A segfault in xbps-create(1) was found in:
https://github.com/void-linux/void-packages/pull/7524
xbps-create adds a file type string to the xentry for every file it
finds in `destdir`, files other than symlinks, regular files and
directories weren't handled and resulted in a segfault later when
when processing the xentry structures.
This commit adds checks for sockets and fifos and exits with an
appropriate error message or with a generic error message for every
other unhandled file.
Closes#66
This is the first commit in a series to make xbps-create build
reproducable packages.
xbps-create uses nftw(3) to walk through all files. As nftw doesn't
sort files it may happen that the resulting packages will have
different checksums due to differentiating orders of files on
different filesystems.
To solve this issue xbps-create uses xbps_directory_t, which is always
sorted, instead of a simple linked list.
The latter could be too expensive, and we only care for the data to be written
to the binary package because a bit later we rename() the temporary file,
which will ensure a data flush to disk.
There's no reason to make them absolute, simply store in the metadata
the target file as is. This vastly simplifies the code and makes all
test pass correctly.
Rather than using a random buffer from stack or heap, and decide
what size to use, create a private memory mapped object...
This simplifies the code in lib/verifysig.c and xbps-create.
xz -9 is very expensive in terms of CPU and memory usage, and also
memory usage for decompression. Thus we stick to default of -6 for
xz. For gzip and bzip2, -9 is ok.
There's not much point in using FTW_MOUNT anyway because we don't care
if files are in another filesystem. This makes it work with musl
(which uses a different behaviour when FTW_MOUNT is set).
The list of required external deps is now confuse, libarchive and openssl.
libxbps now includes a wrapper for proplib prefixed with xbps_ rather than prop_.
