search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
makepkg: prevent issues with files starting with a hyphen
[pacman-ng.git] / lib / libalpm / be_package.c
bloba33a591acae0bfee5e474a64600ee343d71e499d
1 /*
2 * be_package.c : backend for packages
3 *
4 * Copyright (c) 2006-2012 Pacman Development Team <pacman-dev@archlinux.org>
5 * Copyright (c) 2002-2006 by Judd Vinet <jvinet@zeroflux.org>
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include <stdlib.h>
22 #include <string.h>
23 #include <errno.h>
24 #include <sys/types.h>
25 #include <sys/stat.h>
26 #include <fcntl.h>
27
28 /* libarchive */
29 #include <archive.h>
30 #include <archive_entry.h>
31
32 /* libalpm */
33 #include "alpm_list.h"
34 #include "alpm.h"
35 #include "util.h"
36 #include "log.h"
37 #include "handle.h"
38 #include "package.h"
39 #include "deps.h"
40
41 struct package_changelog {
42 struct archive *archive;
43 int fd;
44 };
45
46 /**
47 * Open a package changelog for reading. Similar to fopen in functionality,
48 * except that the returned 'file stream' is from an archive.
49 * @param pkg the package (file) to read the changelog
50 * @return a 'file stream' to the package changelog
51 */
52 static void *_package_changelog_open(alpm_pkg_t *pkg)
53 {
54 ASSERT(pkg != NULL, return NULL);
55
56 struct package_changelog *changelog;
57 struct archive *archive;
58 struct archive_entry *entry;
59 const char *pkgfile = pkg->origin_data.file;
60 struct stat buf;
61 int fd;
62
63 fd = _alpm_open_archive(pkg->handle, pkgfile, &buf,
64 &archive, ALPM_ERR_PKG_OPEN);
65 if(fd < 0) {
66 return NULL;
67 }
68
69 while(archive_read_next_header(archive, &entry) == ARCHIVE_OK) {
70 const char *entry_name = archive_entry_pathname(entry);
71
72 if(strcmp(entry_name, ".CHANGELOG") == 0) {
73 changelog = malloc(sizeof(struct package_changelog));
74 if(!changelog) {
75 pkg->handle->pm_errno = ALPM_ERR_MEMORY;
76 archive_read_finish(archive);
77 CLOSE(fd);
78 return NULL;
79 }
80 changelog->archive = archive;
81 changelog->fd = fd;
82 return changelog;
83 }
84 }
85 /* we didn't find a changelog */
86 archive_read_finish(archive);
87 CLOSE(fd);
88 errno = ENOENT;
89
90 return NULL;
91 }
92
93 /**
94 * Read data from an open changelog 'file stream'. Similar to fread in
95 * functionality, this function takes a buffer and amount of data to read.
96 * @param ptr a buffer to fill with raw changelog data
97 * @param size the size of the buffer
98 * @param pkg the package that the changelog is being read from
99 * @param fp a 'file stream' to the package changelog
100 * @return the number of characters read, or 0 if there is no more data
101 */
102 static size_t _package_changelog_read(void *ptr, size_t size,
103 const alpm_pkg_t UNUSED *pkg, void *fp)
104 {
105 struct package_changelog *changelog = fp;
106 ssize_t sret = archive_read_data(changelog->archive, ptr, size);
107 /* Report error (negative values) */
108 if(sret < 0) {
109 RET_ERR(pkg->handle, ALPM_ERR_LIBARCHIVE, 0);
110 } else {
111 return (size_t)sret;
112 }
113 }
114
115 /**
116 * Close a package changelog for reading. Similar to fclose in functionality,
117 * except that the 'file stream' is from an archive.
118 * @param pkg the package (file) that the changelog was read from
119 * @param fp a 'file stream' to the package changelog
120 * @return whether closing the package changelog stream was successful
121 */
122 static int _package_changelog_close(const alpm_pkg_t UNUSED *pkg, void *fp)
123 {
124 int ret;
125 struct package_changelog *changelog = fp;
126 ret = archive_read_finish(changelog->archive);
127 CLOSE(changelog->fd);
128 free(changelog);
129 return ret;
130 }
131
132 /** Package file operations struct accessor. We implement this as a method
133 * rather than a static struct as in be_files because we want to reuse the
134 * majority of the default_pkg_ops struct and add only a few operations of
135 * our own on top.
136 */
137 static struct pkg_operations *get_file_pkg_ops(void)
138 {
139 static struct pkg_operations file_pkg_ops;
140 static int file_pkg_ops_initialized = 0;
141 if(!file_pkg_ops_initialized) {
142 file_pkg_ops = default_pkg_ops;
143 file_pkg_ops.changelog_open = _package_changelog_open;
144 file_pkg_ops.changelog_read = _package_changelog_read;
145 file_pkg_ops.changelog_close = _package_changelog_close;
146 file_pkg_ops_initialized = 1;
147 }
148 return &file_pkg_ops;
149 }
150
151 /**
152 * Parses the package description file for a package into a alpm_pkg_t struct.
153 * @param archive the archive to read from, pointed at the .PKGINFO entry
154 * @param newpkg an empty alpm_pkg_t struct to fill with package info
155 *
156 * @return 0 on success, -1 on error
157 */
158 static int parse_descfile(alpm_handle_t *handle, struct archive *a, alpm_pkg_t *newpkg)
159 {
160 char *ptr = NULL;
161 char *key = NULL;
162 int ret, linenum = 0;
163 struct archive_read_buffer buf;
164
165 memset(&buf, 0, sizeof(buf));
166 /* 512K for a line length seems reasonable */
167 buf.max_line_size = 512 * 1024;
168
169 /* loop until we reach EOF or other error */
170 while((ret = _alpm_archive_fgets(a, &buf)) == ARCHIVE_OK) {
171 size_t len = _alpm_strip_newline(buf.line);
172
173 linenum++;
174 key = buf.line;
175 if(len == 0 || key[0] == '#') {
176 continue;
177 }
178 /* line is always in this format: "key = value"
179 * we can be sure the " = " exists, so look for that */
180 ptr = memchr(key, ' ', len);
181 if(!ptr || (size_t)(ptr - key + 2) > len || memcmp(ptr, " = ", 3) != 0) {
182 _alpm_log(handle, ALPM_LOG_DEBUG,
183 "%s: syntax error in description file line %d\n",
184 newpkg->name ? newpkg->name : "error", linenum);
185 } else {
186 /* NULL the end of the key portion, move ptr to start of value */
187 *ptr = '\0';
188 ptr += 3;
189 if(strcmp(key, "pkgname") == 0) {
190 STRDUP(newpkg->name, ptr, return -1);
191 newpkg->name_hash = _alpm_hash_sdbm(newpkg->name);
192 } else if(strcmp(key, "pkgbase") == 0) {
193 /* not used atm */
194 } else if(strcmp(key, "pkgver") == 0) {
195 STRDUP(newpkg->version, ptr, return -1);
196 } else if(strcmp(key, "pkgdesc") == 0) {
197 STRDUP(newpkg->desc, ptr, return -1);
198 } else if(strcmp(key, "group") == 0) {
199 newpkg->groups = alpm_list_add(newpkg->groups, strdup(ptr));
200 } else if(strcmp(key, "url") == 0) {
201 STRDUP(newpkg->url, ptr, return -1);
202 } else if(strcmp(key, "license") == 0) {
203 newpkg->licenses = alpm_list_add(newpkg->licenses, strdup(ptr));
204 } else if(strcmp(key, "builddate") == 0) {
205 newpkg->builddate = _alpm_parsedate(ptr);
206 } else if(strcmp(key, "packager") == 0) {
207 STRDUP(newpkg->packager, ptr, return -1);
208 } else if(strcmp(key, "arch") == 0) {
209 STRDUP(newpkg->arch, ptr, return -1);
210 } else if(strcmp(key, "size") == 0) {
211 /* size in the raw package is uncompressed (installed) size */
212 newpkg->isize = _alpm_strtoofft(ptr);
213 } else if(strcmp(key, "depend") == 0) {
214 alpm_depend_t *dep = _alpm_splitdep(ptr);
215 newpkg->depends = alpm_list_add(newpkg->depends, dep);
216 } else if(strcmp(key, "optdepend") == 0) {
217 alpm_depend_t *optdep = _alpm_splitdep(ptr);
218 newpkg->optdepends = alpm_list_add(newpkg->optdepends, optdep);
219 } else if(strcmp(key, "conflict") == 0) {
220 alpm_depend_t *conflict = _alpm_splitdep(ptr);
221 newpkg->conflicts = alpm_list_add(newpkg->conflicts, conflict);
222 } else if(strcmp(key, "replaces") == 0) {
223 alpm_depend_t *replace = _alpm_splitdep(ptr);
224 newpkg->replaces = alpm_list_add(newpkg->replaces, replace);
225 } else if(strcmp(key, "provides") == 0) {
226 alpm_depend_t *provide = _alpm_splitdep(ptr);
227 newpkg->provides = alpm_list_add(newpkg->provides, provide);
228 } else if(strcmp(key, "backup") == 0) {
229 alpm_backup_t *backup;
230 CALLOC(backup, 1, sizeof(alpm_backup_t), return -1);
231 STRDUP(backup->name, ptr, return -1);
232 newpkg->backup = alpm_list_add(newpkg->backup, backup);
233 } else if(strcmp(key, "force") == 0) {
234 /* deprecated, skip it */
235 } else if(strcmp(key, "makepkgopt") == 0) {
236 /* not used atm */
237 } else {
238 _alpm_log(handle, ALPM_LOG_DEBUG, "%s: unknown key '%s' in description file line %d\n",
239 newpkg->name ? newpkg->name : "error", key, linenum);
240 }
241 }
242 }
243 if(ret != ARCHIVE_EOF) {
244 _alpm_log(handle, ALPM_LOG_DEBUG, "error parsing package descfile\n");
245 return -1;
246 }
247
248 return 0;
249 }
250
251 static void files_merge(alpm_file_t a[], alpm_file_t b[], alpm_file_t c[],
252 size_t m, size_t n)
253 {
254 size_t i = 0, j = 0, k = 0;
255 while(i < m && j < n) {
256 if(strcmp(a[i].name, b[j].name) < 0) {
257 c[k++] = a[i++];
258 } else {
259 c[k++] = b[j++];
260 }
261 }
262 while(i < m) {
263 c[k++] = a[i++];
264 }
265 while(j < n) {
266 c[k++] = b[j++];
267 }
268 }
269
270 static alpm_file_t *files_msort(alpm_file_t *files, size_t n)
271 {
272 alpm_file_t *work;
273 size_t blocksize = 1;
274
275 CALLOC(work, n, sizeof(alpm_file_t), return NULL);
276
277 for(blocksize = 1; blocksize < n; blocksize *= 2) {
278 size_t i, max_extent = 0;
279 for(i = 0; i < n - blocksize; i += 2 * blocksize) {
280 /* this limits our actual merge to the length of the array, since we will
281 * not likely be a perfect power of two. */
282 size_t right_blocksize = blocksize;
283 if(i + blocksize * 2 > n) {
284 right_blocksize = n - i - blocksize;
285 }
286 files_merge(files + i, files + i + blocksize, work + i,
287 blocksize, right_blocksize);
288 max_extent = i + blocksize + right_blocksize;
289 }
290 /* ensure we only copy what we actually touched on this merge pass,
291 * no more, no less */
292 memcpy(files, work, max_extent * sizeof(alpm_file_t));
293 }
294 free(work);
295 return files;
296 }
297
298 /**
299 * Validate a package.
300 * @param handle the context handle
301 * @param pkgfile path to the package file
302 * @param syncpkg package object to load verification data from (md5sum,
303 * sha256sum, and/or base64 signature)
304 * @param level the required level of signature verification
305 * @param sigdata signature data from the package to pass back
306 * @param validation successful validations performed on the package file
307 * @return 0 if package is fully valid, -1 and pm_errno otherwise
308 */
309 int _alpm_pkg_validate_internal(alpm_handle_t *handle,
310 const char *pkgfile, alpm_pkg_t *syncpkg, alpm_siglevel_t level,
311 alpm_siglist_t **sigdata, alpm_pkgvalidation_t *validation)
312 {
313 int has_sig;
314 handle->pm_errno = 0;
315
316 if(pkgfile == NULL || strlen(pkgfile) == 0) {
317 RET_ERR(handle, ALPM_ERR_WRONG_ARGS, -1);
318 }
319
320 /* attempt to access the package file, ensure it exists */
321 if(_alpm_access(handle, NULL, pkgfile, R_OK) != 0) {
322 RET_ERR(handle, ALPM_ERR_PKG_NOT_FOUND, -1);
323 }
324
325 /* can we get away with skipping checksums? */
326 has_sig = 0;
327 if(level & ALPM_SIG_PACKAGE) {
328 if(syncpkg && syncpkg->base64_sig) {
329 has_sig = 1;
330 } else {
331 char *sigpath = _alpm_sigpath(handle, pkgfile);
332 if(sigpath && !_alpm_access(handle, NULL, sigpath, R_OK)) {
333 has_sig = 1;
334 }
335 free(sigpath);
336 }
337 }
338
339 if(syncpkg && !has_sig) {
340 if(syncpkg->md5sum && !syncpkg->sha256sum) {
341 _alpm_log(handle, ALPM_LOG_DEBUG, "md5sum: %s\n", syncpkg->md5sum);
342 _alpm_log(handle, ALPM_LOG_DEBUG, "checking md5sum for %s\n", pkgfile);
343 if(_alpm_test_checksum(pkgfile, syncpkg->md5sum, ALPM_PKG_VALIDATION_MD5SUM) != 0) {
344 RET_ERR(handle, ALPM_ERR_PKG_INVALID_CHECKSUM, -1);
345 }
346 if(validation) {
347 *validation |= ALPM_PKG_VALIDATION_MD5SUM;
348 }
349 }
350
351 if(syncpkg->sha256sum) {
352 _alpm_log(handle, ALPM_LOG_DEBUG, "sha256sum: %s\n", syncpkg->sha256sum);
353 _alpm_log(handle, ALPM_LOG_DEBUG, "checking sha256sum for %s\n", pkgfile);
354 if(_alpm_test_checksum(pkgfile, syncpkg->sha256sum, ALPM_PKG_VALIDATION_SHA256SUM) != 0) {
355 RET_ERR(handle, ALPM_ERR_PKG_INVALID_CHECKSUM, -1);
356 }
357 if(validation) {
358 *validation |= ALPM_PKG_VALIDATION_SHA256SUM;
359 }
360 }
361 }
362
363 /* even if we don't have a sig, run the check code if level tells us to */
364 if(has_sig || level & ALPM_SIG_PACKAGE) {
365 const char *sig = syncpkg ? syncpkg->base64_sig : NULL;
366 _alpm_log(handle, ALPM_LOG_DEBUG, "sig data: %s\n", sig ? sig : "<from .sig>");
367 if(_alpm_check_pgp_helper(handle, pkgfile, sig,
368 level & ALPM_SIG_PACKAGE_OPTIONAL, level & ALPM_SIG_PACKAGE_MARGINAL_OK,
369 level & ALPM_SIG_PACKAGE_UNKNOWN_OK, sigdata)) {
370 handle->pm_errno = ALPM_ERR_PKG_INVALID_SIG;
371 return -1;
372 }
373 if(validation && has_sig) {
374 *validation |= ALPM_PKG_VALIDATION_SIGNATURE;
375 }
376 }
377
378 if (validation && !*validation) {
379 *validation = ALPM_PKG_VALIDATION_NONE;
380 }
381
382 return 0;
383 }
384
385 /**
386 * Load a package and create the corresponding alpm_pkg_t struct.
387 * @param handle the context handle
388 * @param pkgfile path to the package file
389 * @param full whether to stop the load after metadata is read or continue
390 * through the full archive
391 */
392 alpm_pkg_t *_alpm_pkg_load_internal(alpm_handle_t *handle,
393 const char *pkgfile, int full)
394 {
395 int ret, fd, config = 0;
396 struct archive *archive;
397 struct archive_entry *entry;
398 alpm_pkg_t *newpkg;
399 struct stat st;
400 size_t files_size = 0;
401
402 if(pkgfile == NULL || strlen(pkgfile) == 0) {
403 RET_ERR(handle, ALPM_ERR_WRONG_ARGS, NULL);
404 }
405
406 fd = _alpm_open_archive(handle, pkgfile, &st, &archive, ALPM_ERR_PKG_OPEN);
407 if(fd < 0) {
408 if(errno == ENOENT) {
409 handle->pm_errno = ALPM_ERR_PKG_NOT_FOUND;
410 }
411 return NULL;
412 }
413
414 newpkg = _alpm_pkg_new();
415 if(newpkg == NULL) {
416 handle->pm_errno = ALPM_ERR_MEMORY;
417 goto error;
418 }
419 STRDUP(newpkg->filename, pkgfile,
420 handle->pm_errno = ALPM_ERR_MEMORY; goto error);
421 newpkg->size = st.st_size;
422
423 _alpm_log(handle, ALPM_LOG_DEBUG, "starting package load for %s\n", pkgfile);
424
425 /* If full is false, only read through the archive until we find our needed
426 * metadata. If it is true, read through the entire archive, which serves
427 * as a verfication of integrity and allows us to create the filelist. */
428 while((ret = archive_read_next_header(archive, &entry)) == ARCHIVE_OK) {
429 const char *entry_name = archive_entry_pathname(entry);
430
431 if(strcmp(entry_name, ".PKGINFO") == 0) {
432 /* parse the info file */
433 if(parse_descfile(handle, archive, newpkg) != 0) {
434 _alpm_log(handle, ALPM_LOG_ERROR, _("could not parse package description file in %s\n"),
435 pkgfile);
436 goto pkg_invalid;
437 }
438 if(newpkg->name == NULL || strlen(newpkg->name) == 0) {
439 _alpm_log(handle, ALPM_LOG_ERROR, _("missing package name in %s\n"), pkgfile);
440 goto pkg_invalid;
441 }
442 if(newpkg->version == NULL || strlen(newpkg->version) == 0) {
443 _alpm_log(handle, ALPM_LOG_ERROR, _("missing package version in %s\n"), pkgfile);
444 goto pkg_invalid;
445 }
446 config = 1;
447 continue;
448 } else if(strcmp(entry_name, ".INSTALL") == 0) {
449 newpkg->scriptlet = 1;
450 } else if(*entry_name == '.') {
451 /* for now, ignore all files starting with '.' that haven't
452 * already been handled (for future possibilities) */
453 } else if(full) {
454 const size_t files_count = newpkg->files.count;
455 alpm_file_t *current_file;
456 /* Keep track of all files for filelist generation */
457 if(files_count >= files_size) {
458 size_t old_size = files_size;
459 alpm_file_t *newfiles;
460 if(files_size == 0) {
461 files_size = 4;
462 } else {
463 files_size *= 2;
464 }
465 newfiles = realloc(newpkg->files.files,
466 sizeof(alpm_file_t) * files_size);
467 if(!newfiles) {
468 ALLOC_FAIL(sizeof(alpm_file_t) * files_size);
469 goto error;
470 }
471 /* ensure all new memory is zeroed out, in both the initial
472 * allocation and later reallocs */
473 memset(newfiles + old_size, 0,
474 sizeof(alpm_file_t) * (files_size - old_size));
475 newpkg->files.files = newfiles;
476 }
477 current_file = newpkg->files.files + files_count;
478 STRDUP(current_file->name, entry_name, goto error);
479 current_file->size = archive_entry_size(entry);
480 current_file->mode = archive_entry_mode(entry);
481 newpkg->files.count++;
482 }
483
484 if(archive_read_data_skip(archive)) {
485 _alpm_log(handle, ALPM_LOG_ERROR, _("error while reading package %s: %s\n"),
486 pkgfile, archive_error_string(archive));
487 handle->pm_errno = ALPM_ERR_LIBARCHIVE;
488 goto error;
489 }
490
491 /* if we are not doing a full read, see if we have all we need */
492 if(!full && config) {
493 break;
494 }
495 }
496
497 if(ret != ARCHIVE_EOF && ret != ARCHIVE_OK) { /* An error occured */
498 _alpm_log(handle, ALPM_LOG_ERROR, _("error while reading package %s: %s\n"),
499 pkgfile, archive_error_string(archive));
500 handle->pm_errno = ALPM_ERR_LIBARCHIVE;
501 goto error;
502 }
503
504 if(!config) {
505 _alpm_log(handle, ALPM_LOG_ERROR, _("missing package metadata in %s\n"), pkgfile);
506 goto pkg_invalid;
507 }
508
509 archive_read_finish(archive);
510 CLOSE(fd);
511
512 /* internal fields for package struct */
513 newpkg->origin = PKG_FROM_FILE;
514 newpkg->origin_data.file = strdup(pkgfile);
515 newpkg->ops = get_file_pkg_ops();
516 newpkg->handle = handle;
517 newpkg->infolevel = INFRQ_BASE | INFRQ_DESC | INFRQ_SCRIPTLET;
518 newpkg->validation = ALPM_PKG_VALIDATION_NONE;
519
520 if(full) {
521 if(newpkg->files.files) {
522 /* attempt to hand back any memory we don't need */
523 newpkg->files.files = realloc(newpkg->files.files,
524 sizeof(alpm_file_t) * newpkg->files.count);
525 /* "checking for conflicts" requires a sorted list, ensure that here */
526 _alpm_log(handle, ALPM_LOG_DEBUG,
527 "sorting package filelist for %s\n", pkgfile);
528 newpkg->files.files = files_msort(newpkg->files.files,
529 newpkg->files.count);
530 }
531 newpkg->infolevel |= INFRQ_FILES;
532 }
533
534 return newpkg;
535
536 pkg_invalid:
537 handle->pm_errno = ALPM_ERR_PKG_INVALID;
538 error:
539 _alpm_pkg_free(newpkg);
540 archive_read_finish(archive);
541 if(fd >= 0) {
542 CLOSE(fd);
543 }
544
545 return NULL;
546 }
547
548 int SYMEXPORT alpm_pkg_load(alpm_handle_t *handle, const char *filename, int full,
549 alpm_siglevel_t level, alpm_pkg_t **pkg)
550 {
551 alpm_pkgvalidation_t validation = 0;
552
553 CHECK_HANDLE(handle, return -1);
554 ASSERT(pkg != NULL, RET_ERR(handle, ALPM_ERR_WRONG_ARGS, -1));
555
556 if(_alpm_pkg_validate_internal(handle, filename, NULL, level, NULL,
557 &validation) == -1) {
558 /* pm_errno is set by pkg_validate */
559 return -1;
560 }
561 *pkg = _alpm_pkg_load_internal(handle, filename, full);
562 if(*pkg == NULL) {
563 /* pm_errno is set by pkg_load */
564 return -1;
565 }
566 (*pkg)->validation = validation;
567
568 return 0;
569 }
570
571 /* vim: set ts=2 sw=2 noet: */
ngaba's pacman repo