Detected by clang scan-build static code analyzer.
* Don't attempt to free an uninitialized gpgme key variable
* Initialize answer variable before asking frontend a question
* Pass by reference instead of value if uninitialized fields are
possible in download signal handler code
* Ensure we never call strlen() on NULL payload->remote_name value
Signed-off-by: Dan McGee <dan@archlinux.org>
Not sure why this one wasn't showing up on x86_64, but this fixes the
compile on i686.
diskspace.c: In function 'calculate_removed_size':
diskspace.c:247:4: error: assuming signed overflow does not occur when negating a division [-Werror=strict-overflow]
cc1: all warnings being treated as errors
Signed-off-by: Dan McGee <dan@archlinux.org>
If the PKGBUILD isn't writeable for devel_update, throw a warning
instead of silently ignoring it. Some logical reordering is present in
this patch to reduce the number of nested if's.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
It's expected that this will lead to unwanted behavior, and needs
widespread testing. It's desirable to commit this for a few reasons:
- there's no reason we can't do our own error checking for code that we
write.
- it avoids the need for ||true hacks scattered about in the code.
- it makes us immune to upstream changes in exit codes (FS#28248)
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
This fixes a bunch of small issues in order to enable a clean
successful build with a crazy number of GCC warning flags. A lot of
these changes are covered by -Wshadow, -Wformat-security, and
-Wstrict-overflow=5.
Signed-off-by: Dan McGee <dan@archlinux.org>
- Use LT_INIT over AC_PROG_LIBTOOL, as the latter is a deprecated alias
for the former.
- Remove redundant macros which are called implicitly by LT_INIT.
- Remove unneeded AC_PROG_CXX call (we don't use c++ anywhere)
- Add AC_CONFIG_MACRO_DIR([m4]) -- not strictly necessary, but added for
consistency with autogen.sh and Makefile.am
ref: http://www.gnu.org/software/libtool/manual/html_node/LT_005fINIT.html
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Continue the trend of not touching the environment CFLAGS, ensuring that
the user always has the final say.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
- handle gpgme libs and cflags separately rather than appending to
CFLAGS and LDFLAGS
- be consistent in AC_LINK_IFELSE check for gpgme 1.3.0 (though this is
irrelephant since we don't actually run)
- be consistent with usage of "have" and "with" variables (this
actually ends up reducing SLOC)
- when voluntary detection fails, unset GPGME_CFLAGS and GPGME_LIBS
- when requested support fails the version check, complain about the min
version.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Extend our grep pattern to match TRUST_ULTIMATE, not just TRUST_FULLY,
as these keys are to be trusted as well.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Make these functions more whitespace space by treating newlines as the
element delimiter rather than every form of whitespace.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This was a small oversight from 1917c845 which causes makepkg to write
provides entries to the .PKGINFO file improperly, e.g.
provides = systemdlibsystemdudev=999
Add a newline in the printf format to ensure that these are spaced
appropriately.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Failure isn't always due to the package file location not existing;
permission issues can also play a part on something like a FUSE-based
filesystem inaccessible to root.
Signed-off-by: Dan McGee <dan@archlinux.org>
We use interfaces first introduced in gpgme-1.3.0 so test we have
at least that version.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
The initial patch to implement this achieved nothing apart from
adding a configure option. This patch makes that configure option
do what it advertises.
Note that specifing any shell apart from /bin/sh causes testsuite
failures as /bin/sh is the only shell in the testing environment.
Bug-found-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
In preparation for the removal of the global error trap we need a
way to ensure changing directories succeeds. Add a "cd_safe"
wrapper that performs the necessary check.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Also make sure the strings passed to %s in printf are always quoted.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Only displays groups that haven't appeared yet..
Previously 'pacman -Sg' iterated over syncs, printed every group.
This change does not affect '-Sgg' which still orders by sync first.
To reproduce, on a current Arch Linux with [extra] and [community]:
$ pacman -Sg|sort|uniq -c|sort -n
[...]
1 xorg-fonts
2 vim-plugins
2 xfce4-goodies
Signed-off-by: Pierre <pierre@spotify.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
This was really only half a fix for FS#28445, as it still doesn't
correctly handle the case of filenames with spaces. In the short term,
there is no obvious fix for this. In the long term, I believe the
correct decision is to rewrite the options parser to be more in line
with GNU getopt_long.
This reverts commits:
ca41427141.
969dcddbdf.
This has been 0 since 9fa18d9a4b, but it
doesn't makes sense because we are raising an error.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
We cannot rely on gpg's exit code. Instead we have to check the status-fd to
figure out whether a signature is valid or not.
In addition to this pacman-key --verify can now be used in scripts as it will
return an exit code of 1 if the signature is invalid.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
This matches the optimization made to repo-add in commit 8bbaf045b9
way back in 2009. We don't need to read the whole package file to ensure
multiple .PKGINFO entries don't exist, as well-formed packages should
have this file first in the archive.
Signed-off-by: Dan McGee <dan@archlinux.org>
Dan was right. This should have been FREE(), not free().
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
