apk-tools - Adélie Linux patches for Alpine Package Keeper (apk-tools)

Age	Commit message (Collapse)	Author	Files	Lines
2021-07-26	extract: fix handling of error of regular file extraction	Timo Teräs	2	-3/+16
	fix the error checking, allow --force-overwrite to work and do not delete existing file in case of error
2021-07-26	libfetch: fix range checking for http/ftp protocol parsing	Timo Teräs	5	-61/+70
	Various parsing of numeric strings were not having adequate range checking causing information leak or potential crash. CVE-2021-36159 fixes #10749 Co-authored-by: Ariadne Conill <ariadne@dereferenced.org> Reported-by: Samanta Navarro <ferivoz@riseup.net>
2021-07-26	adb: fix some error handling paths	Timo Teräs	3	-9/+9

2021-07-26	db: add some error checking to database state write	Timo Teräs	2	-40/+51
	Make errors more observable. Unfortunately full rollback is non-trivial to implement. This is something to be fixed with the v3 database format.
2021-07-26	db: fix installed db writing with long names	Samanta Navarro	1	-5/+10
	Packages containing files with path names longer than 1024 characters cannot fit into the buffer which is used to write "installed" database. This leads to bbuf being APK_BLOB_NULL in apk_db_write_fdb because apk_blob_push_blob notices the condition and correctly handles it. The problem occurs when arguments to apk_ostream_write are manually calculated by pointer arithmetics. Since bbuf.ptr is NULL in such a case, bbuf.ptr - buf leads to a huge size value while buf still points into the stack. fixes #10751 [TT: minor edit to commit and abbreviating the commit message]
2021-07-26	Use __attribute__ ((format)) where possible and fix issues found by it	Timo Teräs	4	-8/+9

2021-07-26	adb: adb_walk_adb fix out of boundary write	Timo Teräs	3	-37/+58
	If a signature is longer than max allowed adb signature length then adb_walk_block writes out of boundary of stack variable tmp. The len += snprintf is not safe per standard snprintf implementation (kernel does it differently). Introduce and use apk_blob_push_fmt which does the checking better. Fixes #10752 Reported-by: Samanta Navarro <ferivoz@riseup.net>
2021-07-25	io_archive: Use SOURCE_DATE_EPOCH for meta files instead of current time	kpcyrd	3	-1/+18
	[TT: minor stylistic changes]
2021-07-25	adb: fix error handling of non-adb files	Timo Teräs	2	-3/+7

2021-07-23	db: allow read-only operations without cache	Timo Teräs	4	-4/+24
	fixes #10748
2021-07-23	extract: rework uvol name logic	Timo Teräs	2	-15/+16
	Add uvol_name to struct apk_file_info so it can be passed down the extract callbacks in future work. Modify uvol name to not include the path, but just the filename portion.
2021-07-23	extract: fix uvol parameter order	Daniel Golle	1	-1/+1

2021-07-22	extract: remove unneeded argument from uvol_extract	Timo Teräs	1	-3/+3

2021-07-22	adb: add a small adb blob header with versions and root object	Timo Teräs	5	-39/+74

2021-07-22	adb: refactor struct adb_header to adb_file_header	Timo Teräs	4	-39/+37
	In struct adb, do not keep the whole header, just the schema in host byte order.
2021-07-22	adb: make adb mmap/stream parser more united, add ADB_BLOCK_DATAX	Timo Teräs	4	-47/+61
	Harden the error checking of expected block types and their order. Add ADB_BLOCK_DATAX as reserved for >1GB blocks.
2021-07-22	adb, convndx: check istream_close result	Timo Teräs	2	-3/+2

2021-07-22	io: make apk_istream_get/read() fail on incomplete read	Timo Teräs	5	-59/+44

2021-07-22	io: formalize apk_ostream_write() always writing full data	Timo Teräs	6	-60/+46

2021-07-22	rework apk_istream_splice and apk_istream_tee	Timo Teräs	10	-204/+120
	- apk_istream_splice usage is converted to apk_stream_copy which is the newer variant. With caching enabled by default, this makes more sense mmapping or using separate buffers. - apk_istream_tee is reworked to write to apk_ostream, which simplifies quite a bit of various things
2021-07-22	io: rework apk_istream_get_* to not return erros in blob value	Timo Teräs	10	-66/+68
	The interface was slightly cumbersome, so replace these functions to return explicit error, and make the return blob a pointer arg.
2021-07-22	adb: remove the now unused get_default_int() hook	Timo Teräs	2	-8/+1
	It is no longer needed, and can be later reintroduced if needed.
2021-07-22	adb: unify various interfaces to adb_m_process	Timo Teräs	12	-220/+252
	Removes code duplication, and puts important checks in one place. Support seamless decompression in adbdump.
2021-07-22	adbsign: support compressed adb files	Timo Teräs	4	-6/+9

2021-07-22	adb: support seamless de/compression of adb files	Timo Teräs	9	-22/+111
	Add compression header of adb files. Support uncompressed and deflate compression at this time.
2021-07-22	convndx: add error reporting	Timo Teräs	1	-1/+5

2021-07-16	libfetch: simplify code by merging protocol error handling branches	Timo Teräs	2	-36/+22
	removes some code duplication
2021-07-16	extract: fix integrity check failure to remove the bad file/volume	Timo Teräs	1	-33/+31

2021-07-16	genhelp: improve to work with lua 5.1	Timo Teräs	2	-7/+7
	Fix the script to not contain \x00 escape which was the only new feature used. Fix the meson build script to use given lua interpreter for running the genhelp.lua. Based on patch from Daniel Golle <daniel@makrotopia.org>
2021-07-16	check trust in adb_trust_write_signatures()	Timo Teräs	1	-1/+3
	Based on patch from Daniel Golle <daniel@makrotopia.org>
2021-07-06	define APK_DEFAULT_ARCH for loongarch targets	Ariadne Conill	1	-0/+6
	Macros used have been taken from Loongson's work-in-progress GCC 12 port.
2021-06-23	mkpkg, extract: implement support for symlinks, devices and fifos	Timo Teräs	4	-33/+101

2021-06-21	openssl: explicitly ignore BIO_reset() return value	Timo Teräs	1	-1/+1
	This caused some -Wall errors on certain gcc versions due to BIO_reset() being a macro with explicit cast.
2021-06-21	db: check syscall errors in update_permissions()	Timo Teräs	1	-5/+18

2021-06-21	print: handle write() errors in apk_print_progress()	Timo Teräs	3	-19/+25

2021-06-19	doc: add missing options to index, info, and version	Rodrigo Lourenço	3	-12/+23

2021-06-19	reduce misuse of error codes from errno.h	Timo Teräs	17	-118/+141

2021-06-19	crypto: improve compatibility	Timo Teräs	3	-7/+9
	EVP_MD_CTX_set_pkey_ctx() is fairly new openssl function, and not existing in many alternative. Use EVP_MD_CTX_reset() which is slightly more heavy but more portable. Add also signature buffer lengths to work with RSA.
2021-06-19	mkpkg: ignore special files with warning instead of erroring	Timo Teräs	1	-2/+1

2021-06-19	fixup some includes	Timo Teräs	7	-6/+1
	- remove unneeded assert.h - add needed limits.h
2021-06-19	Document apk-search	Rodrigo Lourenço	3	-0/+45
	Fixes #10746.
2021-06-19	Remove AUTHORS section from man pages	Timo Teräs	22	-110/+0
	Use of an AUTHORS section is strongly discouraged. Generally, it is better not to clutter every page with a list of (over time potentially numerous) authors. Add your name to comments in sources, or the root level AUTHORS file instead.
2021-06-14	update Makefile to include new v3 code and applets	Timo Teräs	1	-11/+11

2021-06-12	crypto: make EVP_MD_CTX_FLAG_FINALISE optional	Timo Teräs	1	-0/+2
	Improves compatibility with libressl, wolfssl and older openssl libraries not having the flag. Usage of this is optional as it's purely performance optimization related flag.
2021-06-11	fix glibc build of crypto abstraction header	Timo Teräs	1	-0/+1

2021-06-11	fix makefile build after crypto abstraction work	Timo Teräs	1	-1/+1

2021-06-11	extract: add experimental support for uvol volumes	Timo Teräs	3	-3/+104

2021-06-11	extract: new applet to extract v2 packages	Timo Teräs	14	-65/+413

2021-06-11	add basic abstraction for cryptographic operations	Timo Teräs	25	-260/+462
	- basic digesting and signing apis (subject still to fine tuning) - update digest code, and adb signing for the thin wrapping layer - old v1 package and database handling not updated - default mkpkg file hash to sha256 ref #10744
2021-06-11	mkpkg: new applet to create v2 packages with basic functionality	Timo Teräs	17	-210/+647