Bug 1165573

Summary: CLI parser does not correctly detect ambigous abbreviations for given switches
Product: [openSUSE] openSUSE Tumbleweed Reporter: Benjamin Zeller <bzeller>
Component: libzyppAssignee: E-mail List <zypp-maintainers>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None    
Version: Current   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Benjamin Zeller 2020-03-03 15:06:36 UTC 
Currently the zypper cli parser fails to detect ambigous abbreviations in long options.

For example:

zypper search --s

This should normally throw a error, but instead the first switch starting with "s" is selected.

After some digging in the getopt_long code it seems that only the last three fields in the longopt struct are used to detect a ambigous abbrev after finding a partial match in the name:

https://sourceware.org/git/?p=glibc.git;a=blob;f=posix/getopt.c;h=8d251dd5fabb46e17f5d593bf12d0619a8867bee;hb=HEAD#l238

>struct option {
>    const char *name;
>    int         has_arg;
>    int        *flag;
>    int         val;
>};

However the last 2 fields are always 0 for us, which means only the has_arg flag is used to detect a ambigous flag.

A possible fix would be to generate a dummy value for the "val" field.
Comment 3 Michael Andres 2020-05-27 10:01:01 UTC 
.
Comment 4 Swamp Workflow Management 2020-06-12 13:16:13 UTC 
SUSE-RU-2020:1611-1: An update that has 8 recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1130873,1154803,1164543,1165476,1165573,1166610,1167122,1168990
CVE References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    PackageKit-1.1.10-12.5.11
SUSE Linux Enterprise Server for SAP 15 (src):    libsigc++2-2.10.0-3.3.1
SUSE Linux Enterprise Server 15-LTSS (src):    libsigc++2-2.10.0-3.3.1
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP1 (src):    libsolv-0.7.13-3.19.7
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    libsolv-0.7.13-3.19.7
SUSE Linux Enterprise Module for Desktop Applications 15-SP1 (src):    PackageKit-1.1.10-12.5.11, libsigc++2-2.10.0-3.3.1, libyui-qt-pkg-2.45.28-3.8.9
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    libsigc++2-2.10.0-3.3.1, libsolv-0.7.13-3.19.7, libyui-ncurses-pkg-2.48.9-7.5.8, libyui-ncurses-pkg-doc-2.48.9-7.5.7, libyui-qt-pkg-2.45.28-3.8.9, libyui-qt-pkg-doc-2.45.28-3.8.7, libzypp-17.23.4-3.19.9, yast2-pkg-bindings-4.1.2-3.5.9, zypper-1.14.36-3.16.9
SUSE Linux Enterprise Installer 15 (src):    libsigc++2-2.10.0-3.3.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    libsigc++2-2.10.0-3.3.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    libsigc++2-2.10.0-3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 6 Swamp Workflow Management 2020-06-22 22:16:21 UTC 
openSUSE-RU-2020:0842-1: An update that has 10 recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1130873,1154803,1164543,1165476,1165573,1166610,1167122,1168990,1169947,1172925
CVE References: 
Sources used:
openSUSE Leap 15.1 (src):    PackageKit-1.1.10-lp151.8.9.2, libmaxminddb-1.4.2-lp151.3.5.1, libsolv-0.7.13-lp151.2.16.1, libyui-ncurses-pkg-2.48.9-lp151.2.6.1, libyui-ncurses-pkg-doc-2.48.9-lp151.2.6.1, libyui-qt-pkg-2.45.28-lp151.2.10.2, libyui-qt-pkg-doc-2.45.28-lp151.2.10.1, libzypp-17.23.4-lp151.2.16.2, nginx-1.16.1-lp151.4.11.1, yast2-pkg-bindings-4.1.2-lp151.2.6.1, yast2-pkg-bindings-devel-doc-4.1.2-lp151.2.6.1, zypper-1.14.37-lp151.2.14.1
Comment 7 Swamp Workflow Management 2020-07-07 16:16:01 UTC 
SUSE-RU-2020:1869-1: An update that has 13 recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1130873,1154803,1164543,1165476,1165573,1166610,1167122,1168990,1169947,1170801,1171224,1172135,1172925
CVE References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    libsigc++2-2.10.0-3.5.1, libsolv-0.7.14-3.30.2, libyui-ncurses-pkg-2.48.5.2-3.7.12, libyui-ncurses-pkg-doc-2.48.5.2-3.7.12, libyui-qt-pkg-2.45.15.2-3.7.13, libyui-qt-pkg-doc-2.45.15.2-3.7.12, libzypp-17.23.8-3.43.1, yast2-pkg-bindings-4.0.13-3.9.12, zypper-1.14.37-3.34.6
SUSE Linux Enterprise Server 15-LTSS (src):    libsigc++2-2.10.0-3.5.1, libsolv-0.7.14-3.30.2, libyui-ncurses-pkg-2.48.5.2-3.7.12, libyui-ncurses-pkg-doc-2.48.5.2-3.7.12, libyui-qt-pkg-2.45.15.2-3.7.13, libyui-qt-pkg-doc-2.45.15.2-3.7.12, libzypp-17.23.8-3.43.1, yast2-pkg-bindings-4.0.13-3.9.12, zypper-1.14.37-3.34.6
SUSE Linux Enterprise Module for Desktop Applications 15-SP1 (src):    libsigc++2-2.10.0-3.5.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    libsigc++2-2.10.0-3.5.1
SUSE Linux Enterprise Installer 15 (src):    libsigc++2-2.10.0-3.5.1, libsolv-0.7.14-3.30.2, libyui-ncurses-pkg-2.48.5.2-3.7.12, libyui-qt-pkg-2.45.15.2-3.7.13, libzypp-17.23.8-3.43.1, yast2-pkg-bindings-4.0.13-3.9.12, zypper-1.14.37-3.34.6
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    libsigc++2-2.10.0-3.5.1, libsolv-0.7.14-3.30.2, libyui-ncurses-pkg-2.48.5.2-3.7.12, libyui-ncurses-pkg-doc-2.48.5.2-3.7.12, libyui-qt-pkg-2.45.15.2-3.7.13, libyui-qt-pkg-doc-2.45.15.2-3.7.12, libzypp-17.23.8-3.43.1, yast2-pkg-bindings-4.0.13-3.9.12, zypper-1.14.37-3.34.6
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    libsigc++2-2.10.0-3.5.1, libsolv-0.7.14-3.30.2, libyui-ncurses-pkg-2.48.5.2-3.7.12, libyui-ncurses-pkg-doc-2.48.5.2-3.7.12, libyui-qt-pkg-2.45.15.2-3.7.13, libyui-qt-pkg-doc-2.45.15.2-3.7.12, libzypp-17.23.8-3.43.1, yast2-pkg-bindings-4.0.13-3.9.12, zypper-1.14.37-3.34.6

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.