db: fix unaligned memory access in csum_hash()

(cherry picked from commit c054fbc11e9beca0d45285c3e1f448c81416c5ce)

3 files changed, 13 insertions, 11 deletions

diff --git a/src/apk_defines.h b/src/apk_defines.h
index 5373725..00e9ea8 100644
--- a/src/apk_defines.h
+++ b/src/apk_defines.h
@@ -149,6 +149,16 @@ static inline size_t mulmod(size_t a, size_t b, size_t c)
 	return (size_t) tmp;
 }
 
+static inline uint32_t get_unaligned32(const void *ptr)
+{
+#if defined(__x86_64__) || defined(__i386__)
+	return *(const uint32_t *)ptr;
+#else
+	const uint8_t *p = ptr;
+	return p[0] | p[1] << 8 | p[2] << 16 | p[3] << 24;
+#endif
+}
+
 typedef void (*apk_progress_cb)(void *cb_ctx, size_t);
 
 void *apk_array_resize(void *array, size_t new_size, size_t elem_size);
diff --git a/src/blob.c b/src/blob.c
index 8bd3184..2b6769a 100644
--- a/src/blob.c
+++ b/src/blob.c
@@ -206,16 +206,6 @@ static inline uint32_t rotl32(uint32_t x, int8_t r)
 	return (x << r) | (x >> (32 - r));
 }
 
-static inline uint32_t get_unaligned32(const void *ptr)
-{
-#if defined(__x86_64__) || defined(__i386__)
-	return *(const uint32_t *)ptr;
-#else
-	const uint8_t *p = ptr;
-	return p[0] | p[1] << 8 | p[2] << 16 | p[3] << 24;
-#endif
-}
-
 static uint32_t murmur3_32(const void *pkey, uint32_t len, uint32_t seed)
 {
 	static const uint32_t c1 = 0xcc9e2d51;
diff --git a/src/database.c b/src/database.c
index 606c82f..af2aadd 100644
--- a/src/database.c
+++ b/src/database.c
@@ -128,7 +128,9 @@ static unsigned long csum_hash(apk_blob_t csum)
 {
 	/* Checksum's highest bits have the most "randomness", use that
 	 * directly as hash */
-	return *(unsigned long *) csum.ptr;
+	if (csum.len >= sizeof(uint32_t))
+		return get_unaligned32(csum.ptr);
+	return 0;
 }
 
 static const struct apk_hash_ops pkg_info_hash_ops = {