File n-0082-trivial-aptcc-Make-state-change-check-mo... of Package PackageKit

Overview Repositories Revisions Requests Users Attributes Meta

File n-0082-trivial-aptcc-Make-state-change-check-more-robust.patch of Package PackageKit

From 3b3d435ea5c136000d311b085cfc0bbd34bf4264 Mon Sep 17 00:00:00 2001
From: Matthias Klumpp <matthias@tenstral.net>
Date: Fri, 11 Feb 2022 04:44:19 +0100
Subject: [PATCH 082/102] trivial: aptcc: Make state-change-check more robust

A plus sign will be filtered out already, but in case someone did manage
to sneak it in as a repository origin name, and some other issue
resulted in the package-IDs not being checked against the local cache
(and "our" prefixing was skipped), an attacker could change the package
states to auto and brick a system.
This is an extremely unrealistic scenario, but still, we should make
this check complete and include the colon-separator, as that will never
be permitted as repo origin and is sanitized for at every occasion.

diff --git a/backends/aptcc/apt-cache-file.cpp b/backends/aptcc/apt-cache-file.cpp
index 636f0e233..ceb5f39b7 100644
--- a/backends/aptcc/apt-cache-file.cpp
+++ b/backends/aptcc/apt-cache-file.cpp
@@ -369,9 +369,9 @@ PkgInfo AptCacheFile::resolvePkgID(const gchar *packageId)
 
     // check if any intended action was encoded in this package-ID
     auto piAction = PkgAction::NONE;
-    if (g_str_has_prefix(parts[PK_PACKAGE_ID_DATA], "+auto"))
+    if (g_str_has_prefix(parts[PK_PACKAGE_ID_DATA], "+auto:"))
             piAction = PkgAction::INSTALL_AUTO;
-    else if (g_str_has_prefix(parts[PK_PACKAGE_ID_DATA], "+manual"))
+    else if (g_str_has_prefix(parts[PK_PACKAGE_ID_DATA], "+manual:"))
         piAction = PkgAction::INSTALL_MANUAL;
 
     const pkgCache::VerIterator &ver = findVer(pkg);
-- 
2.35.1

Places

File n-0082-trivial-aptcc-Make-state-change-check-more-robust.patch of Package PackageKit

Places