Created
September 4, 2023 23:44
-
-
Save ativarsoft/29af50bed086b0a3b752b145051abf3b to your computer and use it in GitHub Desktop.
Prevent fake malicious debian packages created by cryptocurrency miners from being installed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/apt-pkg/contrib/hashes.cc b/apt-pkg/contrib/hashes.cc | |
index 80b9bbf3f..ac0ec5286 100644 | |
--- a/apt-pkg/contrib/hashes.cc | |
+++ b/apt-pkg/contrib/hashes.cc | |
@@ -135,6 +135,30 @@ std::string HashString::GetHashForFile(std::string filename) const /*{{{*/ | |
Hashes SHA512(Hashes::SHA512SUM); | |
SHA512.AddFD(Fd); | |
fileHash = SHA512.GetHashString(Hashes::SHA512SUM).Hash; | |
+ } else if (strcasecmp(Type.c_str(), "All") == 0) { | |
+ fileHash = ""; | |
+ | |
+ Hashes MD5(Hashes::MD5SUM); | |
+ MD5.AddFD(Fd); | |
+ fileHash += MD5.GetHashString(Hashes::MD5SUM).Hash; | |
+ | |
+ Fd.Seek(0); | |
+ | |
+ Hashes SHA1(Hashes::SHA1SUM); | |
+ SHA1.AddFD(Fd); | |
+ fileHash += SHA1.GetHashString(Hashes::SHA1SUM).Hash; | |
+ | |
+ Fd.Seek(0); | |
+ | |
+ Hashes SHA256(Hashes::SHA256SUM); | |
+ SHA256.AddFD(Fd); | |
+ fileHash += SHA256.GetHashString(Hashes::SHA256SUM).Hash; | |
+ | |
+ Fd.Seek(0); | |
+ | |
+ Hashes SHA512(Hashes::SHA512SUM); | |
+ SHA512.AddFD(Fd); | |
+ fileHash += SHA512.GetHashString(Hashes::SHA512SUM).Hash; | |
} | |
else if (strcasecmp(Type.c_str(), "Checksum-FileSize") == 0) | |
strprintf(fileHash, "%llu", Fd.FileSize()); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment