Bug#924478: gbp pq import regression: duplicates MIME-Version, Content-Type, Content-Transfer-Encoding as pseudo-header

Wed, 13 Mar 2019 03:24:26 -0700 

Package: git-buildpackage
Version: 0.9.13
Severity: normal
Tags: patch

Steps to reproduce:

* Have a package in git, with patches containing non-ASCII metadata.
  Good examples include https://anonscm.debian.org/git/pkg-utopia/policykit.git
  master, at commit 4f1d21c3 (debian/0.105-25), and
  https://salsa.debian.org/gnome-team/gnome-keyring.git debian/buster,
  at commit ab353ae9 (debian/3.28.2-5).
  The same issue seems to be visible in the unblock diff quoted in
  <https://lists.debian.org/debian-release/2019/03/msg00456.html>,
  so this isn't only affecting me.
* gbp pq drop
* gbp pq import
* Look at git log. In policykit-1, affected commits include
  "CVE-2015-3218: backend: Handle invalid object paths in
  RegisterAuthenticationAgent". In gnome-keyring, affected commits include
  "gkm-mock: Also store objects in the order they are taken".
* gbp pq export
* Look at the patches. In policykit-1, affected patches include
  debian/patches/0.113/00git_invalid_object_paths.patch.
  In gnome-keyring, affected patches include
  debian/patches/gkm-mock-Also-store-objects-in-the-order-they-are-taken.patch.

Expected result:

No semantically significant changes to patches

Actual result:

`gbp pq import` treats the MIME-Version, Content-Type and
Content-Transfer-Encoding as though they were semantically significant
parts of the patch metadata (rather than merely an artifact of the email
transport) and prepends them to the long commit message:

> $ git log patch-queue/debian/buster
...
> commit 4169ffaaf4498facee2bbf8c65292761b1d740e2
> Author: Iain Lane <ia...@gnome.org>
> Date:   2019-01-30 14:34:51 +0000
> 
>     gkm-mock: Also store objects in the order they are taken
> 
>     MIME-Version: 1.0
>     Content-Type: text/plain; charset="utf-8"
>     Content-Transfer-Encoding: 8bit
> 
>     With GLib 2.59, the `test-login-auto` test fails:
...

As a result, after `gbp pq export`, the MIME-Version, Content-Type and
Content-Transfer-Encoding in the email header get duplicated into new
pseudo-headers, like this (note the same fields still present in the
email header, just before the added lines):

> $ git diff
...
> --- 
> a/debian/patches/gkm-mock-Also-store-objects-in-the-order-they-are-taken.patch
> +++ 
> b/debian/patches/gkm-mock-Also-store-objects-in-the-order-they-are-taken.patch
> @@ -5,6 +5,10 @@ MIME-Version: 1.0
>  Content-Type: text/plain; charset="utf-8"
>  Content-Transfer-Encoding: 8bit
>
> +MIME-Version: 1.0
> +Content-Type: text/plain; charset="utf-8"
> +Content-Transfer-Encoding: 8bit
> +
>  With GLib 2.59, the `test-login-auto` test fails:
>
>    Gcr-CRITICAL **: 14:34:24.126: expected prompt property 'choice-label'

Proposed patch attached.

Regards,
    smcv

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'buildd-unstable'), (500, 
'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental-debug'), (1, 
'buildd-experimental'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-3-amd64 (SMP w/2 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), 
LANGUAGE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages git-buildpackage depends on:
ii  devscripts             2.19.3
ii  git                    1:2.20.1-2
ii  man-db                 2.8.5-2
ii  python3                3.7.2-1
ii  python3-dateutil       2.7.3-3
ii  python3-pkg-resources  40.8.0-1
ii  sensible-utils         0.0.12

Versions of packages git-buildpackage recommends:
ii  cowbuilder        0.88
ii  pbuilder          0.230.2
ii  pristine-tar      1.46
ii  python3-requests  2.21.0-1
ii  sbuild            0.78.1-1

Versions of packages git-buildpackage suggests:
pn  python3-notify2  <none>
ii  sudo             1.8.27-1
ii  unzip            6.0-22

-- no debconf information

>From 7f74448f8688d18e87b74543041392dd32261d15 Mon Sep 17 00:00:00 2001
From: Simon McVittie <s...@debian.org>
Date: Wed, 13 Mar 2019 10:19:03 +0000
Subject: [PATCH] Dep3Patch: Ignore MIME headers

Otherwise, if we import a patch containing non-ASCII characters
exported by `gbp pq export` or `git format-patch` using DEP-3
syntax, we'd misinterpret these fields as semantically significant
and copy them into pseudo-headers, causing them to be duplicated
in the commit's long description.

Signed-off-by: Simon McVittie <s...@debian.org>
---
 gbp/patch_series.py | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/gbp/patch_series.py b/gbp/patch_series.py
index c47f4b6..7b561e6 100644
--- a/gbp/patch_series.py
+++ b/gbp/patch_series.py
@@ -255,6 +255,16 @@ class Dep3Patch(Patch):
                 changes += add_date(v)
             elif k == 'long_desc':
                 pass
+            elif k in (
+                'content-transfer-encoding',
+                'content-type',
+                'mime-version',
+            ):
+                # These can appear in `git format-patch` or `gbp pq export`
+                # output. They are not semantically significant: they're
+                # part of the encoding of the patch as an email, rather
+                # than real patch metadata.
+                pass
             else:
                 pseudo_headers += ''.join(v)
                 changes += 1
-- 
2.20.1

Reply via email to