diff options
author | Michael Vogt <mvo@ubuntu.com> | 2014-09-17 14:57:05 +0200 |
---|---|---|
committer | Michael Vogt <mvo@ubuntu.com> | 2014-09-17 15:04:47 +0200 |
commit | 3fa61cd604da1a4d744cebf3fbb747bf7c80bf91 (patch) | |
tree | 8c38d1d9f4e0e28ffe30cd2ccf97bb98271f9a80 | |
parent | 33cb8ac173733b716cbaec5ae0e7296cd75bca8d (diff) |
Fix regression for file:/// uris from CVE-2014-0487
Do not run ReverifyAfterIMS() for local file URIs as this will
causes apt to mess around in the file:/// uri space. This is
wrong in itself, but it will also cause a incorrect verification
failure when the archive and the lists directory are on different
partitions as rename().
-rw-r--r-- | apt-pkg/acquire-item.cc | 18 | ||||
-rwxr-xr-x | test/integration/test-apt-update-file | 27 |
2 files changed, 33 insertions, 12 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 1ffab9612..a48be70c2 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -949,12 +949,6 @@ void pkgAcqIndex::Done(string Message,unsigned long long Size,string Hash, string FileName = LookupTag(Message,"Alt-Filename"); if (FileName.empty() == false) { - // The files timestamp matches - if (StringToBool(LookupTag(Message,"Alt-IMS-Hit"),false) == true) - { - ReverifyAfterIMS(FileName); - return; - } Decompression = true; Local = true; DestFile += ".decomp"; @@ -971,18 +965,18 @@ void pkgAcqIndex::Done(string Message,unsigned long long Size,string Hash, ErrorText = "Method gave a blank filename"; } + if (FileName == DestFile) + Erase = true; + else + Local = true; + // The files timestamp matches - if (StringToBool(LookupTag(Message,"IMS-Hit"),false) == true) + if (!Local && StringToBool(LookupTag(Message,"IMS-Hit"),false) == true) { ReverifyAfterIMS(FileName); return; } - if (FileName == DestFile) - Erase = true; - else - Local = true; - string decompProg; // If we enable compressed indexes, queue for hash verification diff --git a/test/integration/test-apt-update-file b/test/integration/test-apt-update-file new file mode 100755 index 000000000..069f8ba2f --- /dev/null +++ b/test/integration/test-apt-update-file @@ -0,0 +1,27 @@ +#!/bin/sh +# +# Ensure that we do not modify file:/// uris (regression test for +# CVE-2014-0487 +# +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "amd64" +configcompression 'bz2' 'gz' + +insertpackage 'unstable' 'foo' 'all' '1.0' + +umask 022 +setupaptarchive --no-update + +# ensure the archive is not writable +chmod 550 aptarchive/dists/unstable/main/binary-amd64 + +testsuccess aptget update -qq +testsuccess aptget update -qq + +# the cleanup should still work +chmod 750 aptarchive/dists/unstable/main/binary-amd64 |