commit abda67d236225bf3dbd811ef21bbb4ee5cc776cf
from: Omar Polo <op@omarpolo.com>
via: Thomas Adam <thomas@xteddy.org>
date: Sat Aug 10 22:33:54 2024 UTC

fix signedness issue in got_pack_index() after sha256 work

Later we try to see to -digest_len from the end of the file, and
this on 32bit arches has some issues: size_t is 32bit and being
unsigned becomes a huge number that then is casted to a off_t
(signed, and larger) and makes us seek very, very far from the end
of file.  Then, read(2) returns zero because we're at end of file
and trying to send packs to gotd fails with "I/O error".  This was
introduced when SHA1_DIGEST_LENGTH was converted to digest_len.

ok jamsek, stsp

commit - ebe4b21049f73b66d75d89f509ee7abf517c0d51
commit + abda67d236225bf3dbd811ef21bbb4ee5cc776cf
blob - b1134061b726b96e1975af1f5fe099a8a7ebe727
blob + 1af93f40f28323c827cc93dc149f8cf97a063b5a
--- lib/pack_index.c
+++ lib/pack_index.c
@@ -626,8 +626,11 @@ got_pack_index(struct got_pack *pack, int idxfd, FILE 
 	size_t mapoff = 0;
 	int p_indexed = 0, last_p_indexed = -1;
 	int p_resolved = 0, last_p_resolved = -1;
-	size_t digest_len = got_hash_digest_length(pack->algo);
+	ssize_t digest_len;
 
+	/* This has to be signed for lseek(2) later */
+	digest_len = got_hash_digest_length(pack->algo);
+
 	/* Require that pack file header and hash trailer are present. */
 	if (pack->filesize < sizeof(hdr) + digest_len)
 		return got_error_msg(GOT_ERR_BAD_PACKFILE,