On Wed, 18 May 2011 20:03:09 -0500 Jonathan Nieder wrote: > Francesco Poli wrote: > > > I hope I manage to find the time to test your patch soon... > > > > Do you think your patch is copyrighted by you, or is it trivial enough > > that it is not covered by copyright? > > It's trivial imho.
OK, I agree. > I just looked at the code and this seemed to be > the most obvious missing piece of input validation. I applied your patch and tested it inside a sid chroot environment with $ cat /tmp/log | apt-listbugs apt When /tmp/log is the output of the apt VERSION 2 hook interface, everything works as intended. If I manually edit /tmp/log so that one of the package action lines includes 4 fields (rather than 5), apt-listbugs correctly exits with an error. Without your patch, the manually edited /tmp/log produces the well known E: private method `chomp!' called for nil:NilClass error. So, in summary, your patch seems to correctly prevent this possible cause of `chomp!' method invocation for a nil object. > > Note that this would *not* fix the underlying problem, which was > probably a cupt bug, or me hitting ^C at the wrong moment, or cosmic > rays, or whatever. But that seems fine to me --- as long as > apt-listbugs is defensive about the input it gets, it should be easier > to diagnose the problem the next time someone runs into something like > this. Your patch certainly makes it easier to understand what's going wrong in the apt VERSION 2 hook interface output. I would like to push the changes to the public git repository, but alioth is currently down for maintenance [1][2][3]... :-( By the way, have you got any more recent news about the status of alioth? It should have been back up and running by Sunday late afternoon... :-/ [1] http://lists.debian.org/debian-infrastructure-announce/2011/05/msg00000.html [2] http://lists.debian.org/debian-devel-announce/2011/05/msg00007.html [3] http://lists.debian.org/debian-devel-announce/2011/05/msg00008.html -- http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt New GnuPG key, see the transition document! ..................................................... Francesco Poli . GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE
pgp1FGjqvRycs.pgp
Description: PGP signature
