Commit Graph

1491 Commits (4436222e90e0b3d7f4901b7b83e343e398fb9440)

Author SHA1 Message Date
Timo Teräs a0e59e0897 manifest: support v3 packages 2021-07-30 18:30:44 +03:00
Timo Teräs 727ecc440c verify: support v3 packages 2021-07-30 18:06:34 +03:00
Timo Teräs d3e71bb406 mkndx: support v3 packages 2021-07-30 17:54:30 +03:00
Timo Teräs f61eba0627 extract: use extraction api, and implement it for v3 packages
The extract applet now works with both v2 and v3 packages.
2021-07-30 17:54:25 +03:00
Timo Teräs 5843daf7a1 Further refactor extract API to have separate ops vtable
This splits the callbacks by type, and further prepares the API
to be usable for v3 files too.
2021-07-27 16:28:22 +03:00
Timo Teräs 9c843e4ecd Refactor .apk extraction code
This moves and isolates the tar code to tar.c. And the actual
file extraction to disk is moved to extract.c.

A new API is introduced and used for v2 file extraction. This
essentially moves and isolates the apk_sign_ctx_* beast into
extract_v2.c and offers a saner interface to handling packages.

A place holder is added for v3 extraction.
2021-07-27 14:09:38 +03:00
Timo Teräs 2d4e88aeb1 extract: fix handling of error of regular file extraction
fix the error checking, allow --force-overwrite to work and
do not delete existing file in case of error
2021-07-26 21:08:09 +03:00
Timo Teräs ca1d975e5e libfetch: fix range checking for http/ftp protocol parsing
Various parsing of numeric strings were not having adequate range
checking causing information leak or potential crash.

CVE-2021-36159
fixes #10749

Co-authored-by: Ariadne Conill <ariadne@dereferenced.org>
Reported-by: Samanta Navarro <ferivoz@riseup.net>
2021-07-26 14:43:14 +03:00
Timo Teräs 003e713502 adb: fix some error handling paths 2021-07-26 14:23:49 +03:00
Timo Teräs 083ea5a13b db: add some error checking to database state write
Make errors more observable. Unfortunately full rollback is
non-trivial to implement. This is something to be fixed with
the v3 database format.
2021-07-26 14:10:07 +03:00
Samanta Navarro d212aca070 db: fix installed db writing with long names
Packages containing files with path names longer than 1024 characters
cannot fit into the buffer which is used to write "installed" database.
This leads to bbuf being APK_BLOB_NULL in apk_db_write_fdb because
apk_blob_push_blob notices the condition and correctly handles it.

The problem occurs when arguments to apk_ostream_write are manually
calculated by pointer arithmetics. Since bbuf.ptr is NULL in such a
case, bbuf.ptr - buf leads to a huge size value while buf still points
into the stack.

fixes #10751

[TT: minor edit to commit and abbreviating the commit message]
2021-07-26 13:36:28 +03:00
Timo Teräs aca77e8410 Use __attribute__ ((format)) where possible and fix issues found by it 2021-07-26 10:25:23 +03:00
Timo Teräs 62e1cba691 adb: adb_walk_adb fix out of boundary write
If a signature is longer than max allowed adb signature length
then adb_walk_block writes out of boundary of stack variable tmp.

The len += snprintf is not safe per standard snprintf implementation
(kernel does it differently). Introduce and use apk_blob_push_fmt
which does the checking better.

Fixes #10752

Reported-by: Samanta Navarro <ferivoz@riseup.net>
2021-07-26 10:19:20 +03:00
kpcyrd 90228c4d26 io_archive: Use SOURCE_DATE_EPOCH for meta files instead of current time
[TT: minor stylistic changes]
2021-07-25 09:01:52 +03:00
Timo Teräs c1405f9311 adb: fix error handling of non-adb files 2021-07-25 08:52:43 +03:00
Timo Teräs 3d203e8f5f db: allow read-only operations without cache
fixes #10748
2021-07-23 14:39:38 +03:00
Timo Teräs a0e9c909f7 extract: rework uvol name logic
Add uvol_name to struct apk_file_info so it can be passed down
the extract callbacks in future work. Modify uvol name to not
include the path, but just the filename portion.
2021-07-23 13:51:12 +03:00
Daniel Golle 6c41c6f32e extract: fix uvol parameter order 2021-07-23 13:37:17 +03:00
Timo Teräs 33e85fb1f1 extract: remove unneeded argument from uvol_extract 2021-07-22 16:14:49 +03:00
Timo Teräs e6b7fa49ce adb: add a small adb blob header with versions and root object 2021-07-22 16:14:49 +03:00
Timo Teräs e2ebd761a5 adb: refactor struct adb_header to adb_file_header
In struct adb, do not keep the whole header, just the schema
in host byte order.
2021-07-22 16:14:49 +03:00
Timo Teräs 2f1186aa40 adb: make adb mmap/stream parser more united, add ADB_BLOCK_DATAX
Harden the error checking of expected block types and their order.
Add ADB_BLOCK_DATAX as reserved for >1GB blocks.
2021-07-22 16:14:49 +03:00
Timo Teräs 05364528bb adb, convndx: check istream_close result 2021-07-22 15:30:08 +03:00
Timo Teräs 7e585512f4 io: make apk_istream_get/read() fail on incomplete read 2021-07-22 15:30:08 +03:00
Timo Teräs 395e92b66e io: formalize apk_ostream_write() always writing full data 2021-07-22 15:30:08 +03:00
Timo Teräs 796d298313 rework apk_istream_splice and apk_istream_tee
- apk_istream_splice usage is converted to apk_stream_copy which
  is the newer variant. With caching enabled by default, this
  makes more sense mmapping or using separate buffers.

- apk_istream_tee is reworked to write to apk_ostream, which simplifies
  quite a bit of various things
2021-07-22 15:30:08 +03:00
Timo Teräs b559a81694 io: rework apk_istream_get_* to not return erros in blob value
The interface was slightly cumbersome, so replace these functions
to return explicit error, and make the return blob a pointer arg.
2021-07-22 15:30:08 +03:00
Timo Teräs 94c5e01038 adb: remove the now unused get_default_int() hook
It is no longer needed, and can be later reintroduced if needed.
2021-07-22 15:30:08 +03:00
Timo Teräs 3b00c0dc80 adb: unify various interfaces to adb_m_process
Removes code duplication, and puts important checks in one place.
Support seamless decompression in adbdump.
2021-07-22 15:30:08 +03:00
Timo Teräs 69bcdd23b9 adbsign: support compressed adb files 2021-07-22 15:30:08 +03:00
Timo Teräs 7af34db6cf adb: support seamless de/compression of adb files
Add compression header of adb files. Support uncompressed and
deflate compression at this time.
2021-07-22 15:30:08 +03:00
Timo Teräs 7b58f909fa convndx: add error reporting 2021-07-22 15:30:03 +03:00
Timo Teräs d909ebc25b libfetch: simplify code by merging protocol error handling branches
removes some code duplication
2021-07-16 10:25:14 +03:00
Timo Teräs b2819a6d5a extract: fix integrity check failure to remove the bad file/volume 2021-07-16 10:16:32 +03:00
Timo Teräs 7b30db8dc8 genhelp: improve to work with lua 5.1
Fix the script to not contain \x00 escape which was the only new
feature used.

Fix the meson build script to use given lua interpreter for running
the genhelp.lua.

Based on patch from Daniel Golle <daniel@makrotopia.org>
2021-07-16 10:16:32 +03:00
Timo Teräs 2a25a595ce check trust in adb_trust_write_signatures()
Based on patch from Daniel Golle <daniel@makrotopia.org>
2021-07-16 10:16:32 +03:00
Ariadne Conill 34162d01fd define APK_DEFAULT_ARCH for loongarch targets
Macros used have been taken from Loongson's work-in-progress GCC 12
port.
2021-07-06 13:29:02 -06:00
Timo Teräs 22a81e8fb5 mkpkg, extract: implement support for symlinks, devices and fifos 2021-06-23 20:21:29 +03:00
Timo Teräs 2433c9d23b openssl: explicitly ignore BIO_reset() return value
This caused some -Wall errors on certain gcc versions due
to BIO_reset() being a macro with explicit cast.
2021-06-21 13:03:16 +03:00
Timo Teräs 0683b069ba db: check syscall errors in update_permissions() 2021-06-21 13:02:12 +03:00
Timo Teräs 22281fb4b5 print: handle write() errors in apk_print_progress() 2021-06-21 12:55:32 +03:00
Rodrigo Lourenço ca784ceab3 doc: add missing options to index, info, and version 2021-06-19 18:13:04 +01:00
Timo Teräs d89c219173 reduce misuse of error codes from errno.h 2021-06-19 16:10:13 +03:00
Timo Teräs 17684141fe crypto: improve compatibility
EVP_MD_CTX_set_pkey_ctx() is fairly new openssl function, and not
existing in many alternative. Use EVP_MD_CTX_reset() which is slightly
more heavy but more portable. Add also signature buffer lengths to
work with RSA.
2021-06-19 14:43:22 +03:00
Timo Teräs 8d92f9f2ae mkpkg: ignore special files with warning instead of erroring 2021-06-19 14:27:10 +03:00
Timo Teräs 2eba7f2af7 fixup some includes
- remove unneeded assert.h
- add needed limits.h
2021-06-19 14:25:54 +03:00
Rodrigo Lourenço b980ed8522 Document apk-search
Fixes #10746.
2021-06-19 11:06:32 +00:00
Timo Teräs ee21625839 Remove AUTHORS section from man pages
Use of an AUTHORS section is strongly discouraged. Generally, it
is better not to clutter every page with a list of (over time
potentially numerous) authors.

Add your name to comments in sources, or the root level AUTHORS
file instead.
2021-06-19 14:02:16 +03:00
Timo Teräs d02b1030e9 update Makefile to include new v3 code and applets 2021-06-14 14:17:29 +03:00
Timo Teräs aeeb119fd8 crypto: make EVP_MD_CTX_FLAG_FINALISE optional
Improves compatibility with libressl, wolfssl and older openssl
libraries not having the flag. Usage of this is optional as it's
purely performance optimization related flag.
2021-06-12 08:40:53 +03:00