mkpkg, adb: validate version and dependency format
Fail if the package or dependency version format is not valid. fixes #10807cute-signatures
Timo Teräs
parent
bd13e774de
commit
6df225eac3
|
|
@ -764,7 +764,7 @@ adb_val_t adb_w_fromstring(struct adb *db, const uint8_t *kind, apk_blob_t val)
|
|||
adb_wo_alloca(&obj, schema, db);
|
||||
if (!schema->fromstring) return ADB_ERROR(APKE_ADB_NO_FROMSTRING);
|
||||
r = schema->fromstring(&obj, val);
|
||||
if (r) return ADB_ERROR(r);
|
||||
if (r) return ADB_ERROR(-r);
|
||||
return adb_w_obj(&obj);
|
||||
}
|
||||
default:
|
||||
|
|
@ -849,7 +849,7 @@ adb_val_t adb_w_arr(struct adb_obj *o)
|
|||
return __adb_w_obj(o, ADB_TYPE_ARRAY);
|
||||
}
|
||||
|
||||
adb_val_t adb_wo_fromstring(struct adb_obj *o, apk_blob_t val)
|
||||
int adb_wo_fromstring(struct adb_obj *o, apk_blob_t val)
|
||||
{
|
||||
adb_wo_reset(o);
|
||||
return o->schema->fromstring(o, val);
|
||||
|
|
|
|||
|
|
@ -213,7 +213,7 @@ void adb_wo_reset(struct adb_obj *);
|
|||
void adb_wo_resetdb(struct adb_obj *);
|
||||
adb_val_t adb_w_obj(struct adb_obj *);
|
||||
adb_val_t adb_w_arr(struct adb_obj *);
|
||||
adb_val_t adb_wo_fromstring(struct adb_obj *o, apk_blob_t);
|
||||
int adb_wo_fromstring(struct adb_obj *o, apk_blob_t);
|
||||
adb_val_t adb_wo_val(struct adb_obj *o, unsigned i, adb_val_t);
|
||||
adb_val_t adb_wo_val_fromstring(struct adb_obj *o, unsigned i, apk_blob_t);
|
||||
adb_val_t adb_wo_int(struct adb_obj *o, unsigned i, uint32_t);
|
||||
|
|
|
|||
|
|
@ -116,6 +116,12 @@ const struct adb_object_schema schema_string_array = {
|
|||
.fields = ADB_ARRAY_ITEM(scalar_string),
|
||||
};
|
||||
|
||||
static adb_val_t version_fromstring(struct adb *db, apk_blob_t val)
|
||||
{
|
||||
if (!apk_version_validate(val)) return ADB_ERROR(APKE_PKGVERSION_FORMAT);
|
||||
return adb_w_blob(db, val);
|
||||
}
|
||||
|
||||
static int version_compare(struct adb *db1, adb_val_t v1, struct adb *db2, adb_val_t v2)
|
||||
{
|
||||
switch (apk_version_compare_blob(adb_r_blob(db1, v1), adb_r_blob(db2, v2))) {
|
||||
|
|
@ -128,7 +134,7 @@ static int version_compare(struct adb *db1, adb_val_t v1, struct adb *db2, adb_v
|
|||
static struct adb_scalar_schema scalar_version = {
|
||||
.kind = ADB_KIND_BLOB,
|
||||
.tostring = string_tostring,
|
||||
.fromstring = string_fromstring,
|
||||
.fromstring = version_fromstring,
|
||||
.compare = version_compare,
|
||||
};
|
||||
|
||||
|
|
@ -327,7 +333,7 @@ static int dependency_fromstring(struct adb_obj *obj, apk_blob_t bdep)
|
|||
return 0;
|
||||
|
||||
fail:
|
||||
return -APKE_ADB_DEPENDENCY_FORMAT;
|
||||
return -APKE_DEPENDENCY_FORMAT;
|
||||
}
|
||||
|
||||
static int dependency_cmp(const struct adb_obj *o1, const struct adb_obj *o2)
|
||||
|
|
@ -356,7 +362,8 @@ static int dependencies_fromstring(struct adb_obj *obj, apk_blob_t b)
|
|||
adb_wo_alloca(&dep, &schema_dependency, obj->db);
|
||||
|
||||
while (apk_dep_split(&b, &bdep)) {
|
||||
adb_wo_fromstring(&dep, bdep);
|
||||
int r = adb_wo_fromstring(&dep, bdep);
|
||||
if (r) return r;
|
||||
adb_wa_append_obj(obj, &dep);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -44,6 +44,8 @@ enum {
|
|||
APKE_SIGNATURE_UNTRUSTED,
|
||||
APKE_SIGNATURE_INVALID,
|
||||
APKE_FORMAT_NOT_SUPPORTED,
|
||||
APKE_PKGVERSION_FORMAT,
|
||||
APKE_DEPENDENCY_FORMAT,
|
||||
APKE_ADB_COMPRESSION,
|
||||
APKE_ADB_HEADER,
|
||||
APKE_ADB_VERSION,
|
||||
|
|
@ -52,7 +54,6 @@ enum {
|
|||
APKE_ADB_SIGNATURE,
|
||||
APKE_ADB_NO_FROMSTRING,
|
||||
APKE_ADB_LIMIT,
|
||||
APKE_ADB_DEPENDENCY_FORMAT,
|
||||
APKE_ADB_PACKAGE_FORMAT,
|
||||
APKE_V2DB_FORMAT,
|
||||
APKE_V2PKG_FORMAT,
|
||||
|
|
|
|||
|
|
@ -242,8 +242,8 @@ static int mkpkg_main(void *pctx, struct apk_ctx *ac, struct apk_string_array *a
|
|||
|
||||
// prepare package info
|
||||
for (i = 0; i < ARRAY_SIZE(ctx->info); i++) {
|
||||
apk_blob_t val = ctx->info[i];
|
||||
if (APK_BLOB_IS_NULL(val)) {
|
||||
apk_blob_t b = ctx->info[i];
|
||||
if (APK_BLOB_IS_NULL(b)) {
|
||||
switch (i) {
|
||||
case ADBI_PI_NAME:
|
||||
case ADBI_PI_VERSION:
|
||||
|
|
@ -254,7 +254,13 @@ static int mkpkg_main(void *pctx, struct apk_ctx *ac, struct apk_string_array *a
|
|||
}
|
||||
continue;
|
||||
}
|
||||
adb_wo_val_fromstring(&pkgi, i, val);
|
||||
adb_val_t val = adb_wo_val_fromstring(&pkgi, i, b);
|
||||
if (ADB_IS_ERROR(val)) {
|
||||
r = ADB_VAL_VALUE(val);
|
||||
apk_err(out, "field '%s' has invalid value: %s",
|
||||
schema_pkginfo.fields[i-1].name, apk_error_str(r));
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
if (adb_ro_val(&pkgi, ADBI_PI_ARCH) == ADB_VAL_NULL)
|
||||
adb_wo_blob(&pkgi, ADBI_PI_ARCH, APK_BLOB_STRLIT(APK_DEFAULT_ARCH));
|
||||
|
|
|
|||
|
|
@ -39,6 +39,8 @@ const char *apk_error_str(int error)
|
|||
case APKE_SIGNATURE_UNTRUSTED: return "UNTRUSTED signature";
|
||||
case APKE_SIGNATURE_INVALID: return "BAD signature";
|
||||
case APKE_FORMAT_NOT_SUPPORTED: return "file format not supported (in this applet)";
|
||||
case APKE_PKGVERSION_FORMAT: return "package version is invalid";
|
||||
case APKE_DEPENDENCY_FORMAT: return "dependency format is invalid";
|
||||
case APKE_ADB_COMPRESSION: return "ADB compression not supported";
|
||||
case APKE_ADB_HEADER: return "ADB header error";
|
||||
case APKE_ADB_VERSION: return "incompatible ADB version";
|
||||
|
|
@ -47,7 +49,6 @@ const char *apk_error_str(int error)
|
|||
case APKE_ADB_SIGNATURE: return "ADB signature block error";
|
||||
case APKE_ADB_NO_FROMSTRING: return "ADB schema error (no fromstring)";
|
||||
case APKE_ADB_LIMIT: return "ADB schema limit reached";
|
||||
case APKE_ADB_DEPENDENCY_FORMAT: return "ADB dependency format";
|
||||
case APKE_ADB_PACKAGE_FORMAT: return "ADB package format";
|
||||
case APKE_V2DB_FORMAT: return "v2 database format error";
|
||||
case APKE_V2PKG_FORMAT: return "v2 package format error";
|
||||
|
|
|
|||
Loading…
Reference in New Issue