mirrors/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2025-11-14 03:00:29 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

convert apkcache from pickle to JSON

Browse source 
pickle can serialize executable code, while JSON is only ever pure data.
The APK cache is only ever pure data, so no need for the security risks of
pickle.  For example, if some malicious thing gets write access on the
`fdroid update` machine, it can write out a custom tmp/apkcache which would
then be executed.  That is not possible with JSON.

This does just ignore any existing cache and rebuilds from scratch. That is
so we don't need to maintain pickle anywhere, and to ensure there are no
glitches from a conversion from pickle to JSON.

closes #163
This commit is contained in:
Hans-Christoph Steiner 2018-09-03 18:07:40 +02:00
parent 74776e026f
commit 3011953d0e
6 changed files with 97 additions and 46 deletions
Download patch file Download diff file Expand all files Collapse all files

24
tests/run-tests
View file

@ -177,8 +177,8 @@ if which zipalign || ls -1 $ANDROID_HOME/build-tools/*/zipalign; then
test -e repo/index.xml
test -e repo/index.jar
test -e repo/index-v1.jar
test -e tmp/apkcache
! test -z tmp/apkcache
test -e tmp/apkcache.json
! test -z tmp/apkcache.json
test -L urzip.apk
grep -F '<application id=' repo/index.xml > /dev/null
fi
@ -808,8 +808,8 @@ else
test -e repo/index.xml
test -e repo/index.jar
test -e repo/index-v1.jar
test -e tmp/apkcache
! test -z tmp/apkcache
test -e tmp/apkcache.json
! test -z tmp/apkcache.json
export ANDROID_HOME=$STORED_ANDROID_HOME
fi
@ -860,8 +860,8 @@ $fdroid readmeta
test -e repo/index.xml
test -e repo/index.jar
test -e repo/index-v1.jar
test -e tmp/apkcache
! test -z tmp/apkcache
test -e tmp/apkcache.json
! test -z tmp/apkcache.json
grep -F '<application id=' repo/index.xml > /dev/null
@ -890,8 +890,8 @@ $fdroid readmeta
test -e repo/index.xml
test -e repo/index.jar
test -e repo/index-v1.jar
test -e tmp/apkcache
! test -z tmp/apkcache
test -e tmp/apkcache.json
! test -z tmp/apkcache.json
grep -F '<application id=' repo/index.xml > /dev/null
@ -917,8 +917,8 @@ $fdroid readmeta
test -e repo/index.xml
test -e repo/index.jar
test -e repo/index-v1.jar
test -e tmp/apkcache
! test -z tmp/apkcache
test -e tmp/apkcache.json
! test -z tmp/apkcache.json
grep -F '<application id=' repo/index.xml > /dev/null
@ -1009,8 +1009,8 @@ $fdroid readmeta
test -e repo/index.xml
test -e repo/index.jar
test -e repo/index-v1.jar
test -e tmp/apkcache
! test -z tmp/apkcache
test -e tmp/apkcache.json
! test -z tmp/apkcache.json
grep -F '<application id=' repo/index.xml > /dev/null
# now set fake repo_keyalias