1. 06 Sep, 2018 1 commit
  2. 23 Jun, 2017 2 commits
    • Timo Teräs's avatar
      archive: validate reading of pax and gnu long filename extensions · cb5972fb
      Timo Teräs authored
      Detect properly if the file stream gets an error during these
      read operations.
      
      Reported-by: Ariel Zelivansky from Twistlock
      (cherry picked from commit cd531aef3033475c26f29a1f650a3bf392cc2daa)
      cb5972fb
    • Timo Teräs's avatar
      archive: fix incorrect bounds checking for memory allocation · 28537112
      Timo Teräs authored
      The value from tar header is unsigned int; keep it casted to
      unsigned int and size_t instead of (signed) int, otherwise
      the comparisons fail to do their job properly. Additionally check
      entry.size against SSIZE_MAX so the rounding up later on is
      guaranteed to not overflow.
      
      Fixes CVE-2017-9669 and CVE-2017-9671.
      Reported-by: Ariel Zelivansky from Twistlock
      
      (cherry picked from commit 286aa77ef1811e477895713df162c92b2ffc6df8)
      28537112
  3. 09 Feb, 2016 1 commit
  4. 09 Nov, 2015 1 commit
    • Timo Teräs's avatar
      io, database: preserve [am]time for cached and fetched files · cce4cff5
      Timo Teräs authored
      preserve [am]time for all packages and indexes. this fixes the caching
      error that 'apk update' is after new index is generated, but before
      the used mirror is synchronized. this caused local apkindex timestamp
      to be newer than file in mirror, when in fact it was outdated index.
      
      this also fixes fetched files to have build timestamp so that files
      going to .iso or custom images have proper timestamps (rsync with
      appropriate --modify-window now works)
      cce4cff5
  5. 17 Apr, 2015 3 commits
  6. 11 Mar, 2015 1 commit
  7. 10 Mar, 2015 2 commits
  8. 01 Nov, 2014 1 commit
  9. 20 Sep, 2013 1 commit
  10. 28 Jun, 2013 1 commit
  11. 17 Jun, 2013 1 commit
  12. 18 Apr, 2013 1 commit
  13. 13 Sep, 2011 1 commit
  14. 08 Oct, 2010 1 commit
  15. 23 Sep, 2010 1 commit
  16. 30 Aug, 2010 1 commit
  17. 12 Jun, 2010 1 commit
  18. 11 Jun, 2010 2 commits
  19. 21 Dec, 2009 1 commit
  20. 06 Nov, 2009 2 commits
  21. 03 Sep, 2009 1 commit
  22. 11 Aug, 2009 2 commits
  23. 03 Aug, 2009 1 commit
  24. 31 Jul, 2009 1 commit
    • Timo Teräs's avatar
      apk: use *at instead of chdir+normal file syscall · ea901526
      Timo Teräs authored
      this way we never change cwd, and relative filenames are always
      parsed consistently. this also helps filename construction in many
      places. this patch also changes '--root' to override location of
      all configuration to be in the new root. previously it depended
      on the file which one was used.
      ea901526
  25. 30 Jul, 2009 1 commit
    • Timo Teräs's avatar
      io: fix mmap writing to actually work · 8e4075e6
      Timo Teräs authored
      apparently it needs to have both PROT_READ and PROT_WRITE. and
      it needs to be MAP_SHARED for the writing to be effective. oh,
      and the data needs to be preallocated with ftruncate; otherwise,
      one gets SIGBUS.
      8e4075e6
  26. 29 Jul, 2009 2 commits
  27. 23 Jul, 2009 1 commit
  28. 22 Jul, 2009 2 commits
  29. 21 Jul, 2009 3 commits