From 386125fc8972faca17a211c378af039434f7a42f Mon Sep 17 00:00:00 2001 From: morganamilo Date: Sat, 3 Feb 2024 11:17:01 +0000 Subject: [PATCH] Validate extra data when comparing dbpkg to pkgfile --- lib/libalpm/sync.c | 68 ++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 56 insertions(+), 12 deletions(-) diff --git a/lib/libalpm/sync.c b/lib/libalpm/sync.c index cf436a84..f09f8a5b 100644 --- a/lib/libalpm/sync.c +++ b/lib/libalpm/sync.c @@ -1067,6 +1067,61 @@ static int check_validity(alpm_handle_t *handle, return 0; } +static int dep_not_equal(const alpm_depend_t *left, const alpm_depend_t *right) +{ + return left->name_hash != right->name_hash + || strcmp(left->name, right->name) != 0 + || left->mod != right->mod + || (left->version == NULL) != (right->version == NULL) + || ((left->version && right->version) && strcmp(left->version, right->version) != 0); +} + +static int check_pkg_field_matches_db(alpm_handle_t *handle, const char *field, + alpm_list_t *left, alpm_list_t *right, alpm_list_fn_cmp cmp) +{ + if(!alpm_list_cmp_unsorted(left, right, cmp)) { + _alpm_log(handle, ALPM_LOG_DEBUG, + "internal package %s mismatch\n", field); + return 1; + } + + return 0; +} + +static int check_pkg_matches_db(alpm_pkg_t *spkg, alpm_pkg_t *pkgfile) +{ + alpm_handle_t *handle = spkg->handle; + int error = 0; + + if(strcmp(spkg->name, pkgfile->name) != 0) { + _alpm_log(handle, ALPM_LOG_DEBUG, + "internal package name mismatch, expected: '%s', actual: '%s'\n", + spkg->name, pkgfile->name); + error = 1; + } + if(strcmp(spkg->version, pkgfile->version) != 0) { + _alpm_log(handle, ALPM_LOG_DEBUG, + "internal package version mismatch, expected: '%s', actual: '%s'\n", + spkg->version, pkgfile->version); + error = 1; + } + if(spkg->isize != pkgfile->isize) { + _alpm_log(handle, ALPM_LOG_DEBUG, + "internal package install size mismatch, expected: '%ld', actual: '%ld'\n", + spkg->isize, pkgfile->isize); + error = 1; + } + + error |= check_pkg_field_matches_db(handle, "depends", spkg->depends, pkgfile->depends, (alpm_list_fn_cmp)dep_not_equal); + error |= check_pkg_field_matches_db(handle, "conflicts", spkg->conflicts, pkgfile->conflicts, (alpm_list_fn_cmp)dep_not_equal); + error |= check_pkg_field_matches_db(handle, "replaces", spkg->replaces, pkgfile->replaces, (alpm_list_fn_cmp)dep_not_equal); + error |= check_pkg_field_matches_db(handle, "provides", spkg->provides, pkgfile->provides, (alpm_list_fn_cmp)dep_not_equal); + error |= check_pkg_field_matches_db(handle, "groups", spkg->groups, pkgfile->groups, (alpm_list_fn_cmp)strcmp); + + return error; +} + + static int load_packages(alpm_handle_t *handle, alpm_list_t **data, size_t total, size_t total_bytes) { @@ -1110,18 +1165,7 @@ static int load_packages(alpm_handle_t *handle, alpm_list_t **data, _alpm_log(handle, ALPM_LOG_DEBUG, "failed to load pkgfile internal\n"); error = 1; } else { - if(strcmp(spkg->name, pkgfile->name) != 0) { - _alpm_log(handle, ALPM_LOG_DEBUG, - "internal package name mismatch, expected: '%s', actual: '%s'\n", - spkg->name, pkgfile->name); - error = 1; - } - if(strcmp(spkg->version, pkgfile->version) != 0) { - _alpm_log(handle, ALPM_LOG_DEBUG, - "internal package version mismatch, expected: '%s', actual: '%s'\n", - spkg->version, pkgfile->version); - error = 1; - } + error |= check_pkg_matches_db(spkg, pkgfile); } if(error != 0) { errors++;