -d _) {
|
||
|
rename("$tmp/$entries[0]", $dest) ||
|
||
|
syserr(_g("Unable to rename %s to %s"),
|
||
|
"$tmp/$entries[0]", $dest);
|
||
|
diff -ruN dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Package/V2.pm dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Package/V2.pm
|
||
|
--- dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Package/V2.pm 2010-04-15 13:38:58.000000000 +0200
|
||
|
+++ dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Package/V2.pm 2011-01-06 21:08:30.000000000 +0200
|
||
|
@@ -115,7 +115,12 @@
|
||
|
# Extract main tarball
|
||
|
info(_g("unpacking %s"), $tarfile);
|
||
|
my $tar = Dpkg::Source::Archive->new(filename => "$dscdir$tarfile");
|
||
|
- $tar->extract($newdirectory, no_fixperms => 1);
|
||
|
+ $tar->extract($newdirectory, no_fixperms => 1,
|
||
|
+ options => [ "--anchored", "--no-wildcards-match-slash",
|
||
|
+ "--exclude", "*/.pc", "--exclude", ".pc" ]);
|
||
|
+ # The .pc exclusion is only needed for 3.0 (quilt) and to avoid
|
||
|
+ # having an upstream tarball provide a directory with symlinks
|
||
|
+ # that would be blindly followed when applying the patches
|
||
|
|
||
|
# Extract additional orig tarballs
|
||
|
foreach my $subdir (keys %origtar) {
|
||
|
diff -ruN dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Patch.pm dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Patch.pm
|
||
|
--- dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Patch.pm 2010-04-15 13:38:58.000000000 +0200
|
||
|
+++ dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Patch.pm 2011-01-06 21:08:30.000000000 +0200
|
||
|
@@ -313,11 +313,42 @@
|
||
|
$header =~ s/\s.*// unless ($header =~ s/\t.*//);
|
||
|
return $header;
|
||
|
}
|
||
|
+
|
||
|
+ sub intuit_file_patched {
|
||
|
+ my ($old, $new) = @_;
|
||
|
+ return $new unless defined $old;
|
||
|
+ return $old unless defined $new;
|
||
|
+ return $new if -e $new and not -e $old;
|
||
|
+ return $old if -e $old and not -e $new;
|
||
|
+ # We don't consider the case where both files are non-existent and
|
||
|
+ # where patch picks the one with the fewest directories to create
|
||
|
+ # since dpkg-source will pre-create the required directories
|
||
|
+ #
|
||
|
+ # Precalculate metrics used by patch
|
||
|
+ my ($tmp_o, $tmp_n) = ($old, $new);
|
||
|
+ my ($len_o, $len_n) = (length($old), length($new));
|
||
|
+ $tmp_o =~ s{[/\\]+}{/}g;
|
||
|
+ $tmp_n =~ s{[/\\]+}{/}g;
|
||
|
+ my $nb_comp_o = ($tmp_o =~ tr{/}{/});
|
||
|
+ my $nb_comp_n = ($tmp_n =~ tr{/}{/});
|
||
|
+ $tmp_o =~ s{^.*/}{};
|
||
|
+ $tmp_n =~ s{^.*/}{};
|
||
|
+ my ($blen_o, $blen_n) = (length($tmp_o), length($tmp_n));
|
||
|
+ # Decide like patch would
|
||
|
+ if ($nb_comp_o != $nb_comp_n) {
|
||
|
+ return ($nb_comp_o < $nb_comp_n) ? $old : $new;
|
||
|
+ } elsif ($blen_o != $blen_n) {
|
||
|
+ return ($blen_o < $blen_n) ? $old : $new;
|
||
|
+ } elsif ($len_o != $len_n) {
|
||
|
+ return ($len_o < $len_n) ? $old : $new;
|
||
|
+ }
|
||
|
+ return $old;
|
||
|
+ }
|
||
|
$_ = getline($diff_handle);
|
||
|
|
||
|
HUNK:
|
||
|
while (defined($_) || not eof($diff_handle)) {
|
||
|
- my ($fn, $fn2);
|
||
|
+ my (%path, %fn);
|
||
|
# skip comments leading up to patch (if any)
|
||
|
until (/^--- /) {
|
||
|
last HUNK if not defined($_ = getline($diff_handle));
|
||
|
@@ -327,11 +358,8 @@
|
||
|
unless(s/^--- //) {
|
||
|
error(_g("expected ^--- in line %d of diff `%s'"), $., $diff);
|
||
|
}
|
||
|
- $_ = strip_ts($_);
|
||
|
- if ($_ eq '/dev/null' or s{^[^/]+/}{$destdir/}) {
|
||
|
- $fn = $_;
|
||
|
- error(_g("%s contains an insecure path: %s"), $diff, $_) if m{/\.\./};
|
||
|
- }
|
||
|
+ $path{'old'} = $_ = strip_ts($_);
|
||
|
+ $fn{'old'} = $_ if $_ ne '/dev/null' and s{^[^/]*/+}{$destdir/};
|
||
|
if (/\.dpkg-orig$/) {
|
||
|
error(_g("diff `%s' patches file with name ending .dpkg-orig"), $diff);
|
||
|
}
|
||
|
@@ -342,46 +370,47 @@
|
||
|
unless (s/^\+\+\+ //) {
|
||
|
error(_g("line after --- isn't as expected in diff `%s' (line %d)"), $diff, $.);
|
||
|
}
|
||
|
- $_ = strip_ts($_);
|
||
|
- if ($_ eq '/dev/null' or s{^[^/]+/}{$destdir/}) {
|
||
|
- $fn2 = $_;
|
||
|
- error(_g("%s contains an insecure path: %s"), $diff, $_) if m{/\.\./};
|
||
|
- } else {
|
||
|
- unless (defined $fn) {
|
||
|
- error(_g("none of the filenames in ---/+++ are relative in diff `%s' (line %d)"),
|
||
|
- $diff, $.);
|
||
|
- }
|
||
|
- }
|
||
|
+ $path{'new'} = $_ = strip_ts($_);
|
||
|
+ $fn{'new'} = $_ if $_ ne '/dev/null' and s{^[^/]*/+}{$destdir/};
|
||
|
+
|
||
|
+ unless (defined $fn{'old'} or defined $fn{'new'}) {
|
||
|
+ error(_g("none of the filenames in ---/+++ are valid in diff '%s' (line %d)"),
|
||
|
+ $diff, $.);
|
||
|
+ }
|
||
|
|
||
|
- if (defined($fn) and $fn eq '/dev/null') {
|
||
|
+ # Safety checks on both filenames that patch could use
|
||
|
+ foreach my $key ("old", "new") {
|
||
|
+ next unless defined $fn{$key};
|
||
|
+ if ($path{$key} =~ m{/\.\./}) {
|
||
|
+ error(_g("%s contains an insecure path: %s"), $diff, $path{$key});
|
||
|
+ }
|
||
|
+ my $path = $fn{$key};
|
||
|
+ while (1) {
|
||
|
+ if (-l $path) {
|
||
|
+ error(_g("diff %s modifies file %s through a symlink: %s"),
|
||
|
+ $diff, $fn{$key}, $path);
|
||
|
+ }
|
||
|
+ last unless $path =~ s{/+[^/]*$}{};
|
||
|
+ last if length($path) <= length($destdir); # $destdir is assumed safe
|
||
|
+ }
|
||
|
+ }
|
||
|
+
|
||
|
+ if ($path{'old'} eq '/dev/null' and $path{'new'} eq '/dev/null') {
|
||
|
error(_g("original and modified files are /dev/null in diff `%s' (line %d)"),
|
||
|
- $diff, $.) if (defined($fn2) and $fn2 eq '/dev/null');
|
||
|
- $fn = $fn2;
|
||
|
- } elsif (defined($fn2) and $fn2 ne '/dev/null') {
|
||
|
- $fn = $fn2 unless defined $fn;
|
||
|
- $fn = $fn2 if ((not -e $fn) and -e $fn2);
|
||
|
- } elsif (defined($fn2) and $fn2 eq '/dev/null') {
|
||
|
+ $diff, $.);
|
||
|
+ } elsif ($path{'new'} eq '/dev/null') {
|
||
|
error(_g("file removal without proper filename in diff `%s' (line %d)"),
|
||
|
- $diff, $. - 1) unless defined $fn;
|
||
|
+ $diff, $. - 1) unless defined $fn{'old'};
|
||
|
warning(_g("diff %s removes a non-existing file %s (line %d)"),
|
||
|
- $diff, $fn, $.) unless -e $fn;
|
||
|
+ $diff, $fn{'old'}, $.) unless -e $fn{'old'};
|
||
|
}
|
||
|
+ my $fn = intuit_file_patched($fn{'old'}, $fn{'new'});
|
||
|
|
||
|
my $dirname = $fn;
|
||
|
if ($dirname =~ s{/[^/]+$}{} && not -d $dirname) {
|
||
|
$dirtocreate{$dirname} = 1;
|
||
|
}
|
||
|
|
||
|
- # Sanity check, refuse to patch through a symlink
|
||
|
- $dirname = $fn;
|
||
|
- while (1) {
|
||
|
- if (-l $dirname) {
|
||
|
- error(_g("diff %s modifies file %s through a symlink: %s"),
|
||
|
- $diff, $fn, $dirname);
|
||
|
- }
|
||
|
- last unless $dirname =~ s{/[^/]+$}{};
|
||
|
- }
|
||
|
-
|
||
|
if (-e $fn and not -f _) {
|
||
|
error(_g("diff `%s' patches something which is not a plain file"), $diff);
|
||
|
}
|