GitLab

(cherry picked from commit ca368916)

Detect properly if the file stream gets an error during these
read operations.

Reported-by: Ariel Zelivansky from Twistlock
(cherry picked from commit cd531aef3033475c26f29a1f650a3bf392cc2daa)

The value from tar header is unsigned int; keep it casted to
unsigned int and size_t instead of (signed) int, otherwise
the comparisons fail to do their job properly. Additionally check
entry.size against SSIZE_MAX so the rounding up later on is
guaranteed to not overflow.

Fixes CVE-2017-9669 and CVE-2017-9671.
Reported-by: Ariel Zelivansky from Twistlock

(cherry picked from commit 286aa77ef1811e477895713df162c92b2ffc6df8)

don't overwrite the link_target if it was found from pax header.
ref #5076

preserve [am]time for all packages and indexes. this fixes the caching
error that 'apk update' is after new index is generated, but before
the used mirror is synchronized. this caused local apkindex timestamp
to be newer than file in mirror, when in fact it was outdated index.

this also fixes fetched files to have build timestamp so that files
going to .iso or custom images have proper timestamps (rsync with
appropriate --modify-window now works)

there's no nice syscall to manipulate xattrs with atfd and
or open the symlink without dereferencing it (and having fd
that we can do xattrs with)

user xattrs on tmpfs are not supported no non-grsec kernels,
and many times root fs is mounted without user_xattr. Thus
to allow things to go smoothly on non-grsec kernels xattr
unsupported errors are now hidden.

xattrs can be fixed still now with "apk fix --xattrs"

ref #3027

ref #3027

Acked-by: Natanael Copa <ncopa@alpinelinux.org>

no need to muldiv all the time, just pass the current amount of bytes
done, and let callbacks use that directly.

Otherwise we end up using wrong uid/gid mappings when doing install
to alternate system root. Fixes #434.

the uid and gid are used in other places than just changing file
ownership on extraction.

Seems like recent eglibc requires that you include sys/stat.h

Take the uid/gid from passwd and group.

turns out the logic does not work with overlays as expected due
to busybox symlinks being unmanaged. remove the useless option.

otherwise we always extract the file as .apk-new and the database
side just overwrites.

to never ever overwrite a while in the filesystem the user knows
about. it gives the impression of extraction succeeding even though
nothing was done. this is inteded to be used only for bootstrapping
with overlay.

ability embed description information to repository indexes
(e.g. repository name and version) and show it via "apk version -I".

and take checksums for symlinks too.

We need the define for uint16

this way we never change cwd, and relative filenames are always
parsed consistently. this also helps filename construction in many
places. this patch also changes '--root' to override location of
all configuration to be in the new root. previously it depended
on the file which one was used.

apparently it needs to have both PROT_READ and PROT_WRITE. and
it needs to be MAP_SHARED for the writing to be effective. oh,
and the data needs to be preallocated with ftruncate; otherwise,
one gets SIGBUS.

and force checksumming only when unpacking archive. otherwise
it's extra computation for nothing.

otherwise bad things happens. avoid this be checking end of
stream at the beginning of read.

Otherwise will link(2) fail since it does not exist.

- extract everything as .apk-new and overwrite only after data
  has been checksummed
- url construction fixes (to work with simple http servers)
- end of gunzip stream fixed
- remove oneshot digesting flag for now as it's usage was broken