summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorTimo Teräs <timo.teras@iki.fi>2022-02-01 14:47:27 +0200
committerTimo Teräs <timo.teras@iki.fi>2022-02-01 14:47:27 +0200
commit6df225eac38c07ca7fd7de8e59781508bc8ac12b (patch)
tree74c8c117a87d80f1d309de54ae9096a6ae1e6fce /src
parentbd13e774de8e545f5326e0137ba0ed4291e3b721 (diff)
downloadapk-tools-6df225eac38c07ca7fd7de8e59781508bc8ac12b.tar.gz
apk-tools-6df225eac38c07ca7fd7de8e59781508bc8ac12b.tar.bz2
apk-tools-6df225eac38c07ca7fd7de8e59781508bc8ac12b.tar.xz
apk-tools-6df225eac38c07ca7fd7de8e59781508bc8ac12b.zip
mkpkg, adb: validate version and dependency format
Fail if the package or dependency version format is not valid. fixes #10807
Diffstat (limited to 'src')
-rw-r--r--src/adb.c4
-rw-r--r--src/adb.h2
-rw-r--r--src/apk_adb.c13
-rw-r--r--src/apk_defines.h3
-rw-r--r--src/app_mkpkg.c12
-rw-r--r--src/print.c3
6 files changed, 26 insertions, 11 deletions
diff --git a/src/adb.c b/src/adb.c
index 4f313cd..144efff 100644
--- a/src/adb.c
+++ b/src/adb.c
@@ -764,7 +764,7 @@ adb_val_t adb_w_fromstring(struct adb *db, const uint8_t *kind, apk_blob_t val)
adb_wo_alloca(&obj, schema, db);
if (!schema->fromstring) return ADB_ERROR(APKE_ADB_NO_FROMSTRING);
r = schema->fromstring(&obj, val);
- if (r) return ADB_ERROR(r);
+ if (r) return ADB_ERROR(-r);
return adb_w_obj(&obj);
}
default:
@@ -849,7 +849,7 @@ adb_val_t adb_w_arr(struct adb_obj *o)
return __adb_w_obj(o, ADB_TYPE_ARRAY);
}
-adb_val_t adb_wo_fromstring(struct adb_obj *o, apk_blob_t val)
+int adb_wo_fromstring(struct adb_obj *o, apk_blob_t val)
{
adb_wo_reset(o);
return o->schema->fromstring(o, val);
diff --git a/src/adb.h b/src/adb.h
index a306d05..c46f7cc 100644
--- a/src/adb.h
+++ b/src/adb.h
@@ -213,7 +213,7 @@ void adb_wo_reset(struct adb_obj *);
void adb_wo_resetdb(struct adb_obj *);
adb_val_t adb_w_obj(struct adb_obj *);
adb_val_t adb_w_arr(struct adb_obj *);
-adb_val_t adb_wo_fromstring(struct adb_obj *o, apk_blob_t);
+int adb_wo_fromstring(struct adb_obj *o, apk_blob_t);
adb_val_t adb_wo_val(struct adb_obj *o, unsigned i, adb_val_t);
adb_val_t adb_wo_val_fromstring(struct adb_obj *o, unsigned i, apk_blob_t);
adb_val_t adb_wo_int(struct adb_obj *o, unsigned i, uint32_t);
diff --git a/src/apk_adb.c b/src/apk_adb.c
index c7fbdde..37206f0 100644
--- a/src/apk_adb.c
+++ b/src/apk_adb.c
@@ -116,6 +116,12 @@ const struct adb_object_schema schema_string_array = {
.fields = ADB_ARRAY_ITEM(scalar_string),
};
+static adb_val_t version_fromstring(struct adb *db, apk_blob_t val)
+{
+ if (!apk_version_validate(val)) return ADB_ERROR(APKE_PKGVERSION_FORMAT);
+ return adb_w_blob(db, val);
+}
+
static int version_compare(struct adb *db1, adb_val_t v1, struct adb *db2, adb_val_t v2)
{
switch (apk_version_compare_blob(adb_r_blob(db1, v1), adb_r_blob(db2, v2))) {
@@ -128,7 +134,7 @@ static int version_compare(struct adb *db1, adb_val_t v1, struct adb *db2, adb_v
static struct adb_scalar_schema scalar_version = {
.kind = ADB_KIND_BLOB,
.tostring = string_tostring,
- .fromstring = string_fromstring,
+ .fromstring = version_fromstring,
.compare = version_compare,
};
@@ -327,7 +333,7 @@ static int dependency_fromstring(struct adb_obj *obj, apk_blob_t bdep)
return 0;
fail:
- return -APKE_ADB_DEPENDENCY_FORMAT;
+ return -APKE_DEPENDENCY_FORMAT;
}
static int dependency_cmp(const struct adb_obj *o1, const struct adb_obj *o2)
@@ -356,7 +362,8 @@ static int dependencies_fromstring(struct adb_obj *obj, apk_blob_t b)
adb_wo_alloca(&dep, &schema_dependency, obj->db);
while (apk_dep_split(&b, &bdep)) {
- adb_wo_fromstring(&dep, bdep);
+ int r = adb_wo_fromstring(&dep, bdep);
+ if (r) return r;
adb_wa_append_obj(obj, &dep);
}
diff --git a/src/apk_defines.h b/src/apk_defines.h
index 27f31ef..9cacf13 100644
--- a/src/apk_defines.h
+++ b/src/apk_defines.h
@@ -44,6 +44,8 @@ enum {
APKE_SIGNATURE_UNTRUSTED,
APKE_SIGNATURE_INVALID,
APKE_FORMAT_NOT_SUPPORTED,
+ APKE_PKGVERSION_FORMAT,
+ APKE_DEPENDENCY_FORMAT,
APKE_ADB_COMPRESSION,
APKE_ADB_HEADER,
APKE_ADB_VERSION,
@@ -52,7 +54,6 @@ enum {
APKE_ADB_SIGNATURE,
APKE_ADB_NO_FROMSTRING,
APKE_ADB_LIMIT,
- APKE_ADB_DEPENDENCY_FORMAT,
APKE_ADB_PACKAGE_FORMAT,
APKE_V2DB_FORMAT,
APKE_V2PKG_FORMAT,
diff --git a/src/app_mkpkg.c b/src/app_mkpkg.c
index 4e61066..afbc150 100644
--- a/src/app_mkpkg.c
+++ b/src/app_mkpkg.c
@@ -242,8 +242,8 @@ static int mkpkg_main(void *pctx, struct apk_ctx *ac, struct apk_string_array *a
// prepare package info
for (i = 0; i < ARRAY_SIZE(ctx->info); i++) {
- apk_blob_t val = ctx->info[i];
- if (APK_BLOB_IS_NULL(val)) {
+ apk_blob_t b = ctx->info[i];
+ if (APK_BLOB_IS_NULL(b)) {
switch (i) {
case ADBI_PI_NAME:
case ADBI_PI_VERSION:
@@ -254,7 +254,13 @@ static int mkpkg_main(void *pctx, struct apk_ctx *ac, struct apk_string_array *a
}
continue;
}
- adb_wo_val_fromstring(&pkgi, i, val);
+ adb_val_t val = adb_wo_val_fromstring(&pkgi, i, b);
+ if (ADB_IS_ERROR(val)) {
+ r = ADB_VAL_VALUE(val);
+ apk_err(out, "field '%s' has invalid value: %s",
+ schema_pkginfo.fields[i-1].name, apk_error_str(r));
+ goto err;
+ }
}
if (adb_ro_val(&pkgi, ADBI_PI_ARCH) == ADB_VAL_NULL)
adb_wo_blob(&pkgi, ADBI_PI_ARCH, APK_BLOB_STRLIT(APK_DEFAULT_ARCH));
diff --git a/src/print.c b/src/print.c
index 187dcf4..4ffc536 100644
--- a/src/print.c
+++ b/src/print.c
@@ -39,6 +39,8 @@ const char *apk_error_str(int error)
case APKE_SIGNATURE_UNTRUSTED: return "UNTRUSTED signature";
case APKE_SIGNATURE_INVALID: return "BAD signature";
case APKE_FORMAT_NOT_SUPPORTED: return "file format not supported (in this applet)";
+ case APKE_PKGVERSION_FORMAT: return "package version is invalid";
+ case APKE_DEPENDENCY_FORMAT: return "dependency format is invalid";
case APKE_ADB_COMPRESSION: return "ADB compression not supported";
case APKE_ADB_HEADER: return "ADB header error";
case APKE_ADB_VERSION: return "incompatible ADB version";
@@ -47,7 +49,6 @@ const char *apk_error_str(int error)
case APKE_ADB_SIGNATURE: return "ADB signature block error";
case APKE_ADB_NO_FROMSTRING: return "ADB schema error (no fromstring)";
case APKE_ADB_LIMIT: return "ADB schema limit reached";
- case APKE_ADB_DEPENDENCY_FORMAT: return "ADB dependency format";
case APKE_ADB_PACKAGE_FORMAT: return "ADB package format";
case APKE_V2DB_FORMAT: return "v2 database format error";
case APKE_V2PKG_FORMAT: return "v2 package format error";