2 * Copyright (c) 2007, Novell Inc.
4 * This program is licensed under the BSD license, read LICENSE.BSD
5 * for further information
9 #define _XOPEN_SOURCE /* glibc2 needs this */
10 #include <sys/types.h>
21 #include "repo_updateinfoxml.h"
23 #include "tools_util.h"
27 * <update from="rel-eng@fedoraproject.org" status="stable" type="security" version="1.4">
28 * <id>FEDORA-2007-4594</id>
29 * <title>imlib-1.9.15-6.fc8</title>
30 * <severity>Important</severity>
31 * <release>Fedora 8</release>
32 * <rights>Copyright 2007 Company Inc</rights>
33 * <issued date="2007-12-28 16:42:30"/>
34 * <updated date="2008-03-14 12:00:00"/>
36 * <reference href="https://bugzilla.redhat.com/show_bug.cgi?id=426091" id="426091" title="CVE-2007-3568 imlib: infinite loop DoS using crafted BMP image" type="bugzilla"/>
38 * <description>This update includes a fix for a denial-of-service issue (CVE-2007-3568) whereby an attacker who could get an imlib-using user to view a specially-crafted BMP image could cause the user's CPU to go into an infinite loop.</description>
40 * <collection short="F8">
41 * <name>Fedora 8</name>
42 * <package arch="ppc64" name="imlib-debuginfo" release="6.fc8" src="http://download.fedoraproject.org/pub/fedora/linux/updates/8/ppc64/imlib-debuginfo-1.9.15-6.fc8.ppc64.rpm" version="1.9.15">
43 * <filename>imlib-debuginfo-1.9.15-6.fc8.ppc64.rpm</filename>
44 * <reboot_suggested>True</reboot_suggested>
86 /* !! must be sorted by first column !! */
87 static struct stateswitch stateswitches[] = {
88 { STATE_START, "updates", STATE_UPDATES, 0 },
89 { STATE_START, "update", STATE_UPDATE, 0 },
90 { STATE_UPDATES, "update", STATE_UPDATE, 0 },
91 { STATE_UPDATE, "id", STATE_ID, 1 },
92 { STATE_UPDATE, "title", STATE_TITLE, 1 },
93 { STATE_UPDATE, "severity", STATE_SEVERITY, 1 },
94 { STATE_UPDATE, "rights", STATE_RIGHTS, 1 },
95 { STATE_UPDATE, "release", STATE_RELEASE, 1 },
96 { STATE_UPDATE, "issued", STATE_ISSUED, 0 },
97 { STATE_UPDATE, "updated", STATE_UPDATED, 0 },
98 { STATE_UPDATE, "description", STATE_DESCRIPTION, 1 },
99 { STATE_UPDATE, "message", STATE_MESSAGE , 1 },
100 { STATE_UPDATE, "references", STATE_REFERENCES, 0 },
101 { STATE_UPDATE, "pkglist", STATE_PKGLIST, 0 },
102 { STATE_REFERENCES, "reference", STATE_REFERENCE, 0 },
103 { STATE_PKGLIST, "collection", STATE_COLLECTION, 0 },
104 { STATE_COLLECTION, "name", STATE_NAME, 1 },
105 { STATE_COLLECTION, "package", STATE_PACKAGE, 0 },
106 { STATE_PACKAGE, "filename", STATE_FILENAME, 1 },
107 { STATE_PACKAGE, "reboot_suggested",STATE_REBOOT, 1 },
108 { STATE_PACKAGE, "restart_suggested",STATE_RESTART, 1 },
109 { STATE_PACKAGE, "relogin_suggested",STATE_RELOGIN, 1 },
124 unsigned int datanum;
129 struct stateswitch *swtab[NUMSTATES];
130 enum state sbtab[NUMSTATES];
134 * Convert date strings ("1287746075" or "2010-10-22 13:14:35")
138 datestr2timestamp(const char *date)
145 for (p = date; *p >= '0' && *p <= '9'; p++)
149 memset(&tm, 0, sizeof(tm));
150 if (!strptime(date, "%F%T", &tm))
156 * if we have seen a <filename>...
157 * inside of <package>...
160 * If not, we must insert an empty filename to UPDATE_COLLECTION_FILENAME
161 * at </package> in order to keep all UPDATE_COLLECTION_* arrays in sync
165 * create evr (as Id) from 'epoch', 'version' and 'release' attributes
169 makeevr_atts(Pool *pool, struct parsedata *pd, const char **atts)
171 const char *e, *v, *r, *v2;
176 for (; *atts; atts += 2)
178 if (!strcmp(*atts, "epoch"))
180 else if (!strcmp(*atts, "version"))
182 else if (!strcmp(*atts, "release"))
185 if (e && !strcmp(e, "0"))
189 for (v2 = v; *v2 >= '0' && *v2 <= '9'; v2++)
191 if (v2 > v && *v2 == ':')
201 if (l > pd->acontent)
203 pd->content = realloc(pd->content, l + 256);
204 pd->acontent = l + 256;
228 fprintf(stderr, "evr: %s\n", pd->content);
230 return pool_str2id(pool, pd->content, 1);
236 startElement(void *userData, const char *name, const char **atts)
238 struct parsedata *pd = userData;
239 Pool *pool = pd->pool;
240 Solvable *solvable = pd->solvable;
241 struct stateswitch *sw;
242 /*const char *str; */
245 fprintf(stderr, "start: [%d]%s\n", pd->state, name);
247 if (pd->depth != pd->statedepth)
254 if (!pd->swtab[pd->state])
256 for (sw = pd->swtab[pd->state]; sw->from == pd->state; sw++) /* find name in statetable */
257 if (!strcmp(sw->ename, name))
260 if (sw->from != pd->state)
263 fprintf(stderr, "into unknown: %s (from: %d)\n", name, pd->state);
269 pd->docontent = sw->docontent;
270 pd->statedepth = pd->depth;
281 * <update from="rel-eng@fedoraproject.org"
283 * type="bugfix" (enhancement, security)
288 const char *from = 0, *type = 0, *version = 0;
289 for (; *atts; atts += 2)
291 if (!strcmp(*atts, "from"))
293 else if (!strcmp(*atts, "type"))
295 else if (!strcmp(*atts, "version"))
300 solvable = pd->solvable = pool_id2solvable(pool, repo_add_solvable(pd->repo));
301 pd->datanum = pd->solvable - pool->solvables;
303 solvable->vendor = pool_str2id(pool, from, 1);
304 solvable->evr = pool_str2id(pool, version, 1);
305 solvable->arch = ARCH_NOARCH;
307 repodata_set_str(pd->data, pd->datanum, SOLVABLE_PATCHCATEGORY, type);
308 pd->buildtime = (time_t)0;
311 /* <id>FEDORA-2007-4594</id> */
314 /* <title>imlib-1.9.15-6.fc8</title> */
317 /* <release>Fedora 8</release> */
320 /* <issued date="2008-03-21 21:36:55"/>
325 const char *date = 0;
326 for (; *atts; atts += 2)
328 if (!strcmp(*atts, "date"))
333 time_t t = datestr2timestamp(date);
334 if (t && t > pd->buildtime)
339 case STATE_REFERENCES:
341 /* <reference href="https://bugzilla.redhat.com/show_bug.cgi?id=330471"
343 * title="LDAP schema file missing for dhcpd"
346 case STATE_REFERENCE:
348 const char *href = 0, *id = 0, *title = 0, *type = 0;
350 for (; *atts; atts += 2)
352 if (!strcmp(*atts, "href"))
354 else if (!strcmp(*atts, "id"))
356 else if (!strcmp(*atts, "title"))
358 else if (!strcmp(*atts, "type"))
361 handle = repodata_new_handle(pd->data);
363 repodata_set_str(pd->data, handle, UPDATE_REFERENCE_HREF, href);
365 repodata_set_str(pd->data, handle, UPDATE_REFERENCE_ID, id);
367 repodata_set_str(pd->data, handle, UPDATE_REFERENCE_TITLE, title);
369 repodata_set_poolstr(pd->data, handle, UPDATE_REFERENCE_TYPE, type);
370 repodata_add_flexarray(pd->data, pd->datanum, UPDATE_REFERENCE, handle);
373 /* <description>This update ...</description> */
374 case STATE_DESCRIPTION:
376 /* <message type="confirm">This update ...</message> */
381 /* <collection short="F8" */
382 case STATE_COLLECTION:
384 /* <name>Fedora 8</name> */
387 /* <package arch="ppc64" name="imlib-debuginfo" release="6.fc8"
388 * src="http://download.fedoraproject.org/pub/fedora/linux/updates/8/ppc64/imlib-debuginfo-1.9.15-6.fc8.ppc64.rpm"
392 * -> patch.conflicts: {name} < {version}.{release}
396 const char *arch = 0, *name = 0;
397 Id evr = makeevr_atts(pool, pd, atts); /* parse "epoch", "version", "release" */
401 for (; *atts; atts += 2)
403 if (!strcmp(*atts, "arch"))
405 else if (!strcmp(*atts, "name"))
408 /* generated Id for name */
409 n = pool_str2id(pool, name, 1);
413 /* generate Id for arch and combine with name */
414 a = pool_str2id(pool, arch, 1);
415 rel_id = pool_rel2id(pool, n, a, REL_ARCH, 1);
417 rel_id = pool_rel2id(pool, rel_id, evr, REL_LT, 1);
419 solvable->conflicts = repo_addid_dep(pd->repo, solvable->conflicts, rel_id, 0);
421 /* who needs the collection anyway? */
422 pd->collhandle = repodata_new_handle(pd->data);
423 repodata_set_id(pd->data, pd->collhandle, UPDATE_COLLECTION_NAME, n);
424 repodata_set_id(pd->data, pd->collhandle, UPDATE_COLLECTION_EVR, evr);
425 repodata_set_id(pd->data, pd->collhandle, UPDATE_COLLECTION_ARCH, a);
428 /* <filename>libntlm-0.4.2-1.fc8.x86_64.rpm</filename> */
429 /* <filename>libntlm-0.4.2-1.fc8.x86_64.rpm</filename> */
432 /* <reboot_suggested>True</reboot_suggested> */
435 /* <restart_suggested>True</restart_suggested> */
438 /* <relogin_suggested>True</relogin_suggested> */
449 endElement(void *userData, const char *name)
451 struct parsedata *pd = userData;
452 Pool *pool = pd->pool;
453 Solvable *s = pd->solvable;
454 Repo *repo = pd->repo;
457 fprintf(stderr, "end: %s\n", name);
459 if (pd->depth != pd->statedepth)
463 fprintf(stderr, "back from unknown %d %d %d\n", pd->state, pd->depth, pd->statedepth);
477 s->provides = repo_addid_dep(repo, s->provides, pool_rel2id(pool, s->name, s->evr, REL_EQ, 1), 0);
480 repodata_set_num(pd->data, pd->datanum, SOLVABLE_BUILDTIME, pd->buildtime);
481 pd->buildtime = (time_t)0;
485 s->name = pool_str2id(pool, join2("patch", ":", pd->content), 1);
487 /* <title>imlib-1.9.15-6.fc8</title> */
489 while (pd->lcontent > 0 && pd->content[pd->lcontent - 1] == '\n')
490 pd->content[--pd->lcontent] = 0;
491 repodata_set_str(pd->data, pd->datanum, SOLVABLE_SUMMARY, pd->content);
494 repodata_set_poolstr(pd->data, pd->datanum, UPDATE_SEVERITY, pd->content);
497 repodata_set_poolstr(pd->data, pd->datanum, UPDATE_RIGHTS, pd->content);
500 * <release>Fedora 8</release>
506 case STATE_REFERENCES:
508 case STATE_REFERENCE:
511 * <description>This update ...</description>
513 case STATE_DESCRIPTION:
514 repodata_set_str(pd->data, pd->datanum, SOLVABLE_DESCRIPTION, pd->content);
517 * <message>Warning! ...</message>
520 repodata_set_str(pd->data, pd->datanum, UPDATE_MESSAGE, pd->content);
524 case STATE_COLLECTION:
529 repodata_add_flexarray(pd->data, pd->datanum, UPDATE_COLLECTION, pd->collhandle);
532 /* <filename>libntlm-0.4.2-1.fc8.x86_64.rpm</filename> */
533 /* <filename>libntlm-0.4.2-1.fc8.x86_64.rpm</filename> */
535 repodata_set_str(pd->data, pd->collhandle, UPDATE_COLLECTION_FILENAME, pd->content);
537 /* <reboot_suggested>True</reboot_suggested> */
539 if (pd->content[0] == 'T' || pd->content[0] == 't'|| pd->content[0] == '1')
541 /* FIXME: this is per-package, the global flag should be computed at runtime */
542 repodata_set_void(pd->data, pd->datanum, UPDATE_REBOOT);
543 repodata_set_void(pd->data, pd->collhandle, UPDATE_REBOOT);
546 /* <restart_suggested>True</restart_suggested> */
548 if (pd->content[0] == 'T' || pd->content[0] == 't'|| pd->content[0] == '1')
550 /* FIXME: this is per-package, the global flag should be computed at runtime */
551 repodata_set_void(pd->data, pd->datanum, UPDATE_RESTART);
552 repodata_set_void(pd->data, pd->collhandle, UPDATE_RESTART);
555 /* <relogin_suggested>True</relogin_suggested> */
557 if (pd->content[0] == 'T' || pd->content[0] == 't'|| pd->content[0] == '1')
559 /* FIXME: this is per-package, the global flag should be computed at runtime */
560 repodata_set_void(pd->data, pd->datanum, UPDATE_RELOGIN);
561 repodata_set_void(pd->data, pd->collhandle, UPDATE_RELOGIN);
568 pd->state = pd->sbtab[pd->state];
574 characterData(void *userData, const XML_Char *s, int len)
576 struct parsedata *pd = userData;
583 fprintf(stderr, "Content: [%d]'%.*s'\n", pd->state, len, s);
587 l = pd->lcontent + len + 1;
588 if (l > pd->acontent)
590 pd->content = realloc(pd->content, l + 256);
591 pd->acontent = l + 256;
593 c = pd->content + pd->lcontent;
601 #define BUFF_SIZE 8192
604 repo_add_updateinfoxml(Repo *repo, FILE *fp, int flags)
606 Pool *pool = repo->pool;
610 struct stateswitch *sw;
613 data = repo_add_repodata(repo, flags);
615 memset(&pd, 0, sizeof(pd));
616 for (i = 0, sw = stateswitches; sw->from != NUMSTATES; i++, sw++)
618 if (!pd.swtab[sw->from])
619 pd.swtab[sw->from] = sw;
620 pd.sbtab[sw->to] = sw->from;
626 pd.content = malloc(256);
629 XML_Parser parser = XML_ParserCreate(NULL);
630 XML_SetUserData(parser, &pd);
631 XML_SetElementHandler(parser, startElement, endElement);
632 XML_SetCharacterDataHandler(parser, characterData);
635 l = fread(buf, 1, sizeof(buf), fp);
636 if (XML_Parse(parser, buf, l, l == 0) == XML_STATUS_ERROR)
638 pool_debug(pool, SOLV_FATAL, "repo_updateinfoxml: %s at line %u:%u\n", XML_ErrorString(XML_GetErrorCode(parser)), (unsigned int)XML_GetCurrentLineNumber(parser), (unsigned int)XML_GetCurrentColumnNumber(parser));
644 XML_ParserFree(parser);
648 if (!(flags & REPO_NO_INTERNALIZE))
649 repodata_internalize(data);
projects / platform / upstream / libsolv.git / blob