diff options
| author | Timo Teräs <timo.teras@iki.fi> | 2022-01-17 11:03:14 +0200 |
|---|---|---|
| committer | Timo Teräs <timo.teras@iki.fi> | 2022-01-17 11:03:14 +0200 |
| commit | a6126a6f2362ee47e91acb25083e1b112a57640a (patch) | |
| tree | a35ba6d96710961eb394cb1e57c951a82c25b737 | |
| parent | faba66ba96af2787563a1dabec67c484ef03aab2 (diff) | |
| download | apk-tools-a6126a6f2362ee47e91acb25083e1b112a57640a.tar.gz apk-tools-a6126a6f2362ee47e91acb25083e1b112a57640a.tar.bz2 apk-tools-a6126a6f2362ee47e91acb25083e1b112a57640a.tar.xz apk-tools-a6126a6f2362ee47e91acb25083e1b112a57640a.zip | |
package: fail on invalid control data
Handle meta data error to produce hard failure.
fixes #10806
| -rw-r--r-- | src/database.c | 6 | ||||
| -rw-r--r-- | src/package.c | 19 |
2 files changed, 13 insertions, 12 deletions
diff --git a/src/database.c b/src/database.c index b8aa643..888033f 100644 --- a/src/database.c +++ b/src/database.c @@ -2455,8 +2455,10 @@ static int apk_db_install_archive_entry(void *_ctx, if (ae->name[0] != '.') return 0; if (strcmp(ae->name, ".PKGINFO") == 0) { apk_blob_t l, token = APK_BLOB_STR("\n"); - while (!APK_BLOB_IS_NULL(l = apk_istream_get_delim(is, token))) - read_info_line(ctx, l); + while (!APK_BLOB_IS_NULL(l = apk_istream_get_delim(is, token))) { + r = read_info_line(ctx, l); + if (r < 0) return r; + } return 0; } r = apk_script_type(&ae->name[1]); diff --git a/src/package.c b/src/package.c index eba1b2b..aea3dba 100644 --- a/src/package.c +++ b/src/package.c @@ -839,7 +839,7 @@ int apk_pkg_add_info(struct apk_database *db, struct apk_package *pkg, return 2; } if (APK_BLOB_IS_NULL(value)) - return -1; + return -EAPKFORMAT; return 0; } @@ -875,14 +875,11 @@ static int read_info_line(void *ctx, apk_blob_t line) if (!apk_blob_split(line, APK_BLOB_STR(" = "), &l, &r)) return 0; - for (i = 0; i < ARRAY_SIZE(fields); i++) { - if (apk_blob_compare(APK_BLOB_STR(fields[i].str), l) == 0) { - apk_pkg_add_info(ri->db, ri->pkg, fields[i].field, r); - return 0; - } - } - apk_sign_ctx_parse_pkginfo_line(ri->sctx, line); + for (i = 0; i < ARRAY_SIZE(fields); i++) + if (apk_blob_compare(APK_BLOB_STR(fields[i].str), l) == 0) + return apk_pkg_add_info(ri->db, ri->pkg, fields[i].field, r); + apk_sign_ctx_parse_pkginfo_line(ri->sctx, line); return 0; } @@ -903,8 +900,10 @@ static int read_info_entry(void *ctx, const struct apk_file_info *ae, if (strcmp(ae->name, ".PKGINFO") == 0) { /* APK 2.0 format */ apk_blob_t l, token = APK_BLOB_STR("\n"); - while (!APK_BLOB_IS_NULL(l = apk_istream_get_delim(is, token))) - read_info_line(ctx, l); + while (!APK_BLOB_IS_NULL(l = apk_istream_get_delim(is, token))) { + r = read_info_line(ctx, l); + if (r < 0) return r; + } } else if (strcmp(ae->name, ".INSTALL") == 0) { apk_warning("Package '%s-" BLOB_FMT "' contains deprecated .INSTALL", pkg->name->name, BLOB_PRINTF(*pkg->version)); |