[openwrt/openwrt] apk: handle edge case when parsing .apk files
LEDE Commits
lede-commits at lists.infradead.org
Thu Feb 12 01:23:59 PST 2026
robimarko pushed a commit to openwrt/openwrt.git, branch main:
https://git.openwrt.org/8c6ed4e927373282b654420ad3962a6a0ea110c3
commit 8c6ed4e927373282b654420ad3962a6a0ea110c3
Author: Matt Merhar <mattmerhar at protonmail.com>
AuthorDate: Wed Feb 11 17:30:53 2026 -0500
apk: handle edge case when parsing .apk files
This was a regression introduced in the recent alignment changes and led
to failures when reading (i.e. 'mkndx') certain packages like follows:
ERROR: python3-botocore-1.31.7-r1.apk: unexpected end of file
It affected packages with a header size greater than the read buffer
size of 128KB but less than 160KB (128KB + (128KB / 4)).
In those cases, we'd attempt a 0 byte read, leading to APKE_EOF.
Based on some tests of files across multiple archs and feeds, it seems
the only packages meeting those criteria were python3-botocore and
golang-github-jedisct1-dnscrypt-proxy2-dev.
Fixes: 64ec08eee1 ("apk: backport upstream fixes for unaligned access")
Signed-off-by: Matt Merhar <mattmerhar at protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/21992
Signed-off-by: Robert Marko <robimarko at gmail.com>
---
package/system/apk/Makefile | 2 +-
...ndle-edge-case-when-refilling-read-buffer.patch | 29 ++++++++++++++++++++++
2 files changed, 30 insertions(+), 1 deletion(-)
diff --git a/package/system/apk/Makefile b/package/system/apk/Makefile
index 34d1e72a51..98902565e2 100644
--- a/package/system/apk/Makefile
+++ b/package/system/apk/Makefile
@@ -1,7 +1,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=apk
-PKG_RELEASE:=4
+PKG_RELEASE:=5
PKG_SOURCE_URL=https://gitlab.alpinelinux.org/alpine/apk-tools.git
PKG_SOURCE_PROTO:=git
diff --git a/package/system/apk/patches/0034-io-handle-edge-case-when-refilling-read-buffer.patch b/package/system/apk/patches/0034-io-handle-edge-case-when-refilling-read-buffer.patch
new file mode 100644
index 0000000000..9bc143e0e6
--- /dev/null
+++ b/package/system/apk/patches/0034-io-handle-edge-case-when-refilling-read-buffer.patch
@@ -0,0 +1,29 @@
+From 1e985a4444d8c9ab5a0804b555858dcf518b243a Mon Sep 17 00:00:00 2001
+From: Matt Merhar <mattmerhar at protonmail.com>
+Date: Wed, 11 Feb 2026 16:04:52 -0500
+Subject: [PATCH] io: handle edge case when refilling read buffer
+
+This caused failures when processing specific (< 0.1%) .apk files in
+the packages feed.
+
+It affected packages with a header size greater than the read buffer
+size of 128KB but less than 160KB (128KB + (128KB / 4)).
+
+In those cases, we'd attempt a 0 byte read, leading to APKE_EOF.
+---
+ src/io.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/src/io.c
++++ b/src/io.c
+@@ -120,6 +120,10 @@ ssize_t apk_istream_read_max(struct apk_
+ continue;
+ }
+
++ if (is->ptr - is->buf >= APK_ISTREAM_ALIGN_SYNC) {
++ is->ptr = is->end = is->buf + ((is->ptr - is->buf) % APK_ISTREAM_ALIGN_SYNC);
++ }
++
+ r = is->ops->read(is, is->ptr, is->buf + is->buf_size - is->ptr);
+ if (r <= 0) break;
+
More information about the lede-commits
mailing list