lib/verifysig.c: use read instead of mmap to read signature files

There is no point in mmaping 512 byte files and is probably hurting performance.
void-linux · Jul 11, 2020 · dda1c5d · dda1c5d
1 parent 9f32c18
commit dda1c5d
Showing 1 changed file with 24 additions and 15 deletions.
diff --git a/lib/verifysig.c b/lib/verifysig.c
@@ -82,26 +82,35 @@ bool
 xbps_verify_signature(struct xbps_repo *repo, const char *sigfile,
 		unsigned char *digest)
 {
-	unsigned char *sig_buf = NULL;
-	size_t sigbuflen, sigfilelen;
-	bool val = false;
+	unsigned char buf[512];
+	struct stat st;
+	ssize_t rd = 0;
+	int fd = -1;
 
-	if (!xbps_mmap_file(sigfile, (void *)&sig_buf, &sigbuflen, &sigfilelen)) {
-		xbps_dbg_printf(repo->xhp, "can't open signature file %s: %s\n",
+	if ((fd = open(sigfile, O_RDONLY|O_CLOEXEC)) == -1 || fstat(fd, &st) == -1) {
+		xbps_error_printf("can't open signature file %s: %s\n",
 		    sigfile, strerror(errno));
-		goto out;
+		close(fd);
+		return false;
 	}
-	/*
-	 * Verify fname RSA signature.
-	 */
-	if (rsa_verify_hash(repo, sig_buf, sigfilelen, digest))
-		val = true;
 
-out:
-	if (sig_buf)
-		(void)munmap(sig_buf, sigbuflen);
+	if (st.st_size != sizeof buf) {
+		xbps_error_printf("invalid signature file %s: size mismatch\n",
+		    sigfile);
+		(void)close(fd);
+		return false;
+	}
 
-	return val;
+	rd = read(fd, buf, sizeof buf);
+	if (rd == -1) {
+		xbps_error_printf("can't read signature file %s: %s\n",
+		    sigfile, strerror(errno));
+		close(fd);
+		return false;
+	}
+	close(fd);
+
+	return rsa_verify_hash(repo, buf, sizeof buf, digest);
 }
 
 bool