jaiden
/
apk-tools
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

manifest: fix package file processing 

This change ensures that apk_sign_ctx_process_file() and
apk_sign_ctx_parse_pkginfo_line() are called during archive
processing, allowing discovery of signatures and the data section
checksum.

Fixes a bug uncovered by commit f123d77e.
cute-signatures
Reid Rankin 2020-01-23 16:04:01 +00:00 committed by Timo Teräs
parent 67696b2ac6
commit 1f9e56d8a4
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/manifest.c
View File

@ -64,11 +64,14 @@ static int read_file_entry(void *ctx, const struct apk_file_info *ae,
struct manifest_file_ctx *mctx = ctx; struct manifest_file_ctx *mctx = ctx;
char csum_buf[(APK_CHECKSUM_SHA1 * 2) + 1]; char csum_buf[(APK_CHECKSUM_SHA1 * 2) + 1];
apk_blob_t csum_blob = APK_BLOB_BUF(csum_buf); apk_blob_t csum_blob = APK_BLOB_BUF(csum_buf);
int r;
if (ae->name[0] == '.') { r = apk_sign_ctx_verify_tar(mctx->sctx, ae, is);
if (!strncmp(ae->name, ".PKGINFO", 8) || !strncmp(ae->name, ".SIGN.", 6)) if (r != 0)
return 0; return r;
}
if (!mctx->sctx->data_started)
return 0;
if ((ae->mode & S_IFMT) != S_IFREG) if ((ae->mode & S_IFMT) != S_IFREG)
return 0; return 0;