summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLevente Polyak <anthraxx@archlinux.org>2015-07-18 17:58:23 +0200
committerAllan McRae <allan@archlinux.org>2015-07-20 12:50:39 +1000
commitdeac9731884a83ad91eab9f27b288f406f56c87b (patch)
tree7c87d265e54cf3c64d5cd2a19aee3821e82f3389
parent445aa3b52cfcd5630ec10d2ae2c8eeffa2b5c5de (diff)
downloadpacman-deac9731884a83ad91eab9f27b288f406f56c87b.tar.xz
ensure matching database and package version
While loading each package ensure that the internal version matches the expected database version to avoid the possibility to circumvent the version check. This issue can be used by an attacker to trick the software into installing an older version. The behavior can be exploited by a man-in-the-middle attack through specially crafted database tarball containing a higher version, yet actually delivering an older and vulnerable version, which was previously shipped. Signed-off-by: Levente Polyak <anthraxx@archlinux.org> Signed-off-by: Remi Gacogne <rgacogne@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
-rw-r--r--lib/libalpm/sync.c18
1 files changed, 18 insertions, 0 deletions
diff --git a/lib/libalpm/sync.c b/lib/libalpm/sync.c
index 888ae15e..e843b07a 100644
--- a/lib/libalpm/sync.c
+++ b/lib/libalpm/sync.c
@@ -1212,6 +1212,7 @@ static int load_packages(alpm_handle_t *handle, alpm_list_t **data,
EVENT(handle, &event);
for(i = handle->trans->add; i; i = i->next, current++) {
+ int error = 0;
alpm_pkg_t *spkg = i->data;
char *filepath;
int percent = (int)(((double)current_bytes / total_bytes) * 100);
@@ -1232,6 +1233,23 @@ static int load_packages(alpm_handle_t *handle, alpm_list_t **data,
spkg->name);
alpm_pkg_t *pkgfile =_alpm_pkg_load_internal(handle, filepath, 1);
if(!pkgfile) {
+ _alpm_log(handle, ALPM_LOG_DEBUG, "failed to load pkgfile internal\n");
+ error = 1;
+ } else {
+ if(strcmp(spkg->name, pkgfile->name) != 0) {
+ _alpm_log(handle, ALPM_LOG_DEBUG,
+ "internal package name mismatch, expected: '%s', actual: '%s'\n",
+ spkg->name, pkgfile->name);
+ error = 1;
+ }
+ if(strcmp(spkg->version, pkgfile->version) != 0) {
+ _alpm_log(handle, ALPM_LOG_DEBUG,
+ "internal package version mismatch, expected: '%s', actual: '%s'\n",
+ spkg->version, pkgfile->version);
+ error = 1;
+ }
+ }
+ if(error != 0) {
errors++;
*data = alpm_list_add(*data, strdup(spkg->filename));
free(filepath);