[dpkg] 26/192: libdpkg: Handle files with non-zero sizes in c-tarextract test code

Ximin Luo infinity0 at debian.org
Tue Oct 17 11:03:53 UTC 2017 

This is an automated email from the git hooks/post-receive script.

infinity0 pushed a commit to branch pu/reproducible_builds
in repository dpkg.

commit 7c58bb402d7e57312f89efae4a9d811b9b29d11a
Author: Guillem Jover <guillem at debian.org>
Date:   Mon May 15 06:43:17 2017 +0200

    libdpkg: Handle files with non-zero sizes in c-tarextract test code
    
    The test suite only handles empty files, so it never had any problem
    with not skipping those objects. But when testing it on common data,
    and to make the code future-proof, we should just skip the file
    objects when parsing them.
---
 debian/changelog          |  1 +
 lib/dpkg/t/c-tarextract.c | 14 ++++++++++++++
 2 files changed, 15 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 53c4694..f7f22d9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -46,6 +46,7 @@ dpkg (1.18.24) UNRELEASED; urgency=medium
   * Test suite:
     - Add a test case for blank-indented patches which were the cause for
       CVE-2017-8283.
+    - Handle files with non-zero sizes in c-tarextract libdpkg test code.
 
   [ Updated programs translations ]
   * Catalan (Guillem Jover).
diff --git a/lib/dpkg/t/c-tarextract.c b/lib/dpkg/t/c-tarextract.c
index 4055565..4781c02 100644
--- a/lib/dpkg/t/c-tarextract.c
+++ b/lib/dpkg/t/c-tarextract.c
@@ -34,6 +34,7 @@
 
 #include <dpkg/ehandle.h>
 #include <dpkg/fdio.h>
+#include <dpkg/buffer.h>
 #include <dpkg/tarfn.h>
 
 struct tar_context {
@@ -49,6 +50,18 @@ tar_read(void *ctx, char *buffer, int size)
 }
 
 static int
+tar_object_skip(struct tar_context *tc, struct tar_entry *te)
+{
+	off_t size;
+
+	size = (te->size + TARBLKSZ - 1) / TARBLKSZ * TARBLKSZ;
+	if (size == 0)
+		return 0;
+
+	return fd_skip(tc->tar_fd, size, NULL);
+}
+
+static int
 tar_object(void *ctx, struct tar_entry *te)
 {
 	printf("%s mode=%o time=%ld.%.9d uid=%d gid=%d", te->name,
@@ -61,6 +74,7 @@ tar_object(void *ctx, struct tar_entry *te)
 	switch (te->type) {
 	case TAR_FILETYPE_FILE0:
 	case TAR_FILETYPE_FILE:
+		tar_object_skip(ctx, te);
 		printf(" type=file size=%jd", (intmax_t)te->size);
 		break;
 	case TAR_FILETYPE_HARDLINK:

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/reproducible/dpkg.git

More information about the Reproducible-commits mailing list