From cb6640381808dd629cfa58a21ceaf12e91a82e68 Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <jo@mein.io>
Date: Thu, 31 Jan 2019 08:29:22 +0100
Subject: [PATCH] libopkg: check for file size mismatches

Reject package files whose file size deviates from the size specified
in the package index in order to complicate producing hash collisions.

Ref: https://groups.google.com/d/msg/opkg-devel/o4kiGQMvkiw/hu0TVv59DgAJ
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
---
 libopkg/opkg_install.c | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/libopkg/opkg_install.c b/libopkg/opkg_install.c
index d2d919a..0b7f1f1 100644
--- a/libopkg/opkg_install.c
+++ b/libopkg/opkg_install.c
@@ -1255,6 +1255,7 @@ int opkg_install_pkg(pkg_t * pkg, int from_upgrade)
 	char *file_sha256, *pkg_sha256;
 	sigset_t newset, oldset;
 	const char *local_filename;
+	struct stat pkg_stat;
 	time_t now;
 
 	if (from_upgrade)
@@ -1366,6 +1367,29 @@ int opkg_install_pkg(pkg_t * pkg, int from_upgrade)
 	}
 #endif
 
+	/* Check file size */
+	err = lstat(local_filename, &pkg_stat);
+
+	if (err) {
+		opkg_msg(ERROR, "Failed to stat %s: %s\n",
+		         local_filename, strerror(errno));
+		return -1;
+	}
+
+	if (pkg_stat.st_size != pkg_get_int(pkg, PKG_SIZE)) {
+		if (!conf->force_checksum) {
+			opkg_msg(ERROR,
+			         "Package size mismatch: %s is %lld bytes, expecting %lld bytes\n",
+			         pkg->name, (long long int)pkg_stat.st_size,
+			         (long long int)pkg_get_int(pkg, PKG_SIZE));
+			return -1;
+		} else {
+			opkg_msg(NOTICE,
+			         "Ignored %s size mismatch.\n",
+			         pkg->name);
+		}
+	}
+
 	/* Check for md5 values */
 	pkg_md5 = pkg_get_md5(pkg);
 	if (pkg_md5) {
-- 
2.25.1