Bug 1947703 - Fix broken call to perl.prov when filenames contain spaces
Summary: Fix broken call to perl.prov when filenames contain spaces
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: perl-generators
Version: 33
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Jitka Plesnikova
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-04-09 00:38 UTC by Ben Burton
Modified: 2021-09-04 19:41 UTC (History)
3 users (show)

Fixed In Version: perl-generators-1.13-1.fc35 perl-generators-1.13-1.fc33 perl-generators-1.13-1.fc34
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-05-19 01:30:28 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)
Patch to fix issue (411 bytes, application/x-perl)
2021-04-09 00:38 UTC, Ben Burton
no flags Details

Description Ben Burton 2021-04-09 00:38:50 UTC
Created attachment 1770474 [details]
Patch to fix issue

Description of problem:

If %_topdir contains spaces, then RPM package builds produce errors when calculating perl dependencies.  These errors appear to be non-fatal (the RPM builds run to completion), but given the nature of the problem it does seem possible that the perl dependencies are not being deduced correctly.

The issue is simple: /usr/lib/rpm/perl.req contains a readpipe call to "$prov_script $file", which is interpreted by the shell, without properly quoting or escaping its $file argument.

I've attached a patch which fixes this, patched and tested against Fedora 33.  The patch is simple: it puts single quotes around the argument $file in the readpipe() call to stop the shell splitting the $file argument (or indeed doing other unwanted substitutions/code-calling/etc.).  Since $file might also contain single quotes, I've added a substitution regex beforehand that replaces each ' with '"'"' so that the shell picks up any single quotes correctly.

How reproducible:

Consistently reproducible; just use a topdir with spaces and then build any spec file that includes perl scripts.

Additional info:

For me at least the bug was practical, not just theoretical - I encountered this when building Fedora packages in a continuous integration system, where the RPM build directories were beneath machine-specific directories with names such as "Fedora 33", "Fedora 32", etc.

Comment 1 Fedora Update System 2021-05-10 15:42:37 UTC
FEDORA-2021-f07429afc3 has been submitted as an update to Fedora 33. https://bodhi.fedoraproject.org/updates/FEDORA-2021-f07429afc3

Comment 2 Fedora Update System 2021-05-10 15:42:37 UTC
FEDORA-2021-92c4c0c0eb has been submitted as an update to Fedora 34. https://bodhi.fedoraproject.org/updates/FEDORA-2021-92c4c0c0eb

Comment 3 Fedora Update System 2021-05-11 01:23:21 UTC
FEDORA-2021-f07429afc3 has been pushed to the Fedora 33 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-f07429afc3`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-f07429afc3

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 4 Fedora Update System 2021-05-12 04:43:18 UTC
FEDORA-2021-92c4c0c0eb has been pushed to the Fedora 34 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-92c4c0c0eb`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-92c4c0c0eb

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 5 Fedora Update System 2021-05-19 01:30:28 UTC
FEDORA-2021-f07429afc3 has been pushed to the Fedora 33 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 6 Fedora Update System 2021-05-20 01:09:46 UTC
FEDORA-2021-92c4c0c0eb has been pushed to the Fedora 34 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 7 Fedora Update System 2021-08-10 14:56:49 UTC
FEDORA-MODULAR-2021-7ca3386bb0 has been submitted as an update to Fedora 34 Modular. https://bodhi.fedoraproject.org/updates/FEDORA-MODULAR-2021-7ca3386bb0

Comment 8 Fedora Update System 2021-08-10 16:47:08 UTC
FEDORA-MODULAR-2021-82446e1f6b has been submitted as an update to Fedora 33 Modular. https://bodhi.fedoraproject.org/updates/FEDORA-MODULAR-2021-82446e1f6b

Comment 9 Fedora Update System 2021-08-11 01:25:06 UTC
FEDORA-MODULAR-2021-7ca3386bb0 has been pushed to the Fedora 34 Modular testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-MODULAR-2021-7ca3386bb0

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 10 Fedora Update System 2021-08-11 01:34:20 UTC
FEDORA-MODULAR-2021-82446e1f6b has been pushed to the Fedora 33 Modular testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-MODULAR-2021-82446e1f6b

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 11 Fedora Update System 2021-08-11 07:57:27 UTC
FEDORA-MODULAR-2021-6903559673 has been submitted as an update to Fedora 34 Modular. https://bodhi.fedoraproject.org/updates/FEDORA-MODULAR-2021-6903559673

Comment 12 Fedora Update System 2021-08-11 07:58:35 UTC
FEDORA-MODULAR-2021-0a8bfca173 has been submitted as an update to Fedora 33 Modular. https://bodhi.fedoraproject.org/updates/FEDORA-MODULAR-2021-0a8bfca173

Comment 13 Fedora Update System 2021-08-12 01:33:59 UTC
FEDORA-MODULAR-2021-6903559673 has been pushed to the Fedora 34 Modular testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-MODULAR-2021-6903559673

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 14 Fedora Update System 2021-08-12 01:34:06 UTC
FEDORA-MODULAR-2021-0a8bfca173 has been pushed to the Fedora 33 Modular testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-MODULAR-2021-0a8bfca173

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 15 Fedora Update System 2021-08-19 00:43:26 UTC
FEDORA-MODULAR-2021-7ca3386bb0 has been pushed to the Fedora 34 Modular stable repository.
If problem still persists, please make note of it in this bug report.

Comment 16 Fedora Update System 2021-08-19 00:53:28 UTC
FEDORA-MODULAR-2021-82446e1f6b has been pushed to the Fedora 33 Modular stable repository.
If problem still persists, please make note of it in this bug report.

Comment 17 Fedora Update System 2021-09-04 19:38:48 UTC
FEDORA-MODULAR-2021-0a8bfca173 has been pushed to the Fedora 33 Modular stable repository.
If problem still persists, please make note of it in this bug report.

Comment 18 Fedora Update System 2021-09-04 19:41:23 UTC
FEDORA-MODULAR-2021-6903559673 has been pushed to the Fedora 34 Modular stable repository.
If problem still persists, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.