Your message dated Fri, 17 Mar 2017 18:02:20 +0000
with message-id <[email protected]>
and subject line unblock strip-nondeterminism
has caused the Debian Bug report #858006,
regarding unblock: strip-nondeterminism/0.032-1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
858006: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858006
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
User: [email protected]
Usertags: unblock
X-Debbugs-Cc: [email protected]
Dear Release Team,
Please consider unblocking strip-nondetermism 0.032-1. The relevant
changelog entry is:
strip-nondeterminism (0.032-1) unstable; urgency=medium
* Add support for testing files we should reject.
* Fix a possible endless loop while stripping ar files due to trusting the
file's file size data. Thanks to Tobias Stoeckmann
([email protected])
for the report, patch and testcase. (Closes: #857975)
-- Chris Lamb <[email protected]> Fri, 17 Mar 2017 09:25:53 +0100
Debdiff is attached. The actual code change is 2 lines but I also add
a test to catch this case in the future.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` [email protected] / chris-lamb.co.uk
`-
commit 870b156af25d77b4924725a22b59f3796bdbcd7b
Author: Chris Lamb <[email protected]>
Date: Fri Mar 17 09:25:59 2017 +0100
Update changelog for 0.032-1 release
diff --git a/debian/changelog b/debian/changelog
index 48836c5..1b08d40 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+strip-nondeterminism (0.032-1) unstable; urgency=medium
+
+ * Add support for testing files we should reject.
+ * Fix a possible endless loop while stripping ar files due to trusting the
+ file's file size data. Thanks to Tobias Stoeckmann ([email protected])
+ for the report, patch and testcase. (Closes: #857975)
+
+ -- Chris Lamb <[email protected]> Fri, 17 Mar 2017 09:25:53 +0100
+
strip-nondeterminism (0.031-1) unstable; urgency=medium
* Don't test for stat(2) blksize and blocks; they are filesystem-specific and
commit 2706778314fc7bd0184ba2b90c04258b28d73970
Merge: 5e27d49 76ad240
Author: Chris Lamb <[email protected]>
Date: Fri Mar 17 09:25:28 2017 +0100
Merge tag '0.032' into debian
Release 0.032
* tag '0.032':
Release 0.032
Fix a possible endless loop while stripping ar files due to trusting the
file's file size data. Thanks to Tobias Stoeckmann ([email protected]) for
the report, patch and testcase. (Closes: #857975)
Add support for testing files we should reject.
commit 76ad240d64845363f477f9172e737f34a5f1a93e
Author: Chris Lamb <[email protected]>
Date: Fri Mar 17 09:25:00 2017 +0100
Release 0.032
diff --git a/lib/File/StripNondeterminism.pm b/lib/File/StripNondeterminism.pm
index ef25742..a9eb309 100644
--- a/lib/File/StripNondeterminism.pm
+++ b/lib/File/StripNondeterminism.pm
@@ -34,7 +34,7 @@ use File::StripNondeterminism::handlers::zip;
our($VERSION, $canonical_time, $clamp_time);
-$VERSION = '0.031'; # 0.031
+$VERSION = '0.032'; # 0.032
sub init {
$ENV{'TZ'} = 'UTC';
commit 083b174c7c9245fed90af61ca8c001c8ead1b6d7
Author: Chris Lamb <[email protected]>
Date: Fri Mar 17 09:19:25 2017 +0100
Fix a possible endless loop while stripping ar files due to trusting the
file's file size data. Thanks to Tobias Stoeckmann ([email protected]) for
the report, patch and testcase. (Closes: #857975)
Signed-off-by: Chris Lamb <[email protected]>
diff --git a/lib/File/StripNondeterminism/handlers/ar.pm
b/lib/File/StripNondeterminism/handlers/ar.pm
index 660fa8f..08a1925 100644
--- a/lib/File/StripNondeterminism/handlers/ar.pm
+++ b/lib/File/StripNondeterminism/handlers/ar.pm
@@ -65,6 +65,10 @@ sub normalize {
my $file_mode = oct(substr($buf, 40, 8));
my $file_size = substr($buf, 48, 10);
+
+ die "Incorrect file size"
+ if $file_size < 1;
+
seek $fh, $file_header_start + 16, SEEK_SET;
# mtime
diff --git a/t/failures/ar/857975.a b/t/failures/ar/857975.a
new file mode 100644
index 0000000..dfb8a49
--- /dev/null
+++ b/t/failures/ar/857975.a
@@ -0,0 +1,2 @@
+!<arch>
+/ 0 0 0 644 -60 `
commit 9a230af32229bd45dee0eb0794792c60369b7e2c
Author: Chris Lamb <[email protected]>
Date: Fri Mar 17 09:17:49 2017 +0100
Add support for testing files we should reject.
diff --git a/t/failures.t b/t/failures.t
new file mode 100644
index 0000000..44ae11d
--- /dev/null
+++ b/t/failures.t
@@ -0,0 +1,49 @@
+#!perl
+
+#
+# Copyright 2017 Chris Lamb <[email protected]>
+#
+# This file is part of strip-nondeterminism.
+#
+# strip-nondeterminism is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# strip-nondeterminism is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with strip-nondeterminism. If not, see <http://www.gnu.org/licenses/>.
+#
+
+use strict;
+use warnings;
+
+use File::Basename qw(basename);
+use File::Copy qw(copy);
+use File::Temp qw(tempdir);
+use File::StripNondeterminism;
+use Test::More;
+
+File::StripNondeterminism::init();
+
+my $temp = tempdir( CLEANUP => 1 );
+my @failures = glob('t/failures/*/*');
+
+plan tests => scalar @failures;
+
+foreach my $filename (@failures) {
+ my $in = $temp . "/" . basename($filename);
+ copy($filename, $in) or die "Copy failed: $!";
+
+ eval {
+ my $normalizer =
File::StripNondeterminism::get_normalizer_for_file($in);
+ $normalizer->($in);
+ };
+ ok($@ ne "");
+}
+
+done_testing;
--- End Message ---
--- Begin Message ---
Unblocked strip-nondeterminism.
--- End Message ---
