summaryrefslogtreecommitdiff
path: root/src/apk_archive.h
AgeCommit message (Collapse)AuthorFilesLines
2018-09-10rework unpacking of packages and harden package file format requirementsTimo Teräs1-1/+2
A crafted .apk file could to trick apk writing unverified data to an unexpected file during temporary file creation due to bugs in handling long link target name and the way a regular file is extracted. Several hardening steps are implemented to avoid this: - the temporary file is now always first unlinked (apk thus reserved all filenames .apk.* to be it's working files) - the temporary file is after that created with O_EXCL to avoid races - the temporary file is no longer directly the archive entry name and thus directly controlled by potentially untrusted data - long file names and link target names are now rejected - hard link targets are now more rigorously checked - various additional checks added for the extraction process to error out early in case of malformed (or old legacy) file Reported-by: Max Justicz <max@justi.cz>
2011-09-13all: update copyright year statementTimo Teräs1-1/+1
2010-10-08io, db: id cache should be specific to database root, not system rootTimo Teräs1-1/+1
Otherwise we end up using wrong uid/gid mappings when doing install to alternate system root. Fixes #434.
2009-09-03index, version: support for repository descriptions (fixes #141)Timo Teras1-1/+1
ability embed description information to repository indexes (e.g. repository name and version) and show it via "apk version -I".
2009-07-31apk: use *at instead of chdir+normal file syscallTimo Teras1-3/+2
this way we never change cwd, and relative filenames are always parsed consistently. this also helps filename construction in many places. this patch also changes '--root' to override location of all configuration to be in the new root. previously it depended on the file which one was used.
2009-07-29tar: make checksumming of inner files conditionalTimo Teras1-2/+5
and force checksumming only when unpacking archive. otherwise it's extra computation for nothing.
2009-07-16various: new style index generationTimo Teras1-2/+3
change the index generation to do old index, or the new style index where package identity is sha1 of control block and it's contained within an .tar.gz to allow signing in future.
2009-07-16gzip: always autoclose the inner streamTimo Teras1-1/+0
2009-07-14db: live with sha1 and md5Timo Teras1-1/+2
this also convers scripts file to a tar archive.
2009-04-15fetch: new applet to download .apk filesTimo Teras1-2/+0
Fixes #24.
2009-01-07various: make fancy progress bar and update todoTimo Teras1-1/+2
2008-11-27db: compressed index fileTimo Teras1-1/+0
2008-11-14db: checksum installed files, protect config filesTimo Teras1-15/+3
Checksum of installed is computed on the fly when extracting them and it'll be saved to fdb. When installing config files those are diverted with suffix .apk-new if earlier version of same file with local changes exist.
2008-11-07use zlib internally to decompressTimo Teras1-9/+12
2008-04-17Initial commit of some stuff written so far. Still in state of flux. ExpectTimo Teras1-0/+42
breakage and major changes.
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-11-02 19:11:00 +0000