Tags Tags

Bug#515852: link() doesn't update relative symlinks

April 20th, 2011 - 10:40 am ET by Adam Borowski | Report spam
Help Create a new topic
Not sure why this was reassigned from dget to dscverify, but, the problem is
caused by the following part in /usr/bin/dget:

if ($url =~ m!^(file|copy)://(/.+)!) {
if ($1 eq "copy" or not link($2, $file)) {
system "cp -a $2 $file";
return $? >> 8;
}
return;
}

Hardlinking a symlink of course doesn't update its destination.

There are four bugs there:
1. (/.+) should be (.+) -- there's no reason relative urls shouldn't work
2. fallback cp should use -L
3. $2 in the link() calls should be `readlink -f "$2"` (modulo possible
quotes inside the string and the general uselessness of `` on an
user-provided string)
4. the system() call will break on spaces or quotes in the passed URL.
should be system "/bin/cp", "-a", $2, $file

1KB // Microsoft corollary to Hanlon's razor:
// Never attribute to stupidity what can be
// adequately explained by malice.



To UNSUBSCRIBE, email to debian-bugs-dist-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
email Follow the discussionReplies 3 repliesReplies Make a reply

Replies

#1 James Vega
May 01st, 2011 - 11:20 pm ET | Report spam

On Wed, Apr 20, 2011 at 04:04:31PM +0200, Adam Borowski wrote:
Not sure why this was reassigned from dget to dscverify,



Neither am I, retagged accordingly.

but, the problem is
caused by the following part in /usr/bin/dget:

if ($url =~ m!^(file|copy)://(/.+)!) {
if ($1 eq "copy" or not link($2, $file)) {
system "cp -a $2 $file";
return $? >> 8;
}
return;
}

Hardlinking a symlink of course doesn't update its destination.

There are four bugs there:
1. (/.+) should be (.+) -- there's no reason relative urls shouldn't work



Relative URLs don't make much sense in a sources.list file. What would
they be relative to?

However, the file URI example in sources.list(5) suggests the format is
"file:/absolute/path/to/file" instead of the usual
"file://relative/path" or "file:///absolute/path". I thought I had used
the latter formats before, but I may need to revisit that and see what
apt actually expects/apt-cache policy shows so we can update that
appropriately.

2. fallback cp should use -L



Agreed.

3. $2 in the link() calls should be `readlink -f "$2"` (modulo possible
quotes inside the string and the general uselessness of `` on an
user-provided string)



Cwd::realpath should be useful here.

4. the system() call will break on spaces or quotes in the passed URL.
should be system "/bin/cp", "-a", $2, $file



Yes, thanks.

James
GPG Key: 1024D/61326D40 2003-09-02 James Vega






To UNSUBSCRIBE, email to
with a subject of "unsubscribe". Trouble? Contact

Similar topics

Make your own search :