1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

openbsd_pkg: Fix regexp matching crash (#3161) (#3185)

When a package name contains special characters (e.g. "g++"), they are
interpreted as part of the regexp.

This can lead to a crash with an error in the python re module, for
instance with "g++":

    sre_constants.error: multiple repeat

Fix this by escaping the package name.

Co-authored-by: Baptiste Jonglez <git@bitsofnetworks.org>
(cherry picked from commit 56b5be0630)

Co-authored-by: zorun <github@bitsofnetworks.org>
This commit is contained in:
patchback[bot] 2021-08-09 23:02:49 +02:00 committed by GitHub
parent 3b9a571bd4
commit 1d07d6e3b5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 2 deletions

View file

@ -0,0 +1,2 @@
bugfixes:
- openbsd_pkg - fix regexp matching crash. This bug could trigger on package names with special characters, for example ``g++`` (https://github.com/ansible-collections/community.general/pull/3161).

View file

@ -241,7 +241,7 @@ def package_present(names, pkg_spec, module):
# "file:/local/package/directory/ is empty" message on stderr
# while still installing the package, so we need to look for
# for a message like "packagename-1.0: ok" just in case.
match = re.search(r"\W%s-[^:]+: ok\W" % pkg_spec[name]['stem'], pkg_spec[name]['stdout'])
match = re.search(r"\W%s-[^:]+: ok\W" % re.escape(pkg_spec[name]['stem']), pkg_spec[name]['stdout'])
if match:
# It turns out we were able to install the package.
@ -295,7 +295,7 @@ def package_latest(names, pkg_spec, module):
pkg_spec[name]['changed'] = False
for installed_name in pkg_spec[name]['installed_names']:
module.debug("package_latest(): checking for pre-upgrade package name: %s" % installed_name)
match = re.search(r"\W%s->.+: ok\W" % installed_name, pkg_spec[name]['stdout'])
match = re.search(r"\W%s->.+: ok\W" % re.escape(installed_name), pkg_spec[name]['stdout'])
if match:
module.debug("package_latest(): pre-upgrade package name match: %s" % installed_name)