These files are generated at build time. Ignore in git.
Signed-off-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit fc756c3c70)
If the user replaces a directory with a symlink, libalpm would get
confused because the trailing slash causes system calls to resolve the
symlink. This leads to errors and a misleading message during upgrades.
Even though libalpm does not support this, it should not be giving
misleading errors.
Also adds an overflow check.
Fixes FS#51377
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
(cherry picked from commit 16b91f798f)
archive_read_extract() forces resolution of uid/gid to names
when extracting the tarball. This can lead to wrong file
ownership when using pacman with -r option and when uid/gid
differ in the host and in the chroot.
archive_read_extract2() uses uid's and gid's only. See also:
https://lists.archlinux.org/pipermail/pacman-dev/2017-March/021912.html
Signed-off-by: Armin K <krejzi@email.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 86f5c74694)
This disables globbing, which should never be used in source URL
specifications as it would lead to mismatches in the checksum mapping
and un-checked sources.
(cherry picked from commit e7fc560866)
In order for the scripts to be used in testsuites, it is easiest to generate
all of them so they are found in the build directory (which may be different
to the source directory).
Signed-off-by: Alad Wenter <alad@archlinux.info>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit aca153bfa6)
This should make pacman's behavior consistent with GNU coreutils df,
as well as follow advice from affected filesystems' devs as well as
`man statvfs`.
This fixes FS#37402
Signed-off-by: Martin Kühne <mysatyre@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 8c55c0096c)
makepkg-wrapper did not get rebuilt if makepkg was regenerated due to library
changes. Ensure makepkg-wrapper is always generated and linked any time
makepkg changes.
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit ad27aa30fb)
This fixes the issue with --printsrcinfo that all arch specific variants
of a variable get merged into their non arch specific variant.
The .SRCINFO file ends up having $depends containing $depends_x86_64
and omitting the latter.
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 3190b87b65)
Add missing newline in paclog-pkglist help output
Signed-off-by: Alastair Hughes <hobbitalastair@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 45b6a3074a)
Making it size_t matches the return value of alpm_list_count() and
avoids the implicit cast to int.
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 6a5156eedc)
Since the number of packages is not used anywhere, just return a
boolean to avoid the implicit cast from size_t to int in be_local.c.
Use 0 as success to be consistent with db_validate.
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 85171807c1)
Recent gcc (tested with 6.2.1) produces the following error when
compiling with both --enable-warningflags and --enable-debug.
In particular, it seems it is the combination of GCC_STACK_PROTECT_LIB
and -Wstrict-overflow=5 produces the error.
be_local.c:609:4: error: assuming signed overflow does not occur
when simplifying conditional
[-Werror=strict-overflow]
if(count > 0) {
Fix this by changing the type of count from int to size_t, which is
fine since count is never negative.
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 34f3f1e7a6)
Also add pactest which captures this leak when run under valgrind.
Reported-by: Sergey Petrenko
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit fac4831a09)
We weren't supplying the rpl_malloc function needed if this failed, and
didn't check for realloc, so just remove.
Signed-off-by: Alastair Hughes <hobbitalastair@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 1dbfef7b1c)
Add a space between the option and its argument. Also, do not enclose
the argument in asterisk characters.
Fixes a typo introduced in aa4c61f (Document database checking options,
2014-12-28).
Reported-by: Luca Weiss <luca.emanuel.weiss@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 1e2b398406)
`makepkg -g` looks for existing checksums in the PKGBUILD file, so that
it can generate new sums of the same type. Previously it only checked
variables of the form "sha256sums", and not "sha256sums_x86_64". That
meant it would always fall back to MD5 for packages with only
architecture-specific sources. This change makes it look at
architecture-specific checksums too to determine the type.
Signed-off-by: Jack O'Connor <oconnor663@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 56de155296)
[andrew@archlinux.org: patch adapted to makepkg.sh.in]
It was reported being --with-libcurl in the help (and the check for libcurl
being installed used $with_libcurl accordingly), but the option handling was set
using $with_curl and, therefore, expected option --with-curl.
In the end, --with-libcurl wasn't recognized, and --with-curl had no effect.
Signed-off-by: Olivier Brunel <jjk@jjacky.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 56ae960376)
macOS < 10.10 do not provide fstatat. We were constructing the full
path to the hook file for all other operations anyway, so there was no
real benefit to using fstatat.
Fixes FS#49771
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit be1ffedaf6)
The width of wchar_t is allowed to be of the same width as long,
according to standards. The return type of mbscasecmp is int though.
On amd64 with a 32 bit int, this means that mbscasecmp can return
zero (indicating that strings are equal) even though the input
strings differ.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit af83a58574)
If signature files are larger than SIZE_MAX, not enough memory could
be allocated for this file. The script repo-add rejects files which
are larger than 16384 bytes, therefore handle these as errors here,
too.
While at it, I also rearranged the code to avoid a quite harmless
TOCTOU race condition between stat() and fopen().
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 5fcd60e264)
Some resources (memory or file descriptors) are not released on all
error paths.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 681509fd44)
In out of memory conditions, an undefined error value is written
into *err, because myerr is never explicitly set in these cases.
I have also converted a calloc into a MALLOC call, because the memory
will be properly filled by the snprintf call right after it.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 80d97fcf75)
Cyclic dependencies (A depends on B, B depends on A) were not selected
because neither package could be removed individually, so
can_remove_package would always return false for both. By preselecting
all dependencies then filtering back out any dependencies still required
by any packages that will not be uninstalled, groups of unneeded cyclic
dependencies can be found.
Fixes FS#41031
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 6ac2ee21b3)
The value EAGAIN is allowed by POSIX to be the same as EWOULDBLOCK, but this is
not guaranteed. Thus on some systems (e.g. glibc Linux), we get a warning that
the logical OR is being performed on two expressions of the same type. We can
not get rid of this test in case any system defines these as unique values.
Suggested-by: Dave Reisner
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 3729ef7a9a)
GCC-6 points out that the value we use for the sentinal in enums is actually
too large for the integer type. Reduce the bitshift by one to fix this.
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 5b9bc6024c)
Fixes FS#47992
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 02731189f1)
Checking install status and if a package is optionally required on removal
now considers the version of the optdepend.
Fixes FS#44957.
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 3da06c3519)
The current way of extracting key trust from output of gpg --verify is not very
robust against changes in the format of said output. As a result, pacman-key
can return an error even if the signature is actuall good.
This change relaxes the regexp when parsing output of gpg.
Signed-off-by: Leonid Isaev <leonid.isaev@jila.colorado.edu>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 892a1076c0)
When checking .INSTALL and .CHANGELOG files in the mtree file, we need to find
the path they are stored in the local database. This was appending the root
prefix twice as alpm_option_get_dbpath already returns the absolute path to
the database.
While fixing that issue I added checks that the paths for the database files
were not longer than PATH_MAX.
Fixes FS#48563.
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 2ee1706a72)
Using "-exec command {} +" systax exits on any error. Such errors occur when
running rmdir on a non-empty directory. Switch to "{} ;" syntax instead which
avoids exiting before the find command is completed.
Fixes FS#48515.
Note, we can not use "-empty" in the find command because it is not supported
by Busybox find, and the "--ignore-fail-on-non-empty" flag for rmdir is not
available on BSD rmdir variants.
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit baf1ff64e6)
This happened to work for the majority of cases because the only calling
function used a variable named "i" that was related to the variable being
passed to the function.
Fixes FS#48340.
Signed-off-by: Allan McRae <allan@archlinux.org>
