From 07ccbc26914bea24983931532b97661a75b8a53c Mon Sep 17 00:00:00 2001 From: Allan McRae Date: Sun, 20 Mar 2016 21:23:32 +1000 Subject: Do not add root prefix twice when checking database files When checking .INSTALL and .CHANGELOG files in the mtree file, we need to find the path they are stored in the local database. This was appending the root prefix twice as alpm_option_get_dbpath already returns the absolute path to the database. While fixing that issue I added checks that the paths for the database files were not longer than PATH_MAX. Fixes FS#48563. Signed-off-by: Allan McRae (cherry picked from commit 2ee1706a72858ea365c0e7a1a72d92ef2dae2f75) --- src/pacman/check.c | 54 ++++++++++++++++++++++++++++++------------------------ 1 file changed, 30 insertions(+), 24 deletions(-) (limited to 'src') diff --git a/src/pacman/check.c b/src/pacman/check.c index 0fe74e83..d282cc27 100644 --- a/src/pacman/check.c +++ b/src/pacman/check.c @@ -254,7 +254,6 @@ int check_pkg_full(alpm_pkg_t *pkg) const char *root, *pkgname; size_t errors = 0; size_t rootlen; - char filepath[PATH_MAX]; struct archive *mtree; struct archive_entry *entry = NULL; size_t file_count = 0; @@ -267,7 +266,6 @@ int check_pkg_full(alpm_pkg_t *pkg) pm_printf(ALPM_LOG_ERROR, _("path too long: %s%s\n"), root, ""); return 1; } - strcpy(filepath, root); pkgname = alpm_pkg_get_name(pkg); mtree = alpm_pkg_mtree_open(pkg); @@ -282,6 +280,8 @@ int check_pkg_full(alpm_pkg_t *pkg) while(alpm_pkg_mtree_next(pkg, mtree, &entry) == ARCHIVE_OK) { struct stat st; const char *path = archive_entry_pathname(entry); + char filepath[PATH_MAX]; + int filepath_len; mode_t type; size_t file_errors = 0; int backup = 0; @@ -292,31 +292,37 @@ int check_pkg_full(alpm_pkg_t *pkg) path += 2; } - if(strcmp(path, ".INSTALL") == 0) { - char filename[PATH_MAX]; - snprintf(filename, PATH_MAX, "%slocal/%s-%s/install", - alpm_option_get_dbpath(config->handle) + 1, - pkgname, alpm_pkg_get_version(pkg)); - archive_entry_set_pathname(entry, filename); - path = archive_entry_pathname(entry); - } else if(strcmp(path, ".CHANGELOG") == 0) { - char filename[PATH_MAX]; - snprintf(filename, PATH_MAX, "%slocal/%s-%s/changelog", - alpm_option_get_dbpath(config->handle) + 1, - pkgname, alpm_pkg_get_version(pkg)); - archive_entry_set_pathname(entry, filename); - path = archive_entry_pathname(entry); - } else if(*path == '.') { - continue; - } + if(*path == '.') { + const char *dbfile = NULL; - file_count++; + if(strcmp(path, ".INSTALL") == 0) { + dbfile = "install"; + } else if(strcmp(path, ".CHANGELOG") == 0) { + dbfile = "changelog"; + } else { + continue; + } - if(rootlen + 1 + strlen(path) > PATH_MAX) { - pm_printf(ALPM_LOG_WARNING, _("path too long: %s%s\n"), root, path); - continue; + /* Do not append root directory as alpm_option_get_dbpath is already + * an absoute path */ + filepath_len = snprintf(filepath, PATH_MAX, "%slocal/%s-%s/%s", + alpm_option_get_dbpath(config->handle), + pkgname, alpm_pkg_get_version(pkg), dbfile); + if(filepath_len >= PATH_MAX) { + pm_printf(ALPM_LOG_WARNING, _("path too long: %slocal/%s-%s/%s\n"), + alpm_option_get_dbpath(config->handle), + pkgname, alpm_pkg_get_version(pkg), dbfile); + continue; + } + } else { + filepath_len = snprintf(filepath, PATH_MAX, "%s%s", root, path); + if(filepath_len >= PATH_MAX) { + pm_printf(ALPM_LOG_WARNING, _("path too long: %s%s\n"), root, path); + continue; + } } - strcpy(filepath + rootlen, path); + + file_count++; exists = check_file_exists(pkgname, filepath, rootlen, &st); if(exists == 1) { -- cgit v1.2.3-70-g09d2