The funcs xbps_pkg_name() and xbps_pkgpattern_name() were
using malloc(3) to return the result, until now.
They now have been changed to not allocate the result
via malloc, the caller is responsible to provide a buffer
at least of XBPS_NAME_SIZE (64).
If for whatever reason the pkgname can't be guessed,
returns false. This should avoid lots of small allocs
around libxbps.
New functions have the following prototype:
bool xbps_pkg_name(char *dst, size_t len, const char *pkg)
bool xbps_pkgpattern_name(char *dst, size_t len, const char *pkg)
as suggested by @duncaen.
On some systems, something like this happens:
package_unpack.c:375:11: error: 'buf' may be used uninitialized in this function
This is not actually a bug as logically `buf` is always initialized
in that place, but gcc doesn't like it anyway.
$ARCH-repodata is currently not protected by a signature. While most of
the package metadata is also embedded into the .xbps files, which are
protected by a signature, xbps-install ignores it
(1670ff000d/lib/package_unpack.c (L123))
and relies entirely on $ARCH-repodata.
This enables anyone who is able to modify the $ARCH-repodata to
substitute packages. This patch adds a check that verifies the signed
pkgver matches the one in the repodata, so at least downgrades posing as
updates are detected.
This is an incomplete fix as the whole transaction is still set up with
the unsigned repodata and other issues surely exist. The real fix is
signing $ARCH-repodata.
This fixes the following case:
- A-1.0_1 is installed and owns bin/foo.
- A-1.1_1 is in the transaction and depends on B-1.0_1 that owns bin/foo.
- B-1.0_1 is in the transaction and replaces A<1.1_1.
- A-1.1_1 in the transaction now has "skip-obsoletes".
- A is updated to 1.1_1, its metadata file (<pkgname>-files.plist) wasn't removed.
Added two new test cases to verify moving files from/to a dependency.
Unpacking those symlinks is so cheap that there's no point in wasting
resources just to check if those have been modified, just unpack them
unconditionally.
There's no need to internalize props.plist because there are no changes
compared to the pkg dictionary stored in the repo index, simply ignore it.
The code only cares for the files.plist to check for obsolete files.
