*/
MD5SumValue debListParser::Description_md5()
{
- string value = Section.FindS("Description-md5");
-
- if (value.empty())
+ string const value = Section.FindS("Description-md5");
+ if (value.empty() == true)
{
MD5Summation md5;
md5.Add((Description() + "\n").c_str());
return md5.Result();
- } else
- return MD5SumValue(value);
+ }
+ else if (likely(value.size() == 32))
+ {
+ if (likely(value.find_first_not_of("0123456789abcdefABCDEF") == string::npos))
+ return MD5SumValue(value);
+ _error->Error("Malformed Description-md5 line; includes invalid character '%s'", value.c_str());
+ return MD5SumValue();
+ }
+ _error->Error("Malformed Description-md5 line; doesn't have the required length (32 != %d) '%s'", (int)value.size(), value.c_str());
+ return MD5SumValue();
}
/*}}}*/
// ListParser::UsePackage - Update a package structure /*{{{*/
- use the correct library name the symbols header
* apt-pkg/pkgcachegen.cc:
- check if NewDescription allocation has failed and error out accordingly
+ * apt-pkg/deb/deblistparser.cc:
+ - check length and containing chars for a given description md5sum
- -- David Kalnischkies <kalnischkies@gmail.com> Wed, 02 May 2012 21:59:02 +0200
+ -- David Kalnischkies <kalnischkies@gmail.com> Wed, 02 May 2012 22:28:32 +0200
apt (0.9.2) unstable; urgency=low