xbps-repo genindex: fix use after free, remove outdated binpkg files

by default.

--HG--
extra : convert_revision : xtraeme%40gmail.com-20091124030606-3y34svrtnad21kgk
This commit is contained in:
Juan RP 2009-11-24 03:06:06 +00:00
parent 1c2fc20964
commit d7987e8e32
2 changed files with 64 additions and 33 deletions
bin/xbps-repo

@ -80,19 +80,23 @@ out:
} }
int int
xbps_repo_addpkg_index(prop_dictionary_t idxdict, const char *file) xbps_repo_addpkg_index(prop_dictionary_t idxdict, const char *filedir,
const char *file)
{ {
prop_dictionary_t newpkgd, curpkgd; prop_dictionary_t newpkgd, curpkgd;
prop_array_t pkgar; prop_array_t pkgar;
struct archive *ar; struct archive *ar = NULL;
struct archive_entry *entry; struct archive_entry *entry;
struct stat st; struct stat st;
const char *pkgname, *version, *regver; const char *pkgname, *version, *regver, *oldfilen;
char *sha256, *filen = NULL, *tmpfilen = NULL; char *sha256, *filen, *tmpfilen, *tmpstr, *oldfilepath;
int rv = 0; int rv = 0;
assert(file != NULL); if (idxdict == NULL || file == NULL)
assert(pkgdir != NULL); return EINVAL;
pkgname = version = regver = oldfilen = NULL;
sha256 = filen = tmpfilen = tmpstr = oldfilepath = NULL;
tmpfilen = strdup(file); tmpfilen = strdup(file);
if (tmpfilen == NULL) if (tmpfilen == NULL)
@ -100,8 +104,8 @@ xbps_repo_addpkg_index(prop_dictionary_t idxdict, const char *file)
filen = basename(tmpfilen); filen = basename(tmpfilen);
if (strcmp(tmpfilen, filen) == 0) { if (strcmp(tmpfilen, filen) == 0) {
free(tmpfilen); rv = EINVAL;
return EINVAL; goto out;
} }
ar = archive_read_new(); ar = archive_read_new();
@ -116,7 +120,7 @@ xbps_repo_addpkg_index(prop_dictionary_t idxdict, const char *file)
if ((rv = archive_read_open_filename(ar, file, if ((rv = archive_read_open_filename(ar, file,
ARCHIVE_READ_BLOCKSIZE)) == -1) { ARCHIVE_READ_BLOCKSIZE)) == -1) {
rv = errno; rv = errno;
goto out1; goto out;
} }
/* /*
@ -134,7 +138,6 @@ xbps_repo_addpkg_index(prop_dictionary_t idxdict, const char *file)
file, XBPS_PKGPROPS); file, XBPS_PKGPROPS);
break; break;
} }
if (!prop_dictionary_get_cstring_nocopy(newpkgd, "pkgname", if (!prop_dictionary_get_cstring_nocopy(newpkgd, "pkgname",
&pkgname)) { &pkgname)) {
prop_object_release(newpkgd); prop_object_release(newpkgd);
@ -170,16 +173,47 @@ xbps_repo_addpkg_index(prop_dictionary_t idxdict, const char *file)
break; break;
} }
/* /*
* Current package is newer than the one that is * Current binpkg is newer than the one registered
* registered actually, remove old package from * in package index, remove outdated binpkg file
* the index. * and its dictionary from the pkg index.
*/ */
rv = xbps_remove_pkg_from_dict(idxdict, if (!prop_dictionary_get_cstring_nocopy(curpkgd,
"packages", pkgname); "filename", &oldfilen)) {
if (rv != 0) {
prop_object_release(newpkgd); prop_object_release(newpkgd);
rv = errno;
break; break;
} }
oldfilepath = xbps_xasprintf("%s/%s", filedir,
oldfilen);
if (oldfilepath == NULL) {
prop_object_release(newpkgd);
rv = errno;
break;
}
if (remove(oldfilepath) == -1) {
printf("E: Couldn't remove old package file "
"'%s'!\n", oldfilen);
free(oldfilepath);
prop_object_release(newpkgd);
rv = errno;
break;
}
free(oldfilepath);
tmpstr = strdup(oldfilen);
if (tmpstr == NULL) {
prop_object_release(newpkgd);
rv = errno;
break;
}
if ((rv = xbps_remove_pkg_from_dict(idxdict,
"packages", pkgname)) != 0) {
prop_object_release(newpkgd);
free(tmpstr);
break;
}
printf("W: removed outdated binpkg file "
"for '%s'.\n", tmpstr);
free(tmpstr);
} }
/* /*
@ -205,7 +239,6 @@ xbps_repo_addpkg_index(prop_dictionary_t idxdict, const char *file)
break; break;
} }
free(sha256); free(sha256);
if (stat(file, &st) == -1) { if (stat(file, &st) == -1) {
prop_object_release(newpkgd); prop_object_release(newpkgd);
rv = errno; rv = errno;
@ -217,9 +250,6 @@ xbps_repo_addpkg_index(prop_dictionary_t idxdict, const char *file)
rv = errno; rv = errno;
break; break;
} }
/*
* Add dictionary into the index and update package count.
*/
/* Get package array in repo index file */ /* Get package array in repo index file */
pkgar = prop_dictionary_get(idxdict, "packages"); pkgar = prop_dictionary_get(idxdict, "packages");
if (pkgar == NULL) { if (pkgar == NULL) {
@ -227,27 +257,28 @@ xbps_repo_addpkg_index(prop_dictionary_t idxdict, const char *file)
rv = errno; rv = errno;
break; break;
} }
/*
* Add dictionary into the index and update package count.
*/
if (!xbps_add_obj_to_array(pkgar, newpkgd)) { if (!xbps_add_obj_to_array(pkgar, newpkgd)) {
prop_object_release(newpkgd); prop_object_release(newpkgd);
rv = EINVAL; rv = EINVAL;
break; break;
} }
printf("Registered %s-%s (%s) in package index.\n",
pkgname, version, filen);
if (!prop_dictionary_set_uint64(idxdict, "total-pkgs", if (!prop_dictionary_set_uint64(idxdict, "total-pkgs",
prop_array_count(pkgar))) { prop_array_count(pkgar)))
prop_object_release(newpkgd);
rv = errno; rv = errno;
break;
}
prop_object_release(newpkgd);
printf("Registered %s-%s in package index.\n",
pkgname, version);
printf("\033[1A\033[K");
break; break;
} }
out1:
archive_read_finish(ar);
out: out:
if (ar)
archive_read_finish(ar);
if (tmpfilen)
free(tmpfilen); free(tmpfilen);
return rv; return rv;
@ -320,7 +351,7 @@ xbps_repo_genindex(const char *pkgdir)
rv = errno; rv = errno;
goto out; goto out;
} }
rv = xbps_repo_addpkg_index(idxdict, binfile); rv = xbps_repo_addpkg_index(idxdict, path, binfile);
free(binfile); free(binfile);
if (rv == EEXIST) if (rv == EEXIST)
continue; continue;

@ -27,6 +27,6 @@
#define _XBPS_REPO_INDEX_H_ #define _XBPS_REPO_INDEX_H_
int xbps_repo_genindex(const char *); int xbps_repo_genindex(const char *);
int xbps_repo_addpkg_index(prop_dictionary_t, const char *); int xbps_repo_addpkg_index(prop_dictionary_t, const char *, const char *);
#endif /* !_XBPS_REPO_INDEX_H_ */ #endif /* !_XBPS_REPO_INDEX_H_ */