Re: setup 2.887 release candidate - please test
On 14/02/2018 23:02, Ken Brown wrote: On 2/6/2018 10:04 AM, Jon Turney wrote: A new setup release candidate is available at: https://cygwin.com/setup/setup-2.887.x86_64.exe (64 bit version) https://cygwin.com/setup/setup-2.887.x86.exe (32 bit version) Please test and report any problems here. This crashes in ConfirmPage::OnActivate() if a source package is being installed. The problem is that 'pkg' is null, but it is dereferenced in confirm.cc:99. The attached patch fixes this in the laziest possible way, but I'm not sure it's the best fix. Maybe we should check whether 'pkg' is NULL (both times it's defined) and throw an exception if so unless we're installing a source package. Alternatively, maybe we should just make sure it's non-NULL (both times) before dereferencing it. After all, we're only using 'pkg' to decide whether to say "automatically added", so if it's NULL, it might not be worth worrying about why. Thanks. I also came across this, but you beat me to sending a patch :)
Re: setup 2.887 release candidate - please test
On 2/6/2018 10:04 AM, Jon Turney wrote: A new setup release candidate is available at: https://cygwin.com/setup/setup-2.887.x86_64.exe (64 bit version) https://cygwin.com/setup/setup-2.887.x86.exe (32 bit version) Please test and report any problems here. This crashes in ConfirmPage::OnActivate() if a source package is being installed. The problem is that 'pkg' is null, but it is dereferenced in confirm.cc:99. The attached patch fixes this in the laziest possible way, but I'm not sure it's the best fix. Maybe we should check whether 'pkg' is NULL (both times it's defined) and throw an exception if so unless we're installing a source package. Alternatively, maybe we should just make sure it's non-NULL (both times) before dereferencing it. After all, we're only using 'pkg' to decide whether to say "automatically added", so if it's NULL, it might not be worth worrying about why. Ken From c860c1ce6045d6c42f0207f5977a269cbf48c53e Mon Sep 17 00:00:00 2001 From: Ken BrownDate: Wed, 14 Feb 2018 17:48:44 -0500 Subject: [PATCH] Avoid crash if a source package is installed If a source package is installed, setup crashed in ConfirmPage::OnActivate() when a null pointer 'pkg' was dereferenced. Check that it is non-NULL before dereferencing. --- confirm.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/confirm.cc b/confirm.cc index 7e949d8..df9b4f9 100644 --- a/confirm.cc +++ b/confirm.cc @@ -96,7 +96,7 @@ ConfirmPage::OnActivate() s += i->version.Name(); s += " "; s += i->version.Canonical_version(); -if (!pkg->desired) +if (pkg && !pkg->desired) s += " (automatically added)"; s += "\r\n"; } -- 2.16.1
setup 2.887 release candidate - please test
A new setup release candidate is available at: https://cygwin.com/setup/setup-2.887.x86_64.exe (64 bit version) https://cygwin.com/setup/setup-2.887.x86.exe(32 bit version) Please test and report any problems here. This is not the place for setup feature requests. Changes compared to 2.884: User visible changes: - 'Current' is replaced by 'Best' (which is slightly different in ways it's difficult to summarize briefly) and 'Sync' (which exposes the --force-current (distupgrade) option through the UI). - These are modified by a 'Test' checkbox, which allows test packages to be used. - The "prereq" page showing dependencies which will be added is replaced by "problems" page showing problems found by the dependency solver, with default solutions. - A "confirm" page is added showing all the changes which will be made. Internal changes: - Uses the libsolv dependency solver, rather than a home-made one. - Add support for 'depends2: package (relation version) [...]', in a version section in setup.ini - Add support for 'obsoletes:' in setup.ini, likewise - Add support for 'replace-versions:' in a package section setup.ini, to indicate problematic versions. Other: - Query the user for action to take if a corrupt local file is found - Validate package hash after download - Any MessageBox shown during setup.ini parsing is now modal A big 'thank you' to Ken Brown for all his work on this.