SourceEntry does not verify source line validity
Bug #496156 reported by
amichair
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| python-apt (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Bug Description
Binary package hint: python-apt
SourceEntry does only very basic validity checks (e.g. first word is 'deb', has 3 or more tokens), but that still allows users to add corrupt lines such as "deb papa lucid linguini" after which updating sources fails. The validation should correspond to what apt-get update considers valid, such as checking url/cdrom syntax, etc - anything that apt-get rejects as malformed should be rejected here as well.
Revision history for this message
| Julian Andres Klode (juliank) wrote | #1 |
Revision history for this message
| Julian Andres Klode (juliank) wrote | #2 |
| Changed in python-apt (Ubuntu): | |
| status: | New → Invalid |
To post a comment you must log in.
The validation of sources.list entries is completely different from what happens when downloading files. When files are acquired, the Acquire system knows which kinds of URLs are supported, but this cannot be done in the sources.list stuff. The only thing we could really check for is the existance of at least ":/" in the URI, but I guess this is all. It's also not needed, as long as it fails; which it does during fetching. If the user does something wrong, he currently notices it, and an additional check would not be more helpful.