summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRichard Purdie <richard.purdie@linuxfoundation.org>2017-06-16 08:42:30 (GMT)
committerRichard Purdie <richard.purdie@linuxfoundation.org>2017-06-16 09:21:12 (GMT)
commit4515fc952963e233d5f24bb319028e8c68ee7622 (patch)
treec5006a7e21c555c970b7b253218d7aff1f4c3454
parent628aea354d9fe6ce09b2bbe25ab1db26adcfb53e (diff)
downloadpoky-4515fc952963e233d5f24bb319028e8c68ee7622.tar.gz
package_ipk: Clean up Source entry in ipk packages
There is the potential for sensitive information to leak through the urls there and removing it brings this into the behavior of the other package backends since filtering it is likely error prone. Since ipks don't appear to be generated at all if we don't set this, set the field to the recipe name used (basename only, no paths). This avoids information leaking. We may want to drop the field if opkg can allow that at a future point but the recipe name is a suitable identifier for now. Reported-by: Andrej Valek <andrej.valek@siemens.com> (From OE-Core rev: 1aa51cfb4b8d10f478b1a6a68c69a3e35342b1c0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/classes/package_ipk.bbclass7
1 files changed, 3 insertions, 4 deletions
diff --git a/meta/classes/package_ipk.bbclass b/meta/classes/package_ipk.bbclass
index f1ad1d5..5dcbbcd 100644
--- a/meta/classes/package_ipk.bbclass
+++ b/meta/classes/package_ipk.bbclass
@@ -45,6 +45,8 @@ python do_package_ipk () {
45 if os.path.exists(p): 45 if os.path.exists(p):
46 bb.utils.prunedir(p) 46 bb.utils.prunedir(p)
47 47
48 recipesource = os.path.basename(d.getVar('FILE', True))
49
48 for pkg in packages.split(): 50 for pkg in packages.split():
49 localdata = bb.data.createCopy(d) 51 localdata = bb.data.createCopy(d)
50 root = "%s/%s" % (pkgdest, pkg) 52 root = "%s/%s" % (pkgdest, pkg)
@@ -208,10 +210,7 @@ python do_package_ipk () {
208 ctrlfile.write("Replaces: %s\n" % bb.utils.join_deps(rreplaces)) 210 ctrlfile.write("Replaces: %s\n" % bb.utils.join_deps(rreplaces))
209 if rconflicts: 211 if rconflicts:
210 ctrlfile.write("Conflicts: %s\n" % bb.utils.join_deps(rconflicts)) 212 ctrlfile.write("Conflicts: %s\n" % bb.utils.join_deps(rconflicts))
211 src_uri = localdata.getVar("SRC_URI", True).strip() or "None" 213 ctrlfile.write("Source: %s\n" % recipesource)
212 if src_uri:
213 src_uri = re.sub("\s+", " ", src_uri)
214 ctrlfile.write("Source: %s\n" % " ".join(src_uri.split()))
215 ctrlfile.close() 214 ctrlfile.close()
216 215
217 for script in ["preinst", "postinst", "prerm", "postrm"]: 216 for script in ["preinst", "postinst", "prerm", "postrm"]: