Mail archive

APK Tools does not ensure fchmodat/fchownat succeed

From: A. Wilcox <>
Date: Wed, 20 Feb 2019 12:18:57 -0600

update_permissions in src/database.c does not check the return value of
fchmodat nor fchownat. There are a number of reasons it could fail:

- EIO, disk I/O error

- ENOMEM, memory was exhausted while apk was running

- others, though they are much more theoretical (abuild-apk shim hitting
EPERM, a bad package causing ELOOP, a filesystem corruption causing the
FS to go R/O while apk is running causing EROFS)

This also causes a build failure when building on glibc (because glibc
marks these functions as having return values that cannot be ignored).

I think it would be a good idea to ensure these calls succeed and set
the package as having an error if it isn't (so that a reinstallation can
be attempted). But I don't know if there is a reason they are ignored.

I also am not familiar enough with apk-tools to be confident in the
proper way to set error (don't even know if ipkg is accessible from
update_permissions which seems like the main way an error is set).


A. Wilcox (awilfox)
Project Lead, Adélie Linux

Received on Wed Feb 20 2019 - 12:18:57 UTC