libopkg: check for file size mismatches
authorJo-Philipp Wich <jo@mein.io>
Thu, 31 Jan 2019 07:29:22 +0000 (08:29 +0100)
committerJo-Philipp Wich <jo@mein.io>
Thu, 31 Jan 2019 07:39:18 +0000 (08:39 +0100)
Reject package files whose file size deviates from the size specified
in the package index in order to complicate producing hash collisions.

Ref: https://groups.google.com/d/msg/opkg-devel/o4kiGQMvkiw/hu0TVv59DgAJ
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
libopkg/opkg_install.c

index d2d919a..0b7f1f1 100644 (file)
@@ -1255,6 +1255,7 @@ int opkg_install_pkg(pkg_t * pkg, int from_upgrade)
        char *file_sha256, *pkg_sha256;
        sigset_t newset, oldset;
        const char *local_filename;
+       struct stat pkg_stat;
        time_t now;
 
        if (from_upgrade)
@@ -1366,6 +1367,29 @@ int opkg_install_pkg(pkg_t * pkg, int from_upgrade)
        }
 #endif
 
+       /* Check file size */
+       err = lstat(local_filename, &pkg_stat);
+
+       if (err) {
+               opkg_msg(ERROR, "Failed to stat %s: %s\n",
+                        local_filename, strerror(errno));
+               return -1;
+       }
+
+       if (pkg_stat.st_size != pkg_get_int(pkg, PKG_SIZE)) {
+               if (!conf->force_checksum) {
+                       opkg_msg(ERROR,
+                                "Package size mismatch: %s is %lld bytes, expecting %lld bytes\n",
+                                pkg->name, (long long int)pkg_stat.st_size,
+                                (long long int)pkg_get_int(pkg, PKG_SIZE));
+                       return -1;
+               } else {
+                       opkg_msg(NOTICE,
+                                "Ignored %s size mismatch.\n",
+                                pkg->name);
+               }
+       }
+
        /* Check for md5 values */
        pkg_md5 = pkg_get_md5(pkg);
        if (pkg_md5) {