summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTimo Teräs <timo.teras@iki.fi>2020-01-24 10:32:54 +0200
committerTimo Teräs <timo.teras@iki.fi>2020-01-24 10:39:01 +0200
commit9a76f0d6a6f3deabeba72f4fb2788bd45f929a8a (patch)
treebfa031ac11c2450f4316167330af7ec3e0374591
parentd25e5e3879f1a1c1cf6a5bcd82f6cc2eb7288c72 (diff)
downloadapk-tools-9a76f0d6a6f3deabeba72f4fb2788bd45f929a8a.tar.gz
apk-tools-9a76f0d6a6f3deabeba72f4fb2788bd45f929a8a.tar.bz2
apk-tools-9a76f0d6a6f3deabeba72f4fb2788bd45f929a8a.tar.xz
apk-tools-9a76f0d6a6f3deabeba72f4fb2788bd45f929a8a.zip
db: additional clean up and hardening for apk extraction
This enforces all scripts to be in the control block, and all data files to be in data block. Ignoring of dot files in root is added back: packages without any real files will ship one ".dummy" item in the data block to trigger processing and validation to work.
-rw-r--r--src/database.c31
1 files changed, 16 insertions, 15 deletions
diff --git a/src/database.c b/src/database.c
index d7abcca..be46608 100644
--- a/src/database.c
+++ b/src/database.c
@@ -2381,7 +2381,7 @@ static int apk_db_install_archive_entry(void *_ctx,
apk_blob_t name = APK_BLOB_STR(ae->name), bdir, bfile;
struct apk_db_dir_instance *diri = ctx->diri;
struct apk_db_file *file, *link_target_file = NULL;
- int ret = 0, r, type = APK_SCRIPT_INVALID;
+ int ret = 0, r;
char tmpname_file[TMPNAME_MAX], tmpname_link_target[TMPNAME_MAX];
r = apk_sign_ctx_process_file(&ctx->sctx, ae, is);
@@ -2390,18 +2390,29 @@ static int apk_db_install_archive_entry(void *_ctx,
/* Package metainfo and script processing */
if (ctx->sctx.control_started && !ctx->sctx.data_started) {
+ if (ae->name[0] != '.') return 0;
if (strcmp(ae->name, ".PKGINFO") == 0) {
apk_blob_t l, token = APK_BLOB_STR("\n");
while (!APK_BLOB_IS_NULL(l = apk_istream_get_delim(is, token)))
read_info_line(ctx, l);
return 0;
}
- if (ae->name[0] == '.')
- type = apk_script_type(&ae->name[1]);
- if (type == APK_SCRIPT_INVALID)
- return 0;
+ r = apk_script_type(&ae->name[1]);
+ if (r != APK_SCRIPT_INVALID) {
+ apk_ipkg_add_script(ipkg, is, r, ae->size);
+ ctx->script_pending |= (r == ctx->script);
+ apk_db_run_pending_script(ctx);
+ }
+ return 0;
}
+ /* Handle script */
+ apk_db_run_pending_script(ctx);
+
+ /* Rest of files need to be inside data portion */
+ if (!ctx->sctx.data_started || ae->name[0] == '.')
+ return 0;
+
/* Sanity check the file name */
if (ae->name[0] == '/' ||
strncmp(ae->name, "/./"+1, 3) == 0 ||
@@ -2414,16 +2425,6 @@ static int apk_db_install_archive_entry(void *_ctx,
return 0;
}
- /* Handle script */
- if (type != APK_SCRIPT_INVALID) {
- apk_ipkg_add_script(ipkg, is, type, ae->size);
- if (type == ctx->script)
- ctx->script_pending = TRUE;
- apk_db_run_pending_script(ctx);
- return 0;
- }
- apk_db_run_pending_script(ctx);
-
/* Installable entry */
ctx->current_file_size = apk_calc_installed_size(ae->size);
if (!S_ISDIR(ae->mode)) {