1 /*
2 * Copyright (c) 2007, Novell Inc.
3 *
4 * This program is licensed under the BSD license, read LICENSE.BSD
5 * for further information
6 */
7
8 #define _GNU_SOURCE
9 #define _XOPEN_SOURCE /* glibc2 needs this */
10 #include <sys/types.h>
11 #include <stdio.h>
12 #include <stdlib.h>
13 #include <string.h>
14 #include <time.h>
15
16 #include "pool.h"
17 #include "repo.h"
18 #include "solv_xmlparser.h"
19 #include "repo_updateinfoxml.h"
20 #define DISABLE_SPLIT
21 #include "tools_util.h"
22
23 /*
24 * <updates>
25 * <update from="rel-eng@fedoraproject.org" status="stable" type="security" version="1.4">
26 * <id>FEDORA-2007-4594</id>
27 * <title>imlib-1.9.15-6.fc8</title>
28 * <severity>Important</severity>
29 * <release>Fedora 8</release>
30 * <rights>Copyright 2007 Company Inc</rights>
31 * <issued date="2007-12-28 16:42:30"/>
32 * <updated date="2008-03-14 12:00:00"/>
33 * <references>
34 * <reference href="https://bugzilla.redhat.com/show_bug.cgi?id=426091" id="426091" title="CVE-2007-3568 imlib: infinite loop DoS using crafted BMP image" type="bugzilla"/>
35 * </references>
36 * <description>This update includes a fix for a denial-of-service issue (CVE-2007-3568) whereby an attacker who could get an imlib-using user to view a specially-crafted BMP image could cause the user's CPU to go into an infinite loop.</description>
37 * <pkglist>
38 * <collection short="F8">
39 * <name>Fedora 8</name>
40 * <module name="pki-deps" stream="10.6" version="20181019123559" context="9edba152" arch="x86_64"/>
41 * <package arch="ppc64" name="imlib-debuginfo" release="6.fc8" src="http://download.fedoraproject.org/pub/fedora/linux/updates/8/ppc64/imlib-debuginfo-1.9.15-6.fc8.ppc64.rpm" version="1.9.15">
42 * <filename>imlib-debuginfo-1.9.15-6.fc8.ppc64.rpm</filename>
43 * <reboot_suggested>True</reboot_suggested>
44 * </package>
45 * </collection>
46 * </pkglist>
47 * </update>
48 * </updates>
49 */
50
51 enum state {
52 STATE_START,
53 STATE_UPDATES,
54 STATE_UPDATE,
55 STATE_ID,
56 STATE_TITLE,
57 STATE_RELEASE,
58 STATE_ISSUED,
59 STATE_UPDATED,
60 STATE_MESSAGE,
61 STATE_REFERENCES,
62 STATE_REFERENCE,
63 STATE_DESCRIPTION,
64 STATE_PKGLIST,
65 STATE_COLLECTION,
66 STATE_NAME,
67 STATE_PACKAGE,
68 STATE_FILENAME,
69 STATE_REBOOT,
70 STATE_RESTART,
71 STATE_RELOGIN,
72 STATE_RIGHTS,
73 STATE_SEVERITY,
74 STATE_MODULE,
75 NUMSTATES
76 };
77
78 static struct solv_xmlparser_element stateswitches[] = {
79 { STATE_START, "updates", STATE_UPDATES, 0 },
80 { STATE_START, "update", STATE_UPDATE, 0 },
81 { STATE_UPDATES, "update", STATE_UPDATE, 0 },
82 { STATE_UPDATE, "id", STATE_ID, 1 },
83 { STATE_UPDATE, "title", STATE_TITLE, 1 },
84 { STATE_UPDATE, "severity", STATE_SEVERITY, 1 },
85 { STATE_UPDATE, "rights", STATE_RIGHTS, 1 },
86 { STATE_UPDATE, "release", STATE_RELEASE, 1 },
87 { STATE_UPDATE, "issued", STATE_ISSUED, 0 },
88 { STATE_UPDATE, "updated", STATE_UPDATED, 0 },
89 { STATE_UPDATE, "description", STATE_DESCRIPTION, 1 },
90 { STATE_UPDATE, "message", STATE_MESSAGE , 1 },
91 { STATE_UPDATE, "references", STATE_REFERENCES, 0 },
92 { STATE_UPDATE, "pkglist", STATE_PKGLIST, 0 },
93 { STATE_REFERENCES, "reference", STATE_REFERENCE, 0 },
94 { STATE_PKGLIST, "collection", STATE_COLLECTION, 0 },
95 { STATE_COLLECTION, "name", STATE_NAME, 1 },
96 { STATE_COLLECTION, "package", STATE_PACKAGE, 0 },
97 { STATE_COLLECTION, "module", STATE_MODULE, 0 },
98 { STATE_PACKAGE, "filename", STATE_FILENAME, 1 },
99 { STATE_PACKAGE, "reboot_suggested",STATE_REBOOT, 1 },
100 { STATE_PACKAGE, "restart_suggested",STATE_RESTART, 1 },
101 { STATE_PACKAGE, "relogin_suggested",STATE_RELOGIN, 1 },
102 { NUMSTATES }
103 };
104
105 struct parsedata {
106 int ret;
107 Pool *pool;
108 Repo *repo;
109 Repodata *data;
110 Id handle;
111 Solvable *solvable;
112 time_t buildtime;
113 Id pkghandle;
114 struct solv_xmlparser xmlp;
115 struct joindata jd;
116 Id collhandle;
117 };
118
119 /*
120 * Convert date strings ("1287746075" or "2010-10-22 13:14:35")
121 * to timestamp.
122 */
123 static time_t
datestr2timestamp(const char * date)124 datestr2timestamp(const char *date)
125 {
126 const char *p;
127 struct tm tm;
128
129 if (!date || !*date)
130 return 0;
131 for (p = date; *p >= '0' && *p <= '9'; p++)
132 ;
133 if (!*p)
134 return atoi(date);
135 memset(&tm, 0, sizeof(tm));
136 if (!strptime(date, "%F%T", &tm))
137 return 0;
138 return timegm(&tm);
139 }
140
141 /*
142 * create evr (as Id) from 'epoch', 'version' and 'release' attributes
143 */
144 static Id
makeevr_atts(Pool * pool,struct parsedata * pd,const char ** atts)145 makeevr_atts(Pool *pool, struct parsedata *pd, const char **atts)
146 {
147 const char *e, *v, *r, *v2;
148 char *c, *space;
149 int l;
150
151 e = v = r = 0;
152 for (; *atts; atts += 2)
153 {
154 if (!strcmp(*atts, "epoch"))
155 e = atts[1];
156 else if (!strcmp(*atts, "version"))
157 v = atts[1];
158 else if (!strcmp(*atts, "release"))
159 r = atts[1];
160 }
161 if (e && (!*e || !strcmp(e, "0")))
162 e = 0;
163 if (v && !e)
164 {
165 for (v2 = v; *v2 >= '0' && *v2 <= '9'; v2++)
166 ;
167 if (v2 > v && *v2 == ':')
168 e = "0";
169 }
170 l = 1;
171 if (e)
172 l += strlen(e) + 1;
173 if (v)
174 l += strlen(v);
175 if (r)
176 l += strlen(r) + 1;
177
178 c = space = solv_xmlparser_contentspace(&pd->xmlp, l);
179 if (e)
180 {
181 strcpy(c, e);
182 c += strlen(c);
183 *c++ = ':';
184 }
185 if (v)
186 {
187 strcpy(c, v);
188 c += strlen(c);
189 }
190 if (r)
191 {
192 *c++ = '-';
193 strcpy(c, r);
194 c += strlen(c);
195 }
196 *c = 0;
197 if (!*space)
198 return 0;
199 #if 0
200 fprintf(stderr, "evr: %s\n", space);
201 #endif
202 return pool_str2id(pool, space, 1);
203 }
204
205
206
207 static void
startElement(struct solv_xmlparser * xmlp,int state,const char * name,const char ** atts)208 startElement(struct solv_xmlparser *xmlp, int state, const char *name, const char **atts)
209 {
210 struct parsedata *pd = xmlp->userdata;
211 Pool *pool = pd->pool;
212 Solvable *solvable = pd->solvable;
213
214 switch(state)
215 {
216 /*
217 * <update from="rel-eng@fedoraproject.org"
218 * status="stable"
219 * type="bugfix" (enhancement, security)
220 * version="1.4">
221 */
222 case STATE_UPDATE:
223 {
224 const char *from = 0, *type = 0, *version = 0, *status = 0;
225 for (; *atts; atts += 2)
226 {
227 if (!strcmp(*atts, "from"))
228 from = atts[1];
229 else if (!strcmp(*atts, "type"))
230 type = atts[1];
231 else if (!strcmp(*atts, "version"))
232 version = atts[1];
233 else if (!strcmp(*atts, "status"))
234 status = atts[1];
235 }
236 solvable = pd->solvable = pool_id2solvable(pool, repo_add_solvable(pd->repo));
237 pd->handle = pd->solvable - pool->solvables;
238
239 solvable->vendor = pool_str2id(pool, from, 1);
240 solvable->evr = pool_str2id(pool, version, 1);
241 solvable->arch = ARCH_NOARCH;
242 if (type)
243 repodata_set_str(pd->data, pd->handle, SOLVABLE_PATCHCATEGORY, type);
244 if (status)
245 repodata_set_poolstr(pd->data, pd->handle, UPDATE_STATUS, status);
246 pd->buildtime = (time_t)0;
247 }
248 break;
249
250 case STATE_ISSUED:
251 case STATE_UPDATED:
252 {
253 const char *date = solv_xmlparser_find_attr("date", atts);
254 if (date)
255 {
256 time_t t = datestr2timestamp(date);
257 if (t && t > pd->buildtime)
258 pd->buildtime = t;
259 }
260 }
261 break;
262
263 case STATE_REFERENCE:
264 {
265 const char *href = 0, *id = 0, *title = 0, *type = 0;
266 Id refhandle;
267 for (; *atts; atts += 2)
268 {
269 if (!strcmp(*atts, "href"))
270 href = atts[1];
271 else if (!strcmp(*atts, "id"))
272 id = atts[1];
273 else if (!strcmp(*atts, "title"))
274 title = atts[1];
275 else if (!strcmp(*atts, "type"))
276 type = atts[1];
277 }
278 refhandle = repodata_new_handle(pd->data);
279 if (href)
280 repodata_set_str(pd->data, refhandle, UPDATE_REFERENCE_HREF, href);
281 if (id)
282 repodata_set_str(pd->data, refhandle, UPDATE_REFERENCE_ID, id);
283 if (title)
284 repodata_set_str(pd->data, refhandle, UPDATE_REFERENCE_TITLE, title);
285 if (type)
286 repodata_set_poolstr(pd->data, refhandle, UPDATE_REFERENCE_TYPE, type);
287 repodata_add_flexarray(pd->data, pd->handle, UPDATE_REFERENCE, refhandle);
288 }
289 break;
290
291 case STATE_COLLECTION:
292 {
293 pd->collhandle = repodata_new_handle(pd->data);
294 }
295 break;
296
297 /* <package arch="ppc64" name="imlib-debuginfo" release="6.fc8"
298 * src="http://download.fedoraproject.org/pub/fedora/linux/updates/8/ppc64/imlib-debuginfo-1.9.15-6.fc8.ppc64.rpm"
299 * version="1.9.15">
300 *
301 *
302 * -> patch.conflicts: {name} < {version}.{release}
303 */
304 case STATE_PACKAGE:
305 {
306 const char *arch = 0, *name = 0;
307 Id evr = makeevr_atts(pool, pd, atts); /* parse "epoch", "version", "release" */
308 Id n, a, id;
309
310 for (; *atts; atts += 2)
311 {
312 if (!strcmp(*atts, "arch"))
313 arch = atts[1];
314 else if (!strcmp(*atts, "name"))
315 name = atts[1];
316 }
317 n = name ? pool_str2id(pool, name, 1) : 0;
318 a = arch ? pool_str2id(pool, arch, 1) : 0;
319
320 /* generated conflicts for the package */
321 if (a && a != ARCH_NOARCH)
322 {
323 id = pool_rel2id(pool, n, a, REL_ARCH, 1);
324 id = pool_rel2id(pool, id, evr, REL_LT, 1);
325 solvable->conflicts = repo_addid_dep(pd->repo, solvable->conflicts, id, 0);
326 id = pool_rel2id(pool, n, ARCH_NOARCH, REL_ARCH, 1);
327 id = pool_rel2id(pool, id, evr, REL_LT, 1);
328 solvable->conflicts = repo_addid_dep(pd->repo, solvable->conflicts, id, 0);
329 }
330 else
331 {
332 id = pool_rel2id(pool, n, evr, REL_LT, 1);
333 solvable->conflicts = repo_addid_dep(pd->repo, solvable->conflicts, id, 0);
334 }
335
336 /* UPDATE_COLLECTION is misnamed, it should have been UPDATE_PACKAGE */
337 pd->pkghandle = repodata_new_handle(pd->data);
338 repodata_set_id(pd->data, pd->pkghandle, UPDATE_COLLECTION_NAME, n);
339 repodata_set_id(pd->data, pd->pkghandle, UPDATE_COLLECTION_EVR, evr);
340 if (a)
341 repodata_set_id(pd->data, pd->pkghandle, UPDATE_COLLECTION_ARCH, a);
342 break;
343 }
344 case STATE_MODULE:
345 {
346 const char *name = 0, *stream = 0, *version = 0, *context = 0, *arch = 0;
347 Id module_handle;
348
349 for (; *atts; atts += 2)
350 {
351 if (!strcmp(*atts, "arch"))
352 arch = atts[1];
353 else if (!strcmp(*atts, "name"))
354 name = atts[1];
355 else if (!strcmp(*atts, "stream"))
356 stream = atts[1];
357 else if (!strcmp(*atts, "version"))
358 version = atts[1];
359 else if (!strcmp(*atts, "context"))
360 context = atts[1];
361 }
362 module_handle = repodata_new_handle(pd->data);
363 if (name)
364 repodata_set_poolstr(pd->data, module_handle, UPDATE_MODULE_NAME, name);
365 if (stream)
366 repodata_set_poolstr(pd->data, module_handle, UPDATE_MODULE_STREAM, stream);
367 if (version)
368 repodata_set_poolstr(pd->data, module_handle, UPDATE_MODULE_VERSION, version);
369 if (context)
370 repodata_set_poolstr(pd->data, module_handle, UPDATE_MODULE_CONTEXT, context);
371 if (arch)
372 repodata_set_poolstr(pd->data, module_handle, UPDATE_MODULE_ARCH, arch);
373 repodata_add_flexarray(pd->data, pd->handle, UPDATE_MODULE, module_handle);
374 repodata_add_flexarray(pd->data, pd->collhandle, UPDATE_MODULE, module_handle);
375 break;
376 }
377
378 default:
379 break;
380 }
381 return;
382 }
383
384
385 static void
endElement(struct solv_xmlparser * xmlp,int state,char * content)386 endElement(struct solv_xmlparser *xmlp, int state, char *content)
387 {
388 struct parsedata *pd = xmlp->userdata;
389 Pool *pool = pd->pool;
390 Solvable *s = pd->solvable;
391 Repo *repo = pd->repo;
392
393 switch (state)
394 {
395 case STATE_UPDATE:
396 s->provides = repo_addid_dep(repo, s->provides, pool_rel2id(pool, s->name, s->evr, REL_EQ, 1), 0);
397 if (pd->buildtime)
398 {
399 repodata_set_num(pd->data, pd->handle, SOLVABLE_BUILDTIME, pd->buildtime);
400 pd->buildtime = (time_t)0;
401 }
402 break;
403
404 case STATE_ID:
405 s->name = pool_str2id(pool, join2(&pd->jd, "patch", ":", content), 1);
406 break;
407
408 /* <title>imlib-1.9.15-6.fc8</title> */
409 case STATE_TITLE:
410 /* strip trailing newlines */
411 while (pd->xmlp.lcontent > 0 && content[pd->xmlp.lcontent - 1] == '\n')
412 content[--pd->xmlp.lcontent] = 0;
413 repodata_set_str(pd->data, pd->handle, SOLVABLE_SUMMARY, content);
414 break;
415
416 case STATE_SEVERITY:
417 repodata_set_poolstr(pd->data, pd->handle, UPDATE_SEVERITY, content);
418 break;
419
420 case STATE_RIGHTS:
421 repodata_set_poolstr(pd->data, pd->handle, UPDATE_RIGHTS, content);
422 break;
423
424 /*
425 * <description>This update ...</description>
426 */
427 case STATE_DESCRIPTION:
428 repodata_set_str(pd->data, pd->handle, SOLVABLE_DESCRIPTION, content);
429 break;
430
431 /*
432 * <message>Warning! ...</message>
433 */
434 case STATE_MESSAGE:
435 repodata_set_str(pd->data, pd->handle, UPDATE_MESSAGE, content);
436 break;
437
438 case STATE_COLLECTION:
439 repodata_add_flexarray(pd->data, pd->handle, UPDATE_COLLECTIONLIST, pd->collhandle);
440 pd->collhandle = 0;
441 break;
442
443 case STATE_PACKAGE:
444 repodata_add_flexarray(pd->data, pd->handle, UPDATE_COLLECTION, pd->pkghandle);
445 repodata_add_flexarray(pd->data, pd->collhandle, UPDATE_COLLECTION, pd->pkghandle);
446 pd->pkghandle = 0;
447 break;
448
449 /* <filename>libntlm-0.4.2-1.fc8.x86_64.rpm</filename> */
450 /* <filename>libntlm-0.4.2-1.fc8.x86_64.rpm</filename> */
451 case STATE_FILENAME:
452 repodata_set_str(pd->data, pd->pkghandle, UPDATE_COLLECTION_FILENAME, content);
453 break;
454
455 /* <reboot_suggested>True</reboot_suggested> */
456 case STATE_REBOOT:
457 if (content[0] == 'T' || content[0] == 't'|| content[0] == '1')
458 {
459 /* FIXME: this is per-package, the global flag should be computed at runtime */
460 repodata_set_void(pd->data, pd->handle, UPDATE_REBOOT);
461 repodata_set_void(pd->data, pd->pkghandle, UPDATE_REBOOT);
462 }
463 break;
464
465 /* <restart_suggested>True</restart_suggested> */
466 case STATE_RESTART:
467 if (content[0] == 'T' || content[0] == 't'|| content[0] == '1')
468 {
469 /* FIXME: this is per-package, the global flag should be computed at runtime */
470 repodata_set_void(pd->data, pd->handle, UPDATE_RESTART);
471 repodata_set_void(pd->data, pd->pkghandle, UPDATE_RESTART);
472 }
473 break;
474
475 /* <relogin_suggested>True</relogin_suggested> */
476 case STATE_RELOGIN:
477 if (content[0] == 'T' || content[0] == 't'|| content[0] == '1')
478 {
479 /* FIXME: this is per-package, the global flag should be computed at runtime */
480 repodata_set_void(pd->data, pd->handle, UPDATE_RELOGIN);
481 repodata_set_void(pd->data, pd->pkghandle, UPDATE_RELOGIN);
482 }
483 break;
484 default:
485 break;
486 }
487 }
488
489 int
repo_add_updateinfoxml(Repo * repo,FILE * fp,int flags)490 repo_add_updateinfoxml(Repo *repo, FILE *fp, int flags)
491 {
492 Pool *pool = repo->pool;
493 Repodata *data;
494 struct parsedata pd;
495
496 data = repo_add_repodata(repo, flags);
497
498 memset(&pd, 0, sizeof(pd));
499 pd.pool = pool;
500 pd.repo = repo;
501 pd.data = data;
502 solv_xmlparser_init(&pd.xmlp, stateswitches, &pd, startElement, endElement);
503 if (solv_xmlparser_parse(&pd.xmlp, fp) != SOLV_XMLPARSER_OK)
504 pd.ret = pool_error(pool, -1, "repo_updateinfoxml: %s at line %u:%u", pd.xmlp.errstr, pd.xmlp.line, pd.xmlp.column);
505 solv_xmlparser_free(&pd.xmlp);
506 join_freemem(&pd.jd);
507
508 if (!(flags & REPO_NO_INTERNALIZE))
509 repodata_internalize(data);
510 return pd.ret;
511 }
512
513 #ifdef SUSE
514
515 static int
repo_mark_retracted_packages_cmp(const void * ap,const void * bp,void * dp)516 repo_mark_retracted_packages_cmp(const void *ap, const void *bp, void *dp)
517 {
518 Id *a = (Id *)ap;
519 Id *b = (Id *)bp;
520 if (a[1] != b[1])
521 return a[1] - b[1];
522 if (a[2] != b[2])
523 return a[2] - b[2];
524 if (a[0] != b[0])
525 return a[0] - b[0];
526 return 0;
527 }
528
529
530 void
repo_mark_retracted_packages(Repo * repo,Id retractedmarker)531 repo_mark_retracted_packages(Repo *repo, Id retractedmarker)
532 {
533 Pool *pool = repo->pool;
534 int i, p;
535 Solvable *s;
536 Id con, *conp;
537 Id retractedname, retractedevr;
538
539 Queue q;
540 queue_init(&q);
541 FOR_REPO_SOLVABLES(repo, p, s)
542 {
543 const char *status;
544 s = pool->solvables + p;
545 if (strncmp(pool_id2str(pool, s->name), "patch:", 6) != 0)
546 {
547 if (s->arch == ARCH_SRC || s->arch == ARCH_NOSRC)
548 continue;
549 queue_push2(&q, p, s->name);
550 queue_push2(&q, s->evr, s->arch);
551 continue;
552 }
553 status = solvable_lookup_str(s, UPDATE_STATUS);
554 if (!status || strcmp(status, "retracted") != 0)
555 continue;
556 if (!s->conflicts)
557 continue;
558 conp = s->repo->idarraydata + s->conflicts;
559 while ((con = *conp++) != 0)
560 {
561 Reldep *rd;
562 Id name, evr, arch;
563 if (!ISRELDEP(con))
564 continue;
565 rd = GETRELDEP(pool, con);
566 if (rd->flags != REL_LT)
567 continue;
568 name = rd->name;
569 evr = rd->evr;
570 arch = 0;
571 if (ISRELDEP(name))
572 {
573 rd = GETRELDEP(pool, name);
574 name = rd->name;
575 if (rd->flags == REL_ARCH)
576 arch = rd->evr;
577 }
578 queue_push2(&q, 0, name);
579 queue_push2(&q, evr, arch);
580 }
581 }
582 if (q.count)
583 solv_sort(q.elements, q.count / 4, sizeof(Id) * 4, repo_mark_retracted_packages_cmp, repo->pool);
584 retractedname = retractedevr = 0;
585 for (i = 0; i < q.count; i += 4)
586 {
587 if (!q.elements[i])
588 {
589 retractedname = q.elements[i + 1];
590 retractedevr = q.elements[i + 2];
591 }
592 else if (q.elements[i + 1] == retractedname && q.elements[i + 2] == retractedevr)
593 {
594 s = pool->solvables + q.elements[i];
595 s->provides = repo_addid_dep(s->repo, s->provides, retractedmarker, 0);
596 }
597 }
598 queue_free(&q);
599 }
600
601 #endif
602