commit 5d0baf4e3f639af9dcfcde4e24f9db7aa72332c3
from: Omar Polo <op@omarpolo.com>
date: Sat Aug 10 15:44:55 2024 UTC

fix signedness issue in got_pack_index() after sha256 work

Later we try to see to -digest_len from the end of the file, and
this on 32bit arches has some issues: size_t is 32bit and being
unsigned becomes a huge number that then is casted to a off_t
(signed, and larger) and makes us seek very, very far from the end
of file.  Then, read(2) returns zero because we're at end of file
and trying to send packs to gotd fails with "I/O error".  This was
introduced when SHA1_DIGEST_LENGTH was converted to digest_len.

ok jamsek, stsp

commit - faf51db5e8152629d9c4aa4672b3f26e6acecf10
commit + 5d0baf4e3f639af9dcfcde4e24f9db7aa72332c3
blob - f5c3ffa28603a655efaca764f0ff6031de2ef9f5
blob + 178e7e91153e42da5da0b4bd7591767bc0a63e21
--- lib/pack_index.c
+++ lib/pack_index.c
@@ -627,8 +627,11 @@ got_pack_index(struct got_pack *pack, int idxfd, FILE 
 	size_t mapoff = 0;
 	int p_indexed = 0, last_p_indexed = -1;
 	int p_resolved = 0, last_p_resolved = -1;
-	size_t digest_len = got_hash_digest_length(pack->algo);
+	ssize_t digest_len;
 
+	/* This has to be signed for lseek(2) later */
+	digest_len = got_hash_digest_length(pack->algo);
+
 	/* Require that pack file header and hash trailer are present. */
 	if (pack->filesize < sizeof(hdr) + digest_len)
 		return got_error_msg(GOT_ERR_BAD_PACKFILE,