Ubuntu
apt package

apt-ftparchive might write corrupt Release files

Bug #46439 reported by Martin Stjernholm
8
Affects Status Importance Assigned to Milestone
apt (Ubuntu)
Fix Released
Medium
Dereck Wonnacott
Ubuntu intrepid-alpha-6

Bug Description

Binary package hint: apt-utils

If apt-ftparchive finds stuff to warn about, it can insert a rogue newline into stdout which ends up in the Release file. E.g:

> apt-ftparchive release .
Date: Wed, 24 May 2006 20:16:47 UTC

W: Unable to stat ./video-tools/faac-1.24+cvs20060416/debian/libfaac-dev/usr/lib/libfaac.so
W: Unable to stat ./video-tools/ffmpegcvs-20060430/debian/libpostproccvs51-dev/usr/lib/libpostproc.so
W: Unable to stat ./video-tools/ffmpegcvs-20060430/debian/libavcodeccvs51-dev/usr/lib/libavcodec.so
W: Unable to stat ./video-tools/ffmpegcvs-20060430/debian/libavcodeccvs51-dev/usr/lib/libavformat.so
W: Unable to stat ./video-tools/ffmpegcvs-20060430/debian/libavutilcvs49-dev/usr/lib/libavutil.so
W: Unable to stat ./video-tools/faad2-2.0.0+cvs20060416/debian/libfaad2-dev/usr/lib/libfaad.so
MD5Sum:
 836fee422b2348096030acec2df19791 26917 Packages
 21df94c6cb7764433b67f6a4e1ca111c 424 Release
 a89da3024e1bad4f79bd331b5f85b79f 7847 Sources
SHA1:
 54af1cbaa6d2daa2e4088a63caff1941c4286805 26917 Packages
 b60102f0dc32942c6a7d8609bbffd140a3fbfac5 424 Release
 8cd9015b53cb48fcb19a35bbfeb1373565f8da97 7847 Sources

(Not sure how much this text box on the bug report page messes up the output above, but the problem is an empty line between "Date:" and the first "W:".)

The cause is this bit in ftparchive/writer.h:

   inline void NewLine(unsigned Priority)
   {
      if (ErrorPrinted == false && Quiet <= Priority)
      {
  cout << endl;
  ErrorPrinted = true;
      }
   }

Although the warning messages themselves goes to stderr as they should, this padding newline is sent to stdout.

Workaround: Use apt-ftparchive -q -q

apt-utils is 0.6.40.1ubuntu10.

Revision history for this message
Marco Rodrigues (gothicx) wrote :

If this bug still happen with newer ubuntu release, please re-open it!

Changed in apt:
assignee: nobody → gothicx
status: New → Fix Released
Revision history for this message
Martin Stjernholm (msub) wrote :

Although I haven't had the energy to verify the source this time, I can confirm that it still happens in gutsy. I.e. -q -q is necessary to avoid an extra newline in the Release file.

Side note: This bug gets a bit more annoying since "aptitude update" silently skips invalid Release files, thereby leaving one in the dark as to why one's archive is ignored. "apt-get update" is more honest.

apt-utils is 0.7.6ubuntu14 this time.

Revision history for this message
Martin Stjernholm (msub) wrote :

Reopened.

Changed in apt:
status: Fix Released → New
Rich Johnson (nixternal)
Changed in apt:
assignee: gothicx → nobody
Dereck Wonnacott (dereck)
Changed in apt:
assignee: nobody → dereck
milestone: none → intrepid-alpha-6
status: New → In Progress
Revision history for this message
Dereck Wonnacott (dereck) wrote :

The newline is sent to make sure that the error does not print at the end of some other line. It is only ever printed as part of the first error message, so I set it to print on the same stream as errors rather than stdout. Seems simple enough.

Changed in apt:
status: In Progress → Triaged
Revision history for this message
Michael Vogt (mvo) wrote :

Thanks for your bugreport and your patch!

I commited the fix into my bzr tree and it will be part of the next upload.

Changed in apt:
status: Triaged → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apt - 0.7.14ubuntu4

---------------
apt (0.7.14ubuntu4) intrepid; urgency=low

  [ Michael Vogt ]
  * apt-pkg/deb/dpkgpm.cc:
    - fix uninitialized variable that caused no apport reports
      to be written sometimes (thanks to Matt Zimmerman)
  * merge patch that enforces stricter https server certificate
    checking (thanks to Arnaud Ebalard, closes: #485960)
  * allow per-mirror specific https settings
    (thanks to Arnaud Ebalard, closes: #485965)
  * add doc/examples/apt-https-method-example.cof
    (thanks to Arnaud Ebalard, closes: #485964)
  * add DPkg::NoTriggers option so that applications that call
    apt/aptitude (like the installer) defer trigger processing
    (thanks to Joey Hess)
  * document --install-recommends and --no-install-recommends
    (thanks to Dereck Wonnacott, LP: #126180)

  [ Dereck Wonnacott ]
  * apt-ftparchive might write corrupt Release files (LP: #46439)
  * Apply --important option to apt-cache depends (LP: #16947)

 -- Michael Vogt <email address hidden> Tue, 05 Aug 2008 10:10:49 +0200

Changed in apt:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Related questions

Remote bug watches

Bug watches keep track of this bug in other bug trackers.