[med-svn] [Git][med-team/conda-package-handling][upstream] New upstream version 1.7.0
Andreas Tille
gitlab at salsa.debian.org
Mon Jun 22 10:49:57 BST 2020
Andreas Tille pushed to branch upstream at Debian Med / conda-package-handling
Commits:
fcf79bf4 by Andreas Tille at 2020-06-22T11:37:25+02:00
New upstream version 1.7.0
- - - - -
6 changed files:
- .travis.yml
- + news/fix_null_pointer
- src/conda_package_handling/_version.py
- src/conda_package_handling/archive_utils_c.c
- src/conda_package_handling/archive_utils_cy.pyx
- tests/test_api.py
Changes:
=====================================
.travis.yml
=====================================
@@ -2,26 +2,44 @@
dist: xenial
language: python
-python:
- - "2.7"
- - "3.7"
-
+matrix:
+ include:
+ - python: 2.7
+ - arch: amd64
+ python: 3.7
+ - arch: arm64
+ python: 3.7
+env:
+ global:
+ - SUDO=""
install:
- - wget https://repo.anaconda.com/pkgs/misc/conda-execs/conda-4.7.5-linux-64.exe -O conda.exe
- - chmod +x conda.exe
- - export CONDA_ALWAYS_YES=1
- - ./conda.exe create -p $HOME/miniconda python=$TRAVIS_PYTHON_VERSION conda conda-build pytest six pytest-cov pytest-mock
+ - if [[ "${TRAVIS_CPU_ARCH}" == "arm64" ]]; then
+ SUDO=sudo;
+ wget -q "https://github.com/Archiconda/build-tools/releases/download/0.2.3/Archiconda3-0.2.3-Linux-aarch64.sh" -O archiconda.sh;
+ chmod +x archiconda.sh;
+ export CONDA_ALWAYS_YES=1;
+ bash archiconda.sh -b -p $HOME/miniconda;
+ export PATH="$HOME/miniconda/bin:$PATH";
+ $SUDO cp -r $HOME/miniconda/bin/* /usr/bin/;
+ $SUDO conda install python=3.7 conda conda-build pytest six pytest-cov pytest-mock;
+ else
+ SUDO="";
+ wget https://repo.anaconda.com/pkgs/misc/conda-execs/conda-4.7.5-linux-64.exe -O conda.exe;
+ chmod +x conda.exe;
+ export CONDA_ALWAYS_YES=1;
+ ./conda.exe create -p $HOME/miniconda python=$TRAVIS_PYTHON_VERSION conda conda-build pytest six pytest-cov pytest-mock;
+ fi
- export PATH="$HOME/miniconda/bin:$PATH"
- hash -r
- if [[ "$TRAVIS_PYTHON_VERSION" == "2.7" ]]; then
conda install futures;
fi
- - conda build conda.recipe --no-test
- - conda install --use-local conda-package-handling
- - conda info -a
+ - $SUDO conda build conda.recipe --no-test
+ - $SUDO conda install --use-local conda-package-handling
+ - $SUDO conda info -a
script:
# rebuilding the recipe with our new CPH installed tests it a bit deeper than the test suite.
- - conda build conda.recipe
+ - $SUDO conda build conda.recipe
- pytest -v --color=yes --cov=conda_package_handling tests
after_success:
- conda install codecov
=====================================
news/fix_null_pointer
=====================================
@@ -0,0 +1,4 @@
+Bug fixes:
+----------
+
+* Avoid segfaulting on incomplete archives
=====================================
src/conda_package_handling/_version.py
=====================================
@@ -23,9 +23,9 @@ def get_keywords():
# setup.py/versioneer.py will grep for the variable names, so they must
# each be defined on a line of their own. _version.py will just call
# get_keywords().
- git_refnames = " (tag: 1.6.0)"
- git_full = "5b7dbf7bba75c1bb95be058d9c5a60bf85aebb47"
- git_date = "2019-09-20 15:30:59 -0500"
+ git_refnames = " (HEAD -> master, tag: 1.7.0, tag: 1.6.1)"
+ git_full = "7c4a4717a6d3a15fd41058d8864df2a750b20322"
+ git_date = "2020-05-06 10:49:55 +0200"
keywords = {"refnames": git_refnames, "full": git_full, "date": git_date}
return keywords
=====================================
src/conda_package_handling/archive_utils_c.c
=====================================
@@ -10,6 +10,13 @@
#define O_BINARY 0
#endif
+const char * checked_strdup(const char * err) {
+ if (err == NULL) {
+ return NULL;
+ }
+ return strdup(err);
+}
+
struct archive * prepare_gnutar_archive(
const char *outname, const char *filtername, const char *opts, const char **err_str)
{
@@ -22,25 +29,25 @@ struct archive * prepare_gnutar_archive(
return a;
}
if (archive_write_set_format_gnutar(a) < ARCHIVE_OK) {
- *err_str = archive_error_string(a);
+ *err_str = checked_strdup(archive_error_string(a));
archive_write_close(a);
archive_write_free(a);
return NULL;
}
if (archive_write_add_filter_by_name(a, filtername) < ARCHIVE_OK) {
- *err_str = archive_error_string(a);
+ *err_str = checked_strdup(archive_error_string(a));
archive_write_close(a);
archive_write_free(a);
return NULL;
}
if (archive_write_set_options(a, opts) < ARCHIVE_OK) {
- *err_str = archive_error_string(a);
+ *err_str = checked_strdup(archive_error_string(a));
archive_write_close(a);
archive_write_free(a);
return NULL;
}
if (archive_write_open_filename(a, outname) < ARCHIVE_OK) {
- *err_str = archive_error_string(a);
+ *err_str = checked_strdup(archive_error_string(a));
archive_write_close(a);
archive_write_free(a);
return NULL;
@@ -78,23 +85,23 @@ static int add_file(
return 1;
}
if (archive_read_disk_set_behavior(disk, flags) < ARCHIVE_OK) {
- *err_str = archive_error_string(disk);
+ *err_str = checked_strdup(archive_error_string(disk));
return 1;
}
if (archive_read_disk_open(disk, filename) < ARCHIVE_OK) {
- *err_str = archive_error_string(disk);
+ *err_str = checked_strdup(archive_error_string(disk));
return 1;
}
if (archive_read_next_header2(disk, entry) < ARCHIVE_OK) {
- *err_str = archive_error_string(disk);
+ *err_str = checked_strdup(archive_error_string(disk));
return 1;
}
if (archive_read_disk_descend(disk) < ARCHIVE_OK) {
- *err_str = archive_error_string(disk);
+ *err_str = checked_strdup(archive_error_string(disk));
return 1;
}
if (archive_write_header(a, entry) < ARCHIVE_OK) {
- *err_str = archive_error_string(a);
+ *err_str = checked_strdup(archive_error_string(a));
return 1;
}
fd = open(filename, O_RDONLY | O_BINARY);
@@ -105,7 +112,7 @@ static int add_file(
}
close(fd);
if (archive_write_finish_entry(a) < ARCHIVE_OK) {
- *err_str = archive_error_string(a);
+ *err_str = checked_strdup(archive_error_string(a));
return 1;
}
archive_read_close(disk);
@@ -127,7 +134,7 @@ static int copy_data(struct archive *ar, struct archive *aw)
return (ARCHIVE_OK);
if (r < ARCHIVE_OK)
return (r);
- r = archive_write_data_block(aw, buff, size, offset);
+ r = archive_write_data_block(aw, buff, size, (int)offset);
if (r < ARCHIVE_OK) {
return (r);
}
@@ -142,7 +149,7 @@ static int extract_file_c(const char *filename, const char **err_str) {
int r;
if (!err_str) {
- return NULL;
+ return 0;
}
/* attributes we want to restore. */
flags = ARCHIVE_EXTRACT_TIME;
@@ -160,7 +167,7 @@ static int extract_file_c(const char *filename, const char **err_str) {
archive_write_disk_set_options(ext, flags);
archive_write_disk_set_standard_lookup(ext);
if ((r = archive_read_open_filename(a, filename, 10240))) {
- *err_str = archive_error_string(a);
+ *err_str = checked_strdup(archive_error_string(a));
return 1;
}
for (;;) {
@@ -168,24 +175,27 @@ static int extract_file_c(const char *filename, const char **err_str) {
if (r == ARCHIVE_EOF)
break;
if (r < ARCHIVE_WARN) {
- *err_str = archive_error_string(a);
+ *err_str = checked_strdup(archive_error_string(a));
return 1;
}
r = archive_write_header(ext, entry);
if (r < ARCHIVE_OK) {
- *err_str = archive_error_string(ext);
+ *err_str = checked_strdup(archive_error_string(ext));
return 1;
}
else if (archive_entry_size(entry) > 0) {
r = copy_data(a, ext);
if (r < ARCHIVE_WARN) {
- *err_str = archive_error_string(ext);
+ *err_str = checked_strdup(archive_error_string(ext));
+ if (*err_str == NULL) {
+ *err_str = checked_strdup(archive_error_string(a));
+ }
return 1;
}
}
r = archive_write_finish_entry(ext);
if (r < ARCHIVE_WARN) {
- *err_str = archive_error_string(ext);
+ *err_str = checked_strdup(archive_error_string(ext));
return 1;
}
}
=====================================
src/conda_package_handling/archive_utils_cy.pyx
=====================================
@@ -16,6 +16,7 @@ def extract_file(tarball):
cdef const char *err_str = NULL
result = extract_file_c(tarball, &err_str)
if result:
+ assert err_str != NULL
return 1, <bytes> err_str
return 0, b''
=====================================
tests/test_api.py
=====================================
@@ -183,7 +183,7 @@ def test_create_package_with_uncommon_conditions_captures_all_content(testing_wo
assert stat.st_nlink == 1
- at pytest.mark.skipif(datetime.now() <= datetime(2019, 12, 1), reason="Don't understand why this doesn't behave. Punt.")
+ at pytest.mark.skipif(datetime.now() <= datetime(2020, 12, 1), reason="Don't understand why this doesn't behave. Punt.")
def test_secure_refusal_to_extract_abs_paths(testing_workdir):
with tarfile.open('pinkie.tar.bz2', 'w:bz2') as tf:
open('thebrain', 'w').close()
View it on GitLab: https://salsa.debian.org/med-team/conda-package-handling/-/commit/fcf79bf43b435db20d2e0d5a73e1e33d22e881e5
--
View it on GitLab: https://salsa.debian.org/med-team/conda-package-handling/-/commit/fcf79bf43b435db20d2e0d5a73e1e33d22e881e5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-med-commit/attachments/20200622/1fad93d4/attachment-0001.html>
More information about the debian-med-commit
mailing list