From 55a65aaf904a32bcf59c652cbc03fc510c265142 Mon Sep 17 00:00:00 2001 From: Andrew Gregory Date: Mon, 3 Jun 2019 00:32:35 -0700 Subject: makepkg: restrict pkgname and pkgver to ascii pkgname and pkgver are used as directory names within database files. libarchive does not provide a reliable locale-independent method for reading archive file names, causing errors when archive paths include non-ascii characters. This is a first step toward dealing with FS#49342, by hopefully reducing the number of packages with non-ascii data in the wild before updating libalpm to reject them outright. See https://github.com/libarchive/libarchive/wiki/Filenames and https://github.com/libarchive/libarchive/issues/587 Signed-off-by: Andrew Gregory Signed-off-by: Allan McRae --- scripts/libmakepkg/lint_pkgbuild/pkgname.sh.in | 4 ++++ scripts/libmakepkg/lint_pkgbuild/pkgver.sh.in | 5 +++++ 2 files changed, 9 insertions(+) diff --git a/scripts/libmakepkg/lint_pkgbuild/pkgname.sh.in b/scripts/libmakepkg/lint_pkgbuild/pkgname.sh.in index 84666a29..51a25d2c 100644 --- a/scripts/libmakepkg/lint_pkgbuild/pkgname.sh.in +++ b/scripts/libmakepkg/lint_pkgbuild/pkgname.sh.in @@ -45,6 +45,10 @@ lint_one_pkgname() { error "$(gettext "%s is not allowed to start with a dot.")" "$type" ret=1 fi + if [[ $name = *[![:ascii:]]* ]]; then + error "$(gettext "%s may only contain ascii characters.")" "$type" + return 1 + fi if [[ $name = *[^[:alnum:]+_.@-]* ]]; then error "$(gettext "%s contains invalid characters: '%s'")" \ "$type" "${name//[[:alnum:]+_.@-]}" diff --git a/scripts/libmakepkg/lint_pkgbuild/pkgver.sh.in b/scripts/libmakepkg/lint_pkgbuild/pkgver.sh.in index 8d5d04f1..b0f45027 100644 --- a/scripts/libmakepkg/lint_pkgbuild/pkgver.sh.in +++ b/scripts/libmakepkg/lint_pkgbuild/pkgver.sh.in @@ -41,6 +41,11 @@ check_pkgver() { error "$(gettext "%s is not allowed to contain colons, forward slashes, hyphens or whitespace.")" "pkgver${type:+ in $type}" return 1 fi + + if [[ $ver = *[![:ascii:]]* ]]; then + error "$(gettext "%s may only contain ascii characters.")" "pkgver${type:+ in $type}" + return 1 + fi } lint_pkgver() { -- cgit v1.2.3-70-g09d2