From 544a45c16a65c3781fc88477eba6b30b587dc7b3 Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Tue, 16 Jun 2020 17:28:01 +0200 Subject: [PATCH] index: raise error rather than crash on bad repo file If a non-APK is added with the appid/packageName that matches some APKs, it should through an error. Traceback (most recent call last): File "/home/hans/code/fdroid/server/fdroid", line 22, in fdroidserver.__main__.main() File "/home/hans/code/fdroid/server/fdroidserver/__main__.py", line 211, in main mod.main() File "/home/hans/code/fdroid/server/fdroidserver/update.py", line 2343, in main index.make(apps, sortedids, apks, repodirs[0], False) File "/home/hans/code/fdroid/server/fdroidserver/index.py", line 142, in make fdroid_signing_key_fingerprints) File "/home/hans/code/fdroid/server/fdroidserver/index.py", line 166, in make_v1 v1_sort_packages(packages, fdroid_signing_key_fingerprints) File "/home/hans/code/fdroid/server/fdroidserver/index.py", line 292, in v1_sort_packages packages.sort(key=v1_sort_keys) File "/home/hans/code/fdroid/server/fdroidserver/index.py", line 288, in v1_sort_keys .format(apkfilename=package['apkName'])) fdroidserver.exception.FDroidException: at.roteskreuz.stopcorona_8.jobf does not have a valid signature! --- fdroidserver/update.py | 15 +++++++++++++++ tests/index.TestCase | 9 +++++++++ 2 files changed, 24 insertions(+) diff --git a/fdroidserver/update.py b/fdroidserver/update.py index bc31b512..214d016a 100644 --- a/fdroidserver/update.py +++ b/fdroidserver/update.py @@ -2324,7 +2324,13 @@ def main(): options.use_date_from_apk) cachechanged = cachechanged or fcachechanged apks += files + appid_has_apks = set() + appid_has_repo_files = set() for apk in apks: + if apk['apkName'].endswith('.apk'): + appid_has_apks.add(apk['packageName']) + else: + appid_has_repo_files.add(apk['packageName']) if apk['packageName'] not in apps: if options.create_metadata: create_metadata_from_template(apk) @@ -2343,6 +2349,15 @@ def main(): else: logging.warning(msg + '\n\t' + _('Use `fdroid update -c` to create it.')) + mismatch_errors = '' + for appid in appid_has_apks: + if appid in appid_has_repo_files: + appid_files = ', '.join(glob.glob(os.path.join('repo', appid + '_[0-9]*.*'))) + mismatch_errors += (_('{appid} has both APKs and files: {files}') + .format(appid=appid, files=appid_files)) + '\n' + if mismatch_errors: + raise FDroidException(mismatch_errors) + # Scan the archive repo for apks as well if len(repodirs) > 1: archapks, cc = process_apks(apkcache, repodirs[1], knownapks, options.use_date_from_apk) diff --git a/tests/index.TestCase b/tests/index.TestCase index e8f22036..0682e6d9 100755 --- a/tests/index.TestCase +++ b/tests/index.TestCase @@ -395,6 +395,15 @@ class IndexTest(unittest.TestCase): self.maxDiff = None self.assertEquals(css, pretty_css) + def test_v1_sort_packages_with_invalid(self): + i = [{'packageName': 'org.smssecure.smssecure', + 'apkName': 'smssecure-custom.fake', + 'signer': None, + 'versionCode': 11111}] + + fdroidserver.index.v1_sort_packages( + i, fdroidserver.common.load_stats_fdroid_signing_key_fingerprints()) + if __name__ == "__main__": os.chdir(os.path.dirname(__file__))