Radish alpha
H
HardenedBSD-pkg
HardenedBSD Package Manager
Radicle
Git (anonymous pull)
Log in to clone via SSH
Commits
Check files sha256 when delete pkg
Philippe Pepiot committed 15 years ago
commit e18b9288fec1d60d1744e98b47dfabaf1cd816fc
parent 48fc95afae6fc094d27392e75db38c2d96b40229
1 file changed +13 -1
modified libpkg/pkg_delete.c
@@ -1,5 +1,8 @@
+ 
#include <string.h>

#include <err.h>

#include <unistd.h>
+ 
#include <sha256.h>
+ 
#include <sys/stat.h>



#include "pkg.h"
@@ -8,6 +11,8 @@ pkg_delete(struct pkg *pkg, struct pkgdb *db, int force)
{

	struct pkg **rdeps;

	struct pkg_file **files;
+ 
	char sha256[65], *sha256_ptr;
+ 
	struct stat st;



	if (pkg == NULL || db == NULL)

		return (-1);
@@ -24,7 +29,14 @@ pkg_delete(struct pkg *pkg, struct pkgdb *db, int force)
	}



	for (int i = 0; files[i] != NULL; i++) {
- 
		if (unlink(pkg_file_path(files[i])) == -1) {
+ 
		/* check sha256 */
+ 
		if (lstat(pkg_file_path(files[i]), &st) != -1 && !S_ISLNK(st.st_mode) &&
+ 
			((sha256_ptr = SHA256_File(pkg_file_path(files[i]), sha256)) == NULL ||
+ 
			strcmp(sha256_ptr, pkg_file_sha256(files[i])) != 0))
+ 
			warnx("%s fails original SHA256 checksum, not removed",
+ 
					pkg_file_path(files[i]));
+
+ 
		else if (unlink(pkg_file_path(files[i])) == -1) {

			warn("unlink(%s)", pkg_file_path(files[i]));

			continue;

		}