🐛 publish: fix exit status integer overflow

publish.py currently uses the number of failed verifications as exit status. `sys.exit(failed)` Whenever the number of failed verification attempts is divisible by 256 the return status is 0. exit status 0 however conveys that there were no errors, so as long as an attacker can controll the number of verification failures they can use this to turn off verification alltogether.
2026-05-09 16:23:33 -04:00 · 2026-04-09 15:45:19 +02:00
parent f569301ada
commit d1df6be2e2
1 changed files with 1 additions and 1 deletions
--- a/fdroidserver/publish.py
+++ b/fdroidserver/publish.py
@@ -471,7 +471,7 @@ def main():
    if failed:
        logging.error(_('%d APKs failed to be signed or verified!') % failed)
        if options.error_on_failed:
-            sys.exit(failed)
+            sys.exit(1)


 if __name__ == "__main__":