This is an automated email from the git hooks/post-receive script. guillem pushed a commit to branch master in repository dpkg.
View the commit online: https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=b958054076c236d470f46f35b94ee16a032ed368 commit b958054076c236d470f46f35b94ee16a032ed368 Author: Guillem Jover <[email protected]> AuthorDate: Sun Nov 3 17:36:02 2019 +0100 Dpkg::Deps: Check for valid virtual package version relations Do not allow non-equal version relations in virtual provides. Closes: #930317 --- debian/changelog | 2 ++ scripts/Dpkg/Deps.pm | 19 ++++++++++++++++++- scripts/dpkg-checkbuilddeps.pl | 2 +- scripts/dpkg-gencontrol.pl | 2 +- 4 files changed, 22 insertions(+), 3 deletions(-) diff --git a/debian/changelog b/debian/changelog index abd1c27f1..8b5317f07 100644 --- a/debian/changelog +++ b/debian/changelog @@ -44,6 +44,8 @@ dpkg (1.20.0) UNRELEASED; urgency=medium Closes: #932967 - Dpkg::Vendor::Debian: Do not set -Werror=implicit-function-declaration for C++. Closes: #939969 + - Dpkg::Deps: Check for valid virtual package version relations. Do not + allow non-equal version relations in virtual provides. Closes: #930317 * Documentation: - man: Fix uncommon wording constructs. - man: Use a minus sign for a literal string. diff --git a/scripts/Dpkg/Deps.pm b/scripts/Dpkg/Deps.pm index f3a19e78e..ec02fd8c8 100644 --- a/scripts/Dpkg/Deps.pm +++ b/scripts/Dpkg/Deps.pm @@ -46,7 +46,7 @@ All the deps_* functions are exported by default. use strict; use warnings; -our $VERSION = '1.06'; +our $VERSION = '1.07'; our @EXPORT = qw( deps_concat deps_parse @@ -235,6 +235,12 @@ them if set. If set to 1, returns a Dpkg::Deps::Union instead of a Dpkg::Deps::AND. Use this when parsing non-dependency fields like Conflicts. +=item virtual (defaults to 0) + +If set to 1, allow only virtual package version relations, that is none, +or “=”. +This should be set whenever working with Provides fields. + =item build_dep (defaults to 0) If set to 1, allow build-dep only arch qualifiers, that is “:native”. @@ -265,6 +271,7 @@ sub deps_parse { $options{reduce_profiles} //= 0; $options{reduce_restrictions} //= 0; $options{union} //= 0; + $options{virtual} //= 0; $options{build_dep} //= 0; $options{tests_dep} //= 0; @@ -301,6 +308,12 @@ sub deps_parse { warning(g_("can't parse dependency %s"), $dep_or); return; } + if ($options{virtual} && defined $dep_simple->{relation} && + $dep_simple->{relation} ne '=') { + warning(g_('virtual dependency contains invalid relation: %s'), + $dep_simple->output); + return; + } $dep_simple->{arches} = undef if not $options{use_arch}; if ($options{reduce_arch}) { $dep_simple->reduce_arch($options{host_arch}); @@ -437,6 +450,10 @@ provide. =head1 CHANGES +=head2 Version 1.07 (dpkg 1.20.0) + +New option: Add virtual option to Dpkg::Deps::deps_parse(). + =head2 Version 1.06 (dpkg 1.18.7; module version bumped on dpkg 1.18.24) New option: Add tests_dep option to Dpkg::Deps::deps_parse(). diff --git a/scripts/dpkg-checkbuilddeps.pl b/scripts/dpkg-checkbuilddeps.pl index 0621f5f8d..d249ced45 100755 --- a/scripts/dpkg-checkbuilddeps.pl +++ b/scripts/dpkg-checkbuilddeps.pl @@ -165,7 +165,7 @@ sub parse_status { $facts->add_installed_package($package, $version, $arch, $multiarch); if (/^Provides: (.*)$/m) { - my $provides = deps_parse($1, reduce_arch => 1, union => 1); + my $provides = deps_parse($1, reduce_arch => 1, virtual => 1, union => 1); next if not defined $provides; foreach (grep { $_->isa('Dpkg::Deps::Simple') } $provides->get_deps()) diff --git a/scripts/dpkg-gencontrol.pl b/scripts/dpkg-gencontrol.pl index a5dda70d0..04a5c68b9 100755 --- a/scripts/dpkg-gencontrol.pl +++ b/scripts/dpkg-gencontrol.pl @@ -257,7 +257,7 @@ $facts->add_installed_package($fields->{'Package'}, $fields->{'Version'}, $fields->{'Architecture'}, $fields->{'Multi-Arch'}); if (exists $pkg->{'Provides'}) { my $provides = deps_parse($substvars->substvars($pkg->{'Provides'}, no_warn => 1), - reduce_restrictions => 1, union => 1); + reduce_restrictions => 1, virtual => 1, union => 1); if (defined $provides) { foreach my $subdep ($provides->get_deps()) { if ($subdep->isa('Dpkg::Deps::Simple')) { -- Dpkg.Org's dpkg
