Age | Commit message (Collapse) | Author |
|
Use STRDUP() over strdup() to catch memory allocation errors.
There are still some instances of strdup left, but these are in functions
that currently have no error path and would require a larger rework.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
realloc can fail just like the other memory allocation functions. Add a
macro to simplify handling of realloc failures, similar to the already
existing MALLOC, CALLOC, etc.
Replace the existing realloc uses with the new macro, allowing us to
move tedious error handling to the macro. Also, in be_package and
be_sync, this fixes hypothetical memory leaks (and thereafter null
pointer dereferences) in case realloc fails to shrink the allocated
memory.
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Current code accidently uses noupgrade for the NoExtract directive.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Use ASCII control codes to hide cursor at the pacman start and then
show the cursor when pacman finishes.
It helps to avoid annoying blinking when progress bars are re-drawn.
Cursor is reenabled if pacman expects user's input.
Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Following the example of the recently added GOTO_ERR, adding the file and
line number in addition to the function name in our debug messages is
potentially useful.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This is a macro similar to RET_ERR but useful in the case when we need
to record an error and then jump to some cleanup section.
Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Since commit 2ee7a8d8, there is no cleanup needed in this function. Just
return instead of jumping to the cleanup label.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
'output' is a list of messages that pacman received but delayed printing
to avoid messing with UI.
Such functionality is useful for the upcoming multi-line progress bar
UI. Let's move it to a separate function.
Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
One reason why the function returns an error is some repo
does not have any servers.
Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Currently, download_files() creates payloads for all packages then
iterates over them, calling download_single_file. This can be
simplified by looping over packages and constructing the payload as needed.
Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
When pacman fails to satisfy deps, we might see output like the
following:
==> Making package: spiderfoot 3.0-1 (Thu 06 Feb 2020 12:45:10 PM CET)
==> Checking runtime dependencies...
==> Installing missing dependencies...
error: target not found: python-pygexf
==> ERROR: 'pacman' failed to install missing dependencies.
==> Missing dependencies:
-> python-dnspython
-> python-exifread
-> python-cherrypy
-> python-beautifulsoup4
-> python-netaddr
-> python-pysocks
-> python-ipwhois
-> python-ipaddress
-> python-phonenumbers
-> python-pypdf2
-> python-stem
-> python-whois
-> python-future
-> python-pyopenssl
-> python-docx
-> python-pptx
-> python-networkx
-> python-cryptography
-> python-secure
-> python-pygexf
-> python-adblockparser
==> Checking buildtime dependencies...
==> ERROR: Could not resolve all dependencies.
This is misleading -- the only truly missing package is python-pygexf,
but we fail to remove sync-able deps from our deplist and report
everything as if it were missing. Simply drop this extra reporting
because pacman already tells us exactly what couldn't be resolved.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Improve discoverability of the alpm-hooks man page by adding a pacman-hooks
symlink.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Current flow looks like
loop dbs_sync {
loop pkgs {
if pkg.db == db then process(pkg, db)
}
}
Package sync transaction always has a counterpart in the dbs_sync list
(I cannot come up with a use-case when it is not true). So the loop can
be simplified to:
loop pkgs {
process(pkg, pkg.db)
}
Tested: 'ninja test' & manually by using pacman with this patch for a
week
Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
libalpm: move docs from .c files into alpm.h And fix/expand some
along the way.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
It looks like this function has never actually worked. The current list
is never set to NULL after being freed. So the new deps were just
appended to the already freed list, leading to a segfault.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Checksums arrays should be filled with values provided by upstream. We
currently have md5 set as an unsecure default, and are constantly asked to
change it to sha2. However, just changing the default to a stronger checksum
gives the user the impression that "makepkg -g" checksums are perfect.
Instead, change the default checksum to a CRC, to make it clear that any
checksum generated purely by "makepkg -g" is not ideal.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Generating checksums with "makepkg -g" only determines that the user of a
PKGBUILD has the same file as the packager (assuming no collision). This
means an upstream source could be maliciously changed and passed on as valid
by a PKGBUILD. To avoid this, it is essential that any checksums used in
a PKGBUILD are as provided by upstream.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Commit e6a6d307 detected complete part files by comparing a payload's
max_size to initial_size. However, these values are also equal when we
use pacman -U on a URL as max_size is set to 0 in that case. Add a further
condition to avoid that.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Extracting function variables containing arbitrarily scoped variables of
arbitrary nature is a disaster, but let's at least cover the common case
of using the actual '$pkgname' in an install/changelog file. It's the
odd case of actually being basically justified use of disambiguating
between the same variable used in multiple different split packages...
and also, --printsrcinfo already uses and overwrites the variable
'pkgname' in pkgbuild_extract_to_srcinfo, so this "works" in .SRCINFO
but doesn't work in .src.tar.gz
It doesn't work in lint_pkgbuild either, but in that case the problem is
being too permissive, not too restrictive -- we might end up checking
the same file twice, and printing that it is missing twice.
Fixes FS#64932
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
We previously has the maximum database size as 25MB. This was set in the days
before repos had as many packages as they do now, and before we started
distributing files databases. Increase this limit to 128MB.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Many moons ago, libtool was bad - I mean worse than today! It gobbled all
--as-needed and we ended up with an overlinked libalpm. This was annoying,
particularly when dealing with soname bumps in libraries pacman/libalpm had
no business linking to. Luckily we had a fix, stolen from GNOME I believe.
And with that fix, we lived in harmony with libtool for many years. Until one
day, unbeknownst to us, libtool was "fixed". We kept applying our patch,
because it still applied, but it did worse than nothing. It gobbled up our
other LDFLAGS, and our libalpm started missing out on RELRO and BIND_NOW.
This made the Arch Security Team unhappy. We will make them happy again by
stopping the patch.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Running the testsuite using "PACTEST_VALGRIND=1 ninja test -C build", I ran
into the following failure:
161/332 smoke001.py TIMEOUT 30.02 s
I figure an i7 @ 3.10GHz should be enough to run our testsuite... so boost
the meson test timeout to 120 seconds (which should be enough time for
anyone...).
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
|
|
It's difficult to find it embedded inside a prose paragraph.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Currently, it could be misread to say that a fragment is literally
'commit', rather than 'commit=somehash'. Anecdotally this does not seem
to be obvious to everyone, and rewording it certainly doesn't hurt.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Forbid the AX_COMPARE_VERSION macro from being found in the output
configure script. If autoconf-archive is not installed when autoreconf
is run, the following error message is emitted:
configure.ac:231: error: possibly undefined macro: AX_COMPARE_VERSION
If this token and others are legitimate, please use m4_pattern_allow.
See the Autoconf documentation.
autoreconf: /usr/bin/autoconf failed with exit status: 1
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This is guaranteed less error prone than calling memset and hoping the
human gets the argument order correct.
|
|
This avoids a crash in filetarget_free() when regex support isn't
requested in files_search().
|
|
Signed-off-by: Ethan Sommer <e5ten.arch@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
When processing the targets for -Fx, compile all the regex ahead of
time, printing an error for each that failed to compile. Then, if they all
compiled successfully, continue with printing files.
Signed-off-by: morganamilo <morganamilo@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This value is needed for reproducible builds. The reason is because
$BUILDDIR changes its behavior depending on whether it is the same as
$startdir, and the result is that we cannot know whether $srcdir (the
path that is potentially embedded into the final package) is actually
"$BUILDDIR/src" or "$BUILDDIR/$pkgbase/src".
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The documentation of the return types of alpm_mtree_next was incorrect.
This extended into the relevant function in be_local.c.
Also, return explicit integer values, rather than the ARCHIVE_xxx values,
to avoid unnecessarily exposing frontends to libarchive internals (even
though it makes no functional difference).
Original-work-by: morganamilo <morganamilo@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
In autotools, if we wanted to run tests with valgrind, we used some Make
magic which passed arguments to pactest.py, but that doesn't work in
meson, because all arguments are encoded at configure time. Instead,
let's short-circuit the build runner logic entirely, and teach pactest
to default to running valgrind, when it detects an environment variable
set independent of the build system.
To run the tests with valgrind, we can now use:
PACTEST_VALGRIND=1 meson test -C builddir/
or
PACTEST_VALGRIND=1 make check
It is also possible, but confusing/inconsistent, to use
make check PY_LOG_FLAGS=--valgrind
We *could* add a meson option -Dvalgrind=true, but that is annoying to
reconfigure between test runs, and overall the consensus is it seems
simpler to opt in each time we want to run valgrind, as was already the
case.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
We now generate the scripts using their real name, install them using
meson's builtin facility instead of an install_script, and generate the
wrapper scripts in the root of the build directory, instead of a
subdirectory.
This gets us closer to resolving FS#64394.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
In commit 9c817b654996249b8022e189ee7e2692f4668431 we made these sources
extendable, and heuristically determined the correct extraction
functions to use. But our fallback for protos that didn't have an exact
extract_* function didn't take into account that 'extract_file' matches
an actual proto... so we passed the netfile in while the function
expected a file.
Solution: the function should expect a netfile too, thereby allowing us
to delay an attempted resolution of netfile -> file, to the one case
where it is actually used. This makes us slightly more efficient in the
non-file case, makes our functions a bit more consistent, and makes
file:// extraction work again.
Fixes FS#64648
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
|
|
Daniel T. Borelli <danieltborelli@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Also retire Dan into past major contributors.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
In rare cases, likely due to a well timed Ctrl+C, but possibly due to a
broken mirror, a ".part" file may have size at least that of the correct
package size.
When encountering this issue, currently pacman fails in different ways
depending on where the package falls in the list to download. If last,
"wrong or NULL argument passed" error is reported, or a "invalid or
corrupt package" issue if not.
Capture these .part files, and remove the extension. This lets pacman
either use the package if valid, or offer to remove it if it fails checksum
or signature verification.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
python-3.8 changed the default tar format to PAX_FORMAT. This caused
issues in our testsuite with package extraction of files with UTF-8
characters as we run the tests under the C locale.
sycn600.py:
error: error while reading package /tmp/pactest-xuhri4xa/var/cache/pacman/pkg/unicodechars-2.0-1.pkg.tar.gz: Pathname can't be converted from UTF-8 to current locale.
Set format back to GNU_FORMAT.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
We now store key structs of our missing key info, so can not search the list
for string matches. This caused missing keys to be downloaded once for every
package they signed.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Previously, pacman treated no matches and an error during search the
same.
To fix this, alpm_db_search now returns its status as an int and
instead takes the to be returned list as a param. Allowing front ends to
easily differentiate between errors and no matches.
Signed-off-by: morganamilo <morganamilo@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
We only ever use it as a bool, no need to pass a char* around.
Signed-off-by: morganamilo <morganamilo@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Redirect file to stdin so wc -c doesn't print a file name that needs to
be stripped.
Signed-off-by: Ethan Sommer <e5ten.arch@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Now that library/ is fully gone, we don't need this anymore.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
pkgdelta was the last user, and it is gone now.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This is a useless piece of information.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Reads PKGBUILD into an array and replaces the pkgver and pkgrel with
bash parameter substitution, then uses shell redirection to write to to
the file. Because shell redirection follows symlinks, this accomplishes
the same thing as the previous default of using the GNU-specific
--follow-symlinks sed flag.
Removes SEDPATH and SEDINPLACEFLAGS from the build systems as they are
not used elsewhere.
Signed-off-by: Ethan Sommer <e5ten.arch@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|