1. 23 Jun, 2017 3 commits
    • Timo Teräs's avatar
      io: make io vtables const struct, and add accessors for them · ec0aae11
      Timo Teräs authored
      This reduces function pointers in heap, and unifies how the
      io functions are called.
      
      (cherry picked from commit 09ca58863af02d11e8dbf066b714464fb1638e6f)
      ec0aae11
    • Timo Teräs's avatar
      archive: validate reading of pax and gnu long filename extensions · 430b950d
      Timo Teräs authored
      Detect properly if the file stream gets an error during these
      read operations.
      
      Reported-by: Ariel Zelivansky from Twistlock
      (cherry picked from commit cd531aef3033475c26f29a1f650a3bf392cc2daa)
      430b950d
    • Timo Teräs's avatar
      archive: fix incorrect bounds checking for memory allocation · 74484710
      Timo Teräs authored
      The value from tar header is unsigned int; keep it casted to
      unsigned int and size_t instead of (signed) int, otherwise
      the comparisons fail to do their job properly. Additionally check
      entry.size against SSIZE_MAX so the rounding up later on is
      guaranteed to not overflow.
      
      Fixes CVE-2017-9669 and CVE-2017-9671.
      Reported-by: Ariel Zelivansky from Twistlock
      
      (cherry picked from commit 286aa77ef1811e477895713df162c92b2ffc6df8)
      74484710
  2. 28 Apr, 2017 4 commits
  3. 27 Apr, 2017 1 commit
  4. 26 Apr, 2017 1 commit
  5. 25 Apr, 2017 3 commits
  6. 24 Apr, 2017 2 commits
  7. 29 Mar, 2017 1 commit
    • Avi Halachmi's avatar
      progress: shorten bar to prevent newlines on some terminals · 515f31eb
      Avi Halachmi authored
      On some (probably buggy) terminals, printing up to the rightmost column
      may end up with the terminal issueing a newline (probably due to putting
      the cursor at the next char -> new line).
      
      Some other progress bars avoid it by not reaching the rightmost column.
      
      Shorten the bar width from term-width - 7 to -8 (the 7 are "xxx% []").
      515f31eb
  8. 13 Mar, 2017 2 commits
  9. 06 Mar, 2017 1 commit
  10. 28 Feb, 2017 2 commits
  11. 27 Feb, 2017 6 commits
  12. 16 Feb, 2017 1 commit
  13. 15 Feb, 2017 1 commit
  14. 17 Jan, 2017 1 commit
    • Breno Leitao's avatar
      Add ppc64le entry in apk defines. · 28a9dcda
      Breno Leitao authored
      Currently apk only knows about powerpc and ppc64. I am adding support for ppc64le.
      ppc64le is the based on the ABI v2, which defines the endianess as little,
      while ppc64 is based on the first 64-bits ABI.
      28a9dcda
  15. 05 Jan, 2017 1 commit
  16. 21 Nov, 2016 1 commit
  17. 25 Oct, 2016 1 commit
  18. 23 Aug, 2016 1 commit
    • Timo Teräs's avatar
      pkg: reset umask for package scripts · 0545fa0d
      Timo Teräs authored
      It is unreasonable to assume that all package writers would except
      to reset umask themselves. It's done currently in most packages,
      but we had first issue of this kind recently, so better just reset
      umask.
      0545fa0d
  19. 22 Jul, 2016 2 commits
  20. 08 Jul, 2016 1 commit
  21. 06 Jul, 2016 1 commit
  22. 13 Jun, 2016 2 commits
  23. 31 May, 2016 1 commit