diff options
| -rw-r--r-- | src/apk_blob.h | 1 | ||||
| -rw-r--r-- | src/audit.c | 6 | ||||
| -rw-r--r-- | src/blob.c | 6 |
3 files changed, 12 insertions, 1 deletions
diff --git a/src/apk_blob.h b/src/apk_blob.h index c19fb95..2d2e30e 100644 --- a/src/apk_blob.h +++ b/src/apk_blob.h @@ -95,6 +95,7 @@ apk_blob_t apk_blob_pushed(apk_blob_t buffer, apk_blob_t left); unsigned long apk_blob_hash_seed(apk_blob_t, unsigned long seed); unsigned long apk_blob_hash(apk_blob_t str); int apk_blob_compare(apk_blob_t a, apk_blob_t b); +int apk_blob_ends_with(apk_blob_t str, apk_blob_t suffix); int apk_blob_for_each_segment(apk_blob_t blob, const char *split, apk_blob_cb cb, void *ctx); diff --git a/src/audit.c b/src/audit.c index cb295b8..c09f994 100644 --- a/src/audit.c +++ b/src/audit.c @@ -111,7 +111,7 @@ static int audit_file(struct audit_ctx *actx, apk_checksum_compare(&fi.csum, &dbf->csum) != 0) rv = 'U'; else if (apk_checksum_compare(&fi.xattr_csum, &dbf->acl->xattr_csum) != 0) - rv = 'X'; + rv = 'x'; else if (S_ISLNK(fi.mode) && dbf->csum.type == APK_CHECKSUM_NONE) rv = 'U'; else if (actx->check_permissions) { @@ -260,6 +260,10 @@ recurse_check: if (actx->mode == MODE_SYSTEM && (reason == 'A' || protect_mode != APK_PROTECT_NONE)) goto done; + if (actx->mode == MODE_BACKUP && + reason == 'A' && + apk_blob_ends_with(bent, APK_BLOB_STR(".apk-new"))) + goto done; report_audit(actx, reason, bfull, dbf ? dbf->diri->pkg : NULL); } @@ -225,6 +225,12 @@ int apk_blob_compare(apk_blob_t a, apk_blob_t b) return 1; } +int apk_blob_ends_with(apk_blob_t a, apk_blob_t b) +{ + if (a.len < b.len) return 0; + return memcmp(a.ptr+a.len-b.len, b.ptr, b.len) == 0; +} + int apk_blob_for_each_segment(apk_blob_t blob, const char *split, int (*cb)(void *ctx, apk_blob_t blob), void *ctx) { |