* bug#28602: Unpack fails with no error message when using a .zip source
@ 2017-09-25 20:10 nee
2017-10-04 18:17 ` Adonay Felipe Nogueira
2017-10-09 21:00 ` bug#28602: [PATCH] guix: gnu-build-system: warn about missing unzip input unzip nee
0 siblings, 2 replies; 8+ messages in thread
From: nee @ 2017-09-25 20:10 UTC (permalink / raw)
To: 28602
Hello,
right now unpacking .zip sources only works when unzip is added as
native input. That's all right, but there is no error message, just:
starting phase `unpack'
phase `unpack' failed after 0.0 seconds
It should say something like:
starting phase `unpack'
Archive with .zip suffix failed to unpack. Please add unzip as
native-input to the package, e.g. (native-inputs `(("unzip" ,unzip)))
phase `unpack' failed after 0.0 seconds
I tested this in the cmake-build-system
^ permalink raw reply [flat|nested] 8+ messages in thread
* bug#28602: Unpack fails with no error message when using a .zip source
2017-09-25 20:10 bug#28602: Unpack fails with no error message when using a .zip source nee
@ 2017-10-04 18:17 ` Adonay Felipe Nogueira
2017-10-09 21:05 ` nee
2017-10-09 21:00 ` bug#28602: [PATCH] guix: gnu-build-system: warn about missing unzip input unzip nee
1 sibling, 1 reply; 8+ messages in thread
From: Adonay Felipe Nogueira @ 2017-10-04 18:17 UTC (permalink / raw)
To: 28602
Does the .zip file have a a single directory on the root?
If not, then we can call it a zipbomb/tarbomb. These bombs are bad
because they can replace things without notice, and can be very
difficult to track what was added. Last time I checked Guix expects only
a single directory in the root of the file --- this might have changed,
but I didn't test it since one year ago.
nee <nee@cock.li> writes:
> Hello,
>
> right now unpacking .zip sources only works when unzip is added as
> native input. That's all right, but there is no error message, just:
>
> starting phase `unpack'
> phase `unpack' failed after 0.0 seconds
>
> It should say something like:
>
> starting phase `unpack'
> Archive with .zip suffix failed to unpack. Please add unzip as
> native-input to the package, e.g. (native-inputs `(("unzip" ,unzip)))
> phase `unpack' failed after 0.0 seconds
>
> I tested this in the cmake-build-system
--
- https://libreplanet.org/wiki/User:Adfeno
- Palestrante e consultor sobre /software/ livre (não confundir com
gratis).
- "WhatsApp"? Ele não é livre. Por favor, use o GNU Ring ou o Tox.
- Contato: https://libreplanet.org/wiki/User:Adfeno#vCard
- Arquivos comuns aceitos (apenas sem DRM): Corel Draw, Microsoft
Office, MP3, MP4, WMA, WMV.
- Arquivos comuns aceitos e enviados: CSV, GNU Dia, GNU Emacs Org, GNU
GIMP, Inkscape SVG, JPG, LibreOffice (padrão ODF), OGG, OPUS, PDF
(apenas sem DRM), PNG, TXT, WEBM.
^ permalink raw reply [flat|nested] 8+ messages in thread
* bug#28602: [PATCH] guix: gnu-build-system: warn about missing unzip input unzip
2017-09-25 20:10 bug#28602: Unpack fails with no error message when using a .zip source nee
2017-10-04 18:17 ` Adonay Felipe Nogueira
@ 2017-10-09 21:00 ` nee
2021-07-05 11:46 ` bug#28602: Unpack fails with no error message when using a .zip source zimoun
1 sibling, 1 reply; 8+ messages in thread
From: nee @ 2017-10-09 21:00 UTC (permalink / raw)
To: 28602
[-- Attachment #1: Type: text/plain, Size: 179 bytes --]
Hello here is a patch to fix this bug. It changes the gnu-build-system,
so the hashes of almost all packages will also change. I guess
core-updates is the right branch for this.
[-- Attachment #2: 0001-guix-gnu-build-system-warn-about-missing-unzip-input.patch --]
[-- Type: text/x-patch, Size: 1736 bytes --]
From 089b9741a734f0682a671df6c0c36dfefcbd407c Mon Sep 17 00:00:00 2001
From: nee <nee.git@cock.li>
Date: Mon, 9 Oct 2017 22:49:12 +0200
Subject: [PATCH] guix: gnu-build-system: warn about missing unzip input during
unpack.
---
guix/build/gnu-build-system.scm | 17 ++++++++++++++++-
1 file changed, 16 insertions(+), 1 deletion(-)
diff --git a/guix/build/gnu-build-system.scm b/guix/build/gnu-build-system.scm
index e37b75140..c16d15964 100644
--- a/guix/build/gnu-build-system.scm
+++ b/guix/build/gnu-build-system.scm
@@ -67,6 +67,21 @@ See https://reproducible-builds.org/specs/source-date-epoch/."
#f
dir))
+(define (unzip filepath)
+ "Unzip archive file.
+Warn the user when unzip fails and the executable is not present."
+ (define exit-code (system* "unzip" filepath))
+ (define program-not-found-code 32512)
+ (cond ((zero? exit-code) #t)
+ ((eqv? exit-code program-not-found-code)
+ (format (current-error-port)
+ "warning: Archive with .zip suffix failed to unpack.
+Please add unzip as native-input to the package,
+e.g. (native-inputs `((\"unzip\" ,unzip)))")
+ (newline (current-error-port))
+ #f)
+ (else #f)))
+
(define* (set-paths #:key target inputs native-inputs
(search-paths '()) (native-search-paths '())
#:allow-other-keys)
@@ -154,7 +169,7 @@ working directory."
#:keep-mtime? #t)
#t)
(and (if (string-suffix? ".zip" source)
- (zero? (system* "unzip" source))
+ (unzip source)
(zero? (system* "tar" "xvf" source)))
(chdir (first-subdirectory ".")))))
--
2.14.1
^ permalink raw reply related [flat|nested] 8+ messages in thread
* bug#28602: Unpack fails with no error message when using a .zip source
2017-10-04 18:17 ` Adonay Felipe Nogueira
@ 2017-10-09 21:05 ` nee
0 siblings, 0 replies; 8+ messages in thread
From: nee @ 2017-10-09 21:05 UTC (permalink / raw)
To: Adonay Felipe Nogueira; +Cc: 28602
Am 04.10.2017 um 20:17 schrieb Adonay Felipe Nogueira:
> Does the .zip file have a a single directory on the root?
>
> If not, then we can call it a zipbomb/tarbomb. These bombs are bad
> because they can replace things without notice, and can be very
> difficult to track what was added. Last time I checked Guix expects only
> a single directory in the root of the file --- this might have changed,
> but I didn't test it since one year ago.
Hello, this is a different problem. Tarbombs are still a problem, but
unrelated to this.
The gnu-build-system does not have unzip by default. If a package's
source comes in a zip the package must have unzip as native-input. If it
isn't the (system* "unzip" source) call in the unpack function will fail
because there is no unzip executable.
Happy hacking!
^ permalink raw reply [flat|nested] 8+ messages in thread
* bug#28602: Unpack fails with no error message when using a .zip source
2017-10-09 21:00 ` bug#28602: [PATCH] guix: gnu-build-system: warn about missing unzip input unzip nee
@ 2021-07-05 11:46 ` zimoun
2021-11-26 1:49 ` bug#28602: [core-updates] " zimoun
0 siblings, 1 reply; 8+ messages in thread
From: zimoun @ 2021-07-05 11:46 UTC (permalink / raw)
To: nee; +Cc: 28602
Hi,
Thanks for the patch and sorry for the delay.
On Mon, 09 Oct 2017 at 23:00, nee <nee@cock.li> wrote:
> Hello here is a patch to fix this bug. It changes the gnu-build-system,
> so the hashes of almost all packages will also change. I guess
> core-updates is the right branch for this.
>
>>From 089b9741a734f0682a671df6c0c36dfefcbd407c Mon Sep 17 00:00:00 2001
> From: nee <nee.git@cock.li>
> Date: Mon, 9 Oct 2017 22:49:12 +0200
> Subject: [PATCH] guix: gnu-build-system: warn about missing unzip input during
> unpack.
>
> ---
> guix/build/gnu-build-system.scm | 17 ++++++++++++++++-
> 1 file changed, 16 insertions(+), 1 deletion(-)
>
> diff --git a/guix/build/gnu-build-system.scm b/guix/build/gnu-build-system.scm
> index e37b75140..c16d15964 100644
> --- a/guix/build/gnu-build-system.scm
> +++ b/guix/build/gnu-build-system.scm
> @@ -67,6 +67,21 @@ See https://reproducible-builds.org/specs/source-date-epoch/."
> #f
> dir))
>
> +(define (unzip filepath)
> + "Unzip archive file.
> +Warn the user when unzip fails and the executable is not present."
> + (define exit-code (system* "unzip" filepath))
> + (define program-not-found-code 32512)
> + (cond ((zero? exit-code) #t)
> + ((eqv? exit-code program-not-found-code)
> + (format (current-error-port)
> + "warning: Archive with .zip suffix failed to unpack.
> +Please add unzip as native-input to the package,
> +e.g. (native-inputs `((\"unzip\" ,unzip)))")
> + (newline (current-error-port))
> + #f)
> + (else #f)))
Give a look at 'invoke' from (guix build utils).
> (define* (set-paths #:key target inputs native-inputs
> (search-paths '()) (native-search-paths '())
> #:allow-other-keys)
> @@ -154,7 +169,7 @@ working directory."
> #:keep-mtime? #t)
> #t)
> (and (if (string-suffix? ".zip" source)
> - (zero? (system* "unzip" source))
> + (unzip source)
> (zero? (system* "tar" "xvf" source)))
> (chdir (first-subdirectory ".")))))
After 9a87649c863e1ff8b073b356875eb05eecedbcf7, this part uses 'invoke'.
Instead of your 'unzip', the exception raised by 'invoke' should be
catched and then should trigger the hint message. WDYT?
All the best,
simon
^ permalink raw reply [flat|nested] 8+ messages in thread
* bug#28602: [core-updates] Unpack fails with no error message when using a .zip source
2021-07-05 11:46 ` bug#28602: Unpack fails with no error message when using a .zip source zimoun
@ 2021-11-26 1:49 ` zimoun
2022-01-04 22:55 ` bug#28602: " zimoun
0 siblings, 1 reply; 8+ messages in thread
From: zimoun @ 2021-11-26 1:49 UTC (permalink / raw)
To: nee; +Cc: 28602
Hi,
This patch [1] had been submitted in 2017 and fallen in the cracks. The
code below requires improvement and I am not convinced by the feature.
Therefore closing?
<http://issues.guix.gnu.org/issue/28602
On Mon, 05 Jul 2021 at 13:46, zimoun <zimon.toutoune@gmail.com> wrote:
> On Mon, 09 Oct 2017 at 23:00, nee <nee@cock.li> wrote:
>> Hello here is a patch to fix this bug. It changes the gnu-build-system,
>> so the hashes of almost all packages will also change. I guess
>> core-updates is the right branch for this.
>>
>>>>From 089b9741a734f0682a671df6c0c36dfefcbd407c Mon Sep 17 00:00:00 2001
>> From: nee <nee.git@cock.li>
>> Date: Mon, 9 Oct 2017 22:49:12 +0200
>> Subject: [PATCH] guix: gnu-build-system: warn about missing unzip input during
>> unpack.
>>
>> ---
>> guix/build/gnu-build-system.scm | 17 ++++++++++++++++-
>> 1 file changed, 16 insertions(+), 1 deletion(-)
>>
>> diff --git a/guix/build/gnu-build-system.scm b/guix/build/gnu-build-system.scm
>> index e37b75140..c16d15964 100644
>> --- a/guix/build/gnu-build-system.scm
>> +++ b/guix/build/gnu-build-system.scm
>> @@ -67,6 +67,21 @@ See https://reproducible-builds.org/specs/source-date-epoch/."
>> #f
>> dir))
>>
>> +(define (unzip filepath)
>> + "Unzip archive file.
>> +Warn the user when unzip fails and the executable is not present."
>> + (define exit-code (system* "unzip" filepath))
>> + (define program-not-found-code 32512)
>> + (cond ((zero? exit-code) #t)
>> + ((eqv? exit-code program-not-found-code)
>> + (format (current-error-port)
>> + "warning: Archive with .zip suffix failed to unpack.
>> +Please add unzip as native-input to the package,
>> +e.g. (native-inputs `((\"unzip\" ,unzip)))")
>> + (newline (current-error-port))
>> + #f)
>> + (else #f)))
>
> Give a look at 'invoke' from (guix build utils).
>
>> (define* (set-paths #:key target inputs native-inputs
>> (search-paths '()) (native-search-paths '())
>> #:allow-other-keys)
>> @@ -154,7 +169,7 @@ working directory."
>> #:keep-mtime? #t)
>> #t)
>> (and (if (string-suffix? ".zip" source)
>> - (zero? (system* "unzip" source))
>> + (unzip source)
>> (zero? (system* "tar" "xvf" source)))
>> (chdir (first-subdirectory ".")))))
>
> After 9a87649c863e1ff8b073b356875eb05eecedbcf7, this part uses 'invoke'.
> Instead of your 'unzip', the exception raised by 'invoke' should be
> catched and then should trigger the hint message. WDYT?
Cheers,
simon
^ permalink raw reply [flat|nested] 8+ messages in thread
* bug#28602: Unpack fails with no error message when using a .zip source
2021-11-26 1:49 ` bug#28602: [core-updates] " zimoun
@ 2022-01-04 22:55 ` zimoun
2022-03-23 10:37 ` zimoun
0 siblings, 1 reply; 8+ messages in thread
From: zimoun @ 2022-01-04 22:55 UTC (permalink / raw)
To: nee; +Cc: 28602
Hi,
On Fri, 26 Nov 2021 at 02:49, zimoun <zimon.toutoune@gmail.com> wrote:
> This patch [1] had been submitted in 2017 and fallen in the cracks. The
> code below requires improvement and I am not convinced by the feature.
> Therefore closing?
>
> <http://issues.guix.gnu.org/issue/28602
If no answer before the next release [1], I will close it.
1: <https://lists.gnu.org/archive/html/guix-devel/2022-01/msg00055.html>
Cheers,
simon
^ permalink raw reply [flat|nested] 8+ messages in thread
* bug#28602: Unpack fails with no error message when using a .zip source
2022-01-04 22:55 ` bug#28602: " zimoun
@ 2022-03-23 10:37 ` zimoun
0 siblings, 0 replies; 8+ messages in thread
From: zimoun @ 2022-03-23 10:37 UTC (permalink / raw)
To: nee; +Cc: 28602-done
Hi,
On Tue, 04 Jan 2022 at 23:55, zimoun <zimon.toutoune@gmail.com> wrote:
> On Fri, 26 Nov 2021 at 02:49, zimoun <zimon.toutoune@gmail.com> wrote:
>
>> This patch [1] had been submitted in 2017 and fallen in the cracks. The
>> code below requires improvement and I am not convinced by the feature.
>> Therefore closing?
>>
>> <http://issues.guix.gnu.org/issue/28602
>
> If no answer before the next release [1], I will close it.
Well, 11 weeks later without an answer, I am closing.
Cheers,
simon
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2022-03-23 10:42 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-09-25 20:10 bug#28602: Unpack fails with no error message when using a .zip source nee
2017-10-04 18:17 ` Adonay Felipe Nogueira
2017-10-09 21:05 ` nee
2017-10-09 21:00 ` bug#28602: [PATCH] guix: gnu-build-system: warn about missing unzip input unzip nee
2021-07-05 11:46 ` bug#28602: Unpack fails with no error message when using a .zip source zimoun
2021-11-26 1:49 ` bug#28602: [core-updates] " zimoun
2022-01-04 22:55 ` bug#28602: " zimoun
2022-03-23 10:37 ` zimoun
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).