Age | Commit message (Collapse) | Author |
|
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Use STRDUP() over strdup() to catch memory allocation errors.
There are still some instances of strdup left, but these are in functions
that currently have no error path and would require a larger rework.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
realloc can fail just like the other memory allocation functions. Add a
macro to simplify handling of realloc failures, similar to the already
existing MALLOC, CALLOC, etc.
Replace the existing realloc uses with the new macro, allowing us to
move tedious error handling to the macro. Also, in be_package and
be_sync, this fixes hypothetical memory leaks (and thereafter null
pointer dereferences) in case realloc fails to shrink the allocated
memory.
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
libalpm: move docs from .c files into alpm.h And fix/expand some
along the way.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This is guaranteed less error prone than calling memset and hoping the
human gets the argument order correct.
|
|
make update-copyright OLD=2018 NEW=2019
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
If poll() is interrupted by a signal, alpm was closing the socket it
uses for listening to script/hook output. This would drop script output
at the least and kill the script at the worst.
Fixes FS#60396
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Front-ends or libraries may set signals to be ignored, which gets
inherited across fork and exec. This can cause scripts to malfunction
if they expect the signal. To make matters worse, scripts written in
bash can't reset signals that were ignored when bash was started.
Fixes FS#56756
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Many of these are pointless (e.g. there is no need to explicitly turn on
spellchecking and language dictionaries for the manpages by default).
The only useful modelines are the ones enforcing the project coding
standards for indentation style (and "maybe" filetype/syntax, but
everything except the asciidoc manpages and makepkg.conf is already
autodetected), and indent style can be applied more easily with
.editorconfig
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
make update-copyright OLD=2017 NEW=201
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
|
|
If a scriptlet/hook dies at the wrong moment it can trigger SIGPIPE,
terminating the process. For pipes, there is no way to prevent SIGPIPE
other than ignoring it process-wide. This can have unintended
consequences in a multi-threaded process. Using send(2) with sockets,
however, allows ignoring SIGPIPE on a per-call basis, leaving other
threads able to make use of SIGPIPE.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Add a --with-nettle configure option that directs pacman to use the libnettle
hashing functions. Only one of the --with-libssl and --with-nettle configure
options can be specified.
[Allan: rewrote configure check]
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This was included due to use of PolarSSL's implementation for our internal
SHA2 support. As our internal checksum calculations are now removed, we
can also remove this unused code path.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The internal implementations for md5 and sha256 checksums have not been merged
from upstream sources for a long time. Instead of us carrying copies of code
from other projects, we should just support building against multiple libraries
that provide such functionality.
This patch removes the md5 and sha2 code (originally obtained from PolarSSL)
from our repository. The configure script will now error unless at least one
library supporting checksum generation is present, with the only library
currently supported being openssl. It will be relatively simple for other
such libraries (e.g. nettle) to be supported if anyone wishes to add them.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The value EAGAIN is allowed by POSIX to be the same as EWOULDBLOCK, but this is
not guaranteed. Thus on some systems (e.g. glibc Linux), we get a warning that
the logical OR is being performed on two expressions of the same type. We can
not get rid of this test in case any system defines these as unique values.
Suggested-by: Dave Reisner
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Commit e374e6829cea3512f0b4a4069c5a6168f0f8d8a0 closed stdin before
running scripts/hooks. This left the exec'd process with no file
descriptor 0. If the process subsequently opened a file it would be
assigned fd 0, and could potentially be confused for stdin. Connecting
and immediately closing the parent2child pipe ensures that the child has
an fd 0 and that it is empty.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
make update-copyright OLD=2015 NEW=2016
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Removes a leftover error message from when fdopen and fgets were used to
read from the pipe.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
If the script output does not end in a newline there could still be data
in the buffer after the poll loop.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
libalpm does not guarantee that script output will be presented to the
user or that stdin will be connected to a terminal. Close stdin so that
scripts do not attempt to use it for user interaction.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
|
|
It was allocating the required size rather than the calculated new size,
resulting in pathological incremental reallocations.
Signed-off-by: Daniel Micay <danielmicay@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The read() underlying fgets() can be interrupted by a signal handler
causing fgets() to return NULL. Before we started handling SIGWINCH,
the odds of interrupting a read were low and typically resulted in
termination anyway. Replace all fgets calls with a wrapper that retries
in EINTR.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
|
|
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
|
|
Instead of using two void* arguments for all events, we now send one
pointer to an alpm_event_t struct. This contains the type of event that
was triggered.
With this information, the pointer can then be typecasted to the
event-specific struct in order to get additional arguments.
Signed-off-by: Olivier Brunel <jjk@jjacky.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
These will be used in the following patches.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Forcing vim users to view files with a tabstop of 2 seems really
unnecessary when noet is set. I find it much easier to read code with
ts=4 and I dislike having to override the modeline by hand.
Command run:
find . -type f -exec sed -i '/vim.* noet/s# ts=2 sw=2##' {} +
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
When calling open(), use O_CLOEXEC as much as possible to ensure the
file descriptor is closed when and if a process using libalpm forks.
For most of these cases, and especially in utility functions, the file
descriptor is opened and closed in the same function, so we don't have
too much to worry about. However, for things like the log file and
database lock file, we should ensure descriptors aren't left hanging
around for children to touch.
This patch is inspired by the problem in FS#36161, where an open file
descriptor to the current working directory prevents chroot() from
working on FreeBSD. We don't need this file descriptor in the child
process, so open it (and now several others) with O_CLOEXEC.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
FreeBSD chroot(2) fails with EPERM when a directory file descriptor is open
with either `kern.chroot_allow_open_directories` being 0, or when the process
already is inside a chroot. This is exposed in alpm_run_chroot that uses
opendir() to open a file descriptor to the current directory before doing
the forking and chrooting. Since the file descriptor is not used in the
forked process, we close it.
Fixes FS#36161.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This commit:
-- replaces space-based indents with tabs per the coding standards
-- removes extraneous whitespace (e.g. extra spaces between function args)
-- adds missing braces for a one-line if statement
Signed-off-by: Jason St. John <jstjohn@purdue.edu>
|
|
Fixes FS#36618.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Using setlocale in the backend is bound to lead to frontend issues
and we have have been using epoch in our databases since April 2007
(commit 47622eef). Remove support for old style times.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
On operating systems we support, the behavior is always such that the
kernel will do the right thing as far as invalidating the file
descriptor, regardless of the eventual return value. Therefore,
potentially looping and calling close multiple times is wrong.
At best, we call close again on an invalid FD and throw a spurious EBADF
error. At worst, we might close an FD which doesn't belong to us when a
multi-threaded application opens its own file descriptor between
iterations of the loop.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
It is now possible to invert patterns in NoExtract and NoUpgrade.
This feature allows users to whitelist certain files that were
previously blacklisted by another entry.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
We shouldn't assume a frontend program didn't explicitly set the LC_TIME
setting to a value not in the environment, which is what we previously
assumed. Save the old locale before forcing the 'C' locale and restore
it when we are done.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
prefix defaults to "UNKOWN" if null or an empty string is provided.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The FHS (2.3) says having ldconfig in /sbin is optional and it is usually
located in /usr/sbin. So /sbin/ldconfig should not be hard coded in
pacman. Instead, provide a configure option --with-ldconfig that defaults
to the current path.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This reverts commit 4a8c2852a887d2b1aaa43be3071ab586eb24b9e3.
This reverts commit 993700bc6b12cd291544d2a22845f480e8a7925e.
This reverts commit bb4d2b72c1d35ab9d65d632be0dcaf00cfa7d600.
This reverts commit 60b192e3836a150eb6950ce52241efebbee00f11.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The ldconfig binary is not guaranteed to be in /sbin. Change to calling
just "ldconfig" rather than using the full path.
This removed the check that the ldconfig binary exists. However, it is
a reasonable assumption that it will exist if its configuration file
does.
Signed-off-by: Allan McRae <allan@archlinux.org>
|