Author: mlandres Date: Wed Jun 4 14:06:05 2008 New Revision: 10338 URL: http://svn.opensuse.org/viewcvs/zypp?rev=10338&view=rev Log: Fix memory corruption in curl media handler Modified: trunk/libzypp/package/libzypp.changes trunk/libzypp/zypp/media/MediaCurl.cc trunk/libzypp/zypp/media/MediaCurl.h Modified: trunk/libzypp/package/libzypp.changes URL: http://svn.opensuse.org/viewcvs/zypp/trunk/libzypp/package/libzypp.changes?r... ============================================================================== --- trunk/libzypp/package/libzypp.changes (original) +++ trunk/libzypp/package/libzypp.changes Wed Jun 4 14:06:05 2008 @@ -1,4 +1,10 @@ ------------------------------------------------------------------- +Wed Jun 4 14:05:09 CEST 2008 - ma@suse.de + +- Fix memory corruption in curl media handler (bnc #396979) +- revision 10338 + +------------------------------------------------------------------- Tue Jun 3 20:00:00 CEST 2008 - ma@suse.de - Take care satsolver recognizes 'Capability( "srcpackage:zypper" )' Modified: trunk/libzypp/zypp/media/MediaCurl.cc URL: http://svn.opensuse.org/viewcvs/zypp/trunk/libzypp/zypp/media/MediaCurl.cc?r... ============================================================================== --- trunk/libzypp/zypp/media/MediaCurl.cc (original) +++ trunk/libzypp/zypp/media/MediaCurl.cc Wed Jun 4 14:06:05 2008 @@ -148,32 +148,30 @@ double uload; zypp::Url url; }; - } -Pathname MediaCurl::_cookieFile = "/var/lib/YaST2/cookies"; -std::string MediaCurl::_agent = "Novell ZYPP Installer"; + /////////////////////////////////////////////////////////////////// -/////////////////////////////////////////////////////////////////// + inline void escape( string & str_r, + const char char_r, const string & escaped_r ) { + for ( string::size_type pos = str_r.find( char_r ); + pos != string::npos; pos = str_r.find( char_r, pos ) ) { + str_r.replace( pos, 1, escaped_r ); + } + } -static inline void escape( string & str_r, - const char char_r, const string & escaped_r ) { - for ( string::size_type pos = str_r.find( char_r ); - pos != string::npos; pos = str_r.find( char_r, pos ) ) { - str_r.replace( pos, 1, escaped_r ); - } -} + inline string escapedPath( string path_r ) { + escape( path_r, ' ', "%20" ); + return path_r; + } -static inline string escapedPath( string path_r ) { - escape( path_r, ' ', "%20" ); - return path_r; -} + inline string unEscape( string text_r ) { + char * tmp = curl_unescape( text_r.c_str(), 0 ); + string ret( tmp ); + curl_free( tmp ); + return ret; + } -static inline string unEscape( string text_r ) { - char * tmp = curl_unescape( text_r.c_str(), 0 ); - string ret( tmp ); - curl_free( tmp ); - return ret; -} + } /////////////////////////////////////////////////////////////////// // @@ -181,6 +179,17 @@ // /////////////////////////////////////////////////////////////////// +Pathname MediaCurl::_cookieFile = "/var/lib/YaST2/cookies"; + +const char *const MediaCurl::agentString() +{ + static const std::string _value( str::form( "ZYpp %s (curl %s)", + VERSION, + curl_version_info(CURLVERSION_NOW)->version ) ); + return _value.c_str(); +} + + MediaCurl::MediaCurl( const Url & url_r, const Pathname & attach_point_hint_r ) : MediaHandler( url_r, attach_point_hint_r, @@ -214,12 +223,6 @@ if( atemp != NULL) ::free(atemp); } - - // set the right user agent string - curl_version_info_data *version_data; - version_data = curl_version_info(CURLVERSION_NOW); - _agent = str::form("ZYpp %s (curl %s)", VERSION, version_data->version); - } void MediaCurl::setCookieFile( const Pathname &fileName ) @@ -351,7 +354,7 @@ ZYPP_THROW(MediaCurlSetOptException(_url, _curlError)); } - ret = curl_easy_setopt ( _curl, CURLOPT_USERAGENT, _agent.c_str() ); + ret = curl_easy_setopt ( _curl, CURLOPT_USERAGENT, agentString() ); if ( ret != 0) { @@ -434,7 +437,7 @@ ZYPP_THROW(MediaCurlSetOptException(_url, _curlError)); } - ret = curl_easy_setopt ( _curl, CURLOPT_USERAGENT, _agent.c_str() ); + ret = curl_easy_setopt ( _curl, CURLOPT_USERAGENT, agentString() ); if ( ret != 0) { disconnectFrom(); ZYPP_THROW(MediaCurlSetOptException(_url, _curlError)); @@ -1537,7 +1540,7 @@ // (this callback is called much more often than a second) // otherwise the values would be far from accurate when measuring // the time in seconds - //! \todo more accurate download rate computationn, e.g. compute average value from last 5 seconds, or work with milliseconds instead of seconds + //! \todo more accurate download rate computationn, e.g. compute average value from last 5 seconds, or work with milliseconds instead of seconds if ( pdata->secs > 1 && (dif > 0 || dlnow == dltotal )) pdata->drate_avg = (dlnow / pdata->secs); Modified: trunk/libzypp/zypp/media/MediaCurl.h URL: http://svn.opensuse.org/viewcvs/zypp/trunk/libzypp/zypp/media/MediaCurl.h?re... ============================================================================== --- trunk/libzypp/zypp/media/MediaCurl.h (original) +++ trunk/libzypp/zypp/media/MediaCurl.h Wed Jun 4 14:06:05 2008 @@ -42,7 +42,7 @@ /** * Repeatedly calls doGetDoesFileExist() until it successfully returns, * fails unexpectedly, or user cancels the operation. This is used to - * handle authentication or similar retry scenarios on media level. + * handle authentication or similar retry scenarios on media level. */ virtual bool getDoesFileExist( const Pathname & filename ) const; @@ -94,6 +94,10 @@ static int progressCallback( void *clientp, double dltotal, double dlnow, double ultotal, double ulnow ); + + /** The user agent string */ + static const char *const agentString(); + private: /** * Return a comma separated list of available authentication methods @@ -114,7 +118,6 @@ long _xfer_timeout; static Pathname _cookieFile; - static std::string _agent; }; /////////////////////////////////////////////////////////////////// -- To unsubscribe, e-mail: zypp-commit+unsubscribe@opensuse.org For additional commands, e-mail: zypp-commit+help@opensuse.org