#269: Not having an up-to-date package list causes indexing out of bounds error ---------------------------------+------------------------------------------ Reporter: guest | Owner: Type: defect | Status: new Priority: low | Milestone: Component: cabal-install tool | Version: 1.2.3.0 Severity: normal | Resolution: Keywords: | Difficulty: normal Ghcversion: 6.8.2 | Platform: ---------------------------------+------------------------------------------ Comment (by duncan): I think what happens is that when we get a short download we still save it to disk. Then when we gunzip it it fails when gzip notices that the file is short. However we were still writing the file, so the bit that has been written out already remains. If the user does not notice the error then they'll continue and we end up trying to parse the truncated tar file. So there are three cases of bad error handling here: * The HTTP lib is not notifying us that the download was shorter than expected. Perhaps we're expected to do this manually. * When we decompress the .tar.gz, we should do it into a temp file and only overwrite the target if the decompress succeeds. * The tar code needs auditing to check that it handles corrupt tar files correctly. There's newer tar code in the hackage-server that we could test with and steal if necessary. -- Ticket URL: http://hackage.haskell.org/trac/hackage/ticket/269#comment:2 Hackage http://haskell.org/cabal/ Hackage: Cabal and related projects