From: Baptiste Jonglez <[email protected]> The file size check was added in cb6640381808dd ("libopkg: check for file size mismatches"). Its purpose is to provide an additional line of defense against hash collisions.
It is more user-friendly to tell the user that the checksum is wrong, so move the file size check at the end. Signed-off-by: Baptiste Jonglez <[email protected]> --- libopkg/opkg_install.c | 48 +++++++++++++++++++++--------------------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/libopkg/opkg_install.c b/libopkg/opkg_install.c index 27c9484..183a1dc 100644 --- a/libopkg/opkg_install.c +++ b/libopkg/opkg_install.c @@ -1367,30 +1367,6 @@ int opkg_install_pkg(pkg_t * pkg, int from_upgrade) } #endif - /* Check file size */ - err = lstat(local_filename, &pkg_stat); - - if (err) { - opkg_msg(ERROR, "Failed to stat %s: %s\n", - local_filename, strerror(errno)); - return -1; - } - - pkg_expected_size = pkg_get_int(pkg, PKG_SIZE); - - if (pkg_expected_size > 0 && pkg_stat.st_size != pkg_expected_size) { - if (!conf->force_checksum) { - opkg_msg(ERROR, - "Package size mismatch: %s is %lld bytes, expecting %lld bytes\n", - pkg->name, (long long int)pkg_stat.st_size, pkg_expected_size); - return -1; - } else { - opkg_msg(NOTICE, - "Ignored %s size mismatch.\n", - pkg->name); - } - } - /* Check for md5 values */ pkg_md5 = pkg_get_md5(pkg); if (pkg_md5) { @@ -1434,6 +1410,30 @@ int opkg_install_pkg(pkg_t * pkg, int from_upgrade) free(file_sha256); } + /* Check file size */ + err = lstat(local_filename, &pkg_stat); + + if (err) { + opkg_msg(ERROR, "Failed to stat %s: %s\n", + local_filename, strerror(errno)); + return -1; + } + + pkg_expected_size = pkg_get_int(pkg, PKG_SIZE); + + if (pkg_expected_size > 0 && pkg_stat.st_size != pkg_expected_size) { + if (!conf->force_checksum) { + opkg_msg(ERROR, + "Package size mismatch: %s is %lld bytes, expecting %lld bytes\n", + pkg->name, (long long int)pkg_stat.st_size, pkg_expected_size); + return -1; + } else { + opkg_msg(NOTICE, + "Ignored %s size mismatch.\n", + pkg->name); + } + } + if (conf->download_only) { if (conf->nodeps == 0) { err = satisfy_dependencies_for(pkg); -- 2.27.0 _______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-devel
