Subject: pkg/36662: pkgtools/pkg_install's audit_packages appears to be platform-specific
To: None <pkg-manager@netbsd.org, gnats-admin@netbsd.org,>
From: None <srcshelton@gmail.com>
List: pkgsrc-bugs
Date: 07/17/2007 15:25:00
>Number:         36662
>Category:       pkg
>Synopsis:       pkgtools/pkg_install's audit_packages appears to be platform-specific
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Jul 17 15:25:00 +0000 2007
>Originator:     Stuart Shelton
>Release:        n/a
>Organization:
>Environment:
IRIX64 octane 6.5 07202013 IP30
>Description:

I've spotted two problems with pkgtools/pkg_install-20070715:

In audit_pacakges.c:

Line 44
'#include <err.h>' is no good on platforms which lack err.h
Correcting this to '#include <nbcompat/err.h>' works.

Line 771
't_pvfile = pvstat.st_ctimespec.tv_sec;' is odd, because I can't find any stat() implementation which returns a 'st_ctimespec' struct (this seems to be entirely *BSD specific)!  Changing this to 't_pvfile = pvstat.st_ctime;' allows the code to compile - but I'm not sure it will do what the author intended.

Further bugs in audit_packages:

Currently, 'pkg-vulnerabilities' is downloaded to '/usr/bsd/src/distfiles/'.  Even if I pass the '-K' flag to audit_packages, it only appears to look in '/usr/bsd/var/db/pkg/'.

If I use the '-v' flag, the output is:
"/usr/bsd/var/db/pkg/pkg-vulnerabilities more than a week old, continuing...
audit-packages: Unable to open: /usr/bsd/var/db/pkg/pkg-vulnerabilities"
... so the code (admittedly, affected by the about change) is calling stat() on a file which doesn't exist before checking if it exists.

If I use '-vv' then I always get:
"Reading settings from: /usr/bsd/etc/audit-packages.conf
debug2: Using PKGDB_DIR: /usr/bsd/var/db/pkg
debug2: Using pkg-vulnerabilities file: /usr/bsd/var/db/pkg/pkg-vulnerabilities
debug2: Using verify tool: /usr/bsd/bin/gpg
debug2: Using ignore directives: Segmentation fault (core dumped)"
... upon which dbx says:
"Core from signal SIGSEGV: Segmentation violation
(dbx) where
>  0 strlen(0x0, 0x2, 0xfb55d08, 0xfb55d10, 0xfb4fbc8, 0x0, 0x1, 0x0) ["/xlv52/patches/7143/work/irix/lib/libc/libc_n32_M4/strings/strlen.s":58, 0xfa43040]
   1 _doprnt_s(0x1, 0xfb4fbe8, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0) ["/xlv52/patches/7143/work/irix/lib/libc/libc_n32_M4/print/inline_doprnt.c":486, 0xfaac360]
   2 <Unknown>() [< unknown >, 0x10004b34]"

This appears to be because IRIX' libc (in common with some other UNIX platforms?) can't seem to handle a NULL argument to *printf().

The fix would appear to be to insert 'if (ignore != NULL)' before line 311.

Finally, running download-vulnerability-list results in audit-packages dying with a Bus Error on lines 172 and 173.

Running this through a debugger, the fault occurs on line 702 of libnbcompat's sha2.c in the function SHA512_Transform

audit-packages from pkg_install-20070416 works perfectly.
>How-To-Repeat:

Attempt to install pkg_install-20070715, attempt to compile on non-NetBSD platform; attempt to use audit-packages.
>Fix:

Reverting to pkg_install-20070416 seems to be the best fix - this compiles cleanly first-time, and audit-packages works just fine and doesn't segfault.