~mvo/aptdaemon/fix-702217

« back to all changes in this revision

Viewing changes to aptdaemon/worker.py

Committer: Michael Vogt
Date: 2011-02-22 15:17:46 UTC
mfrom: (585.1.1 exploit)
Revision ID: michael.vogt@ubuntu.com-20110222151746-i438qyzujhd2ys05

merged lp722228 fix from glatzor

files added:
tests/regressions

tests/regressions/aptdaemon

tests/regressions/test_lp722228.py

files modified:
aptdaemon/worker.py

Show diffs side-by-side

added added

removed removed

aptdaemon/worker.py

696

snippet by the given file name.

697

"""

698

log.info("Updating cache")

699

def compare_pathes(first, second):

700

"""Small helper to compare two pathes."""

701

return os.path.normpath(first) == os.path.normpath(second)

699

702

progress = DaemonAcquireProgress(trans, begin=10, end=95)

700

703

if sources_list and not sources_list.startswith("/"):

701

704

dir = apt_pkg.config.find_dir("Dir::Etc::sourceparts")

702

705

sources_list = os.path.join(dir, sources_list)

706

if sources_list:

707

# For security reasons (LP #722228) we only allow files inside

708

# sources.list.d as basedir

709

basedir = apt_pkg.config.find_dir("Dir::Etc::sourceparts")

710

system_sources = apt_pkg.config.find_file("Dir::Etc::sourcelist")

711

if "/" in sources_list:

712

sources_list = os.path.abspath(sources_list)

713

# Check if the sources_list snippet is in the sourceparts

714

# directory

715

common_prefix = os.path.commonprefix([sources_list, basedir])

716

if not (compare_pathes(common_prefix, basedir) or

717

compare_pathes(sources_list, system_sources)):

718

raise AptDaemonError("Only alternative sources.list files "

719

"inside '%s' are allowed (not '%s')" \

720

% (basedir, sources_list))

721

else:

722

sources_list = os.path.join(basedir, sources_list)

703

723

try:

704

724

self._cache.update(progress, sources_list=sources_list)

705

725

except apt.cache.FetchFailedException, error:

Older »