match the full file name when looking for the v1 signature block

ZipFile.namelist() produces a string per file. The filename could contain newline chars, including at the beginning and end. ^$ in regex matches around newline chars. \A\Z matches the beginning/end of the full string. This is exactly the same as obfusk's r'\AMETA-INF/(?s:.)*\.(DSA|EC|RSA)\Z' but in a readable format that is also easily searchable, and standard for this code base. https://github.com/obfusk/fdroid-fakesigner-poc/blob/master/fdroidserver-regex.patch #1251
2025-11-05 15:00:30 +03:00 · 2025-01-15 14:41:53 +01:00 · 2025-01-15 14:41:53 +01:00 · 20caa6fa1c
commit 20caa6fa1c
parent 0bb240fac6
2 changed files with 29 additions and 1 deletions
--- a/fdroidserver/common.py
+++ b/fdroidserver/common.py
@ -94,7 +94,7 @@ MINIMUM_APKSIGNER_BUILD_TOOLS_VERSION = '30.0.0'
 VERCODE_OPERATION_RE = re.compile(r'^([ 0-9/*+-]|%c)+$')

 # A signature block file with a .DSA, .RSA, or .EC extension
-SIGNATURE_BLOCK_FILE_REGEX = re.compile(r'^META-INF/.*\.(DSA|EC|RSA)$')
+SIGNATURE_BLOCK_FILE_REGEX = re.compile(r'\AMETA-INF/.*\.(DSA|EC|RSA)\Z', re.DOTALL)
 APK_NAME_REGEX = re.compile(r'^([a-zA-Z][\w.]*)_(-?[0-9]+)_?([0-9a-f]{7})?\.apk')
 APK_ID_TRIPLET_REGEX = re.compile(r"^package: name='(\w[^']*)' versionCode='([^']+)' versionName='([^']*)'")
 STANDARD_FILE_NAME_REGEX = re.compile(r'^(\w[\w.]*)_(-?[0-9]+)\.\w+')