fixes #10835

fixes #10834

fixes #10825

The gzip library can drain all of the input to internal buffers
and still keep providing data even if avail_in is zero. Previously
it was assumed that avail_in != 0 if there is still data expected out,
but this logic breaks near end-of-file for multiple short reads.

Adjust logic to not process end-of-file event too early.

fixes #10809

var/cache is also reported to be mounted noexec on hardened
systems. Document some of the issues, and use lib/apk/exec
for the time being. Keep the scripts still in separate directory
from lib/apk so we can just delete directory if needed.

fixes #6591

This reverts most of 0dcbd933 which allowed automatic selection
of package with a "virtual provides" having only one provider.
While convenient, it creates problems if multiple versions of the
same package exist, or if in future other providers would be added
to one of the repositories. This restore the original behaviour,
and improve the error message to tell the user to mention one of
the providers explicitly.

fixes #10810

Allow controlling 'cache download' more closely to 'upgrade' so
it can be used to pre-download packages for ugprade.

Handle meta data error to produce hard failure.

fixes #10806

Fixes compilation on MacOS X

To reduce the file size, strip the static binary.

For 32-bits arches, we use 64-bit arches in 32-bit mode. Docker by
default wants to pull the image for the native arch, so unless we take
care, the binaries will be built for the wrong arch.

Use the arch tagged images we build to make sure we get the correct image.

Currently, special characters in the username or password are not
handled correctly (when set in $http_proxy and $https_proxy). They
should be percent encoded in the environment variables then decoded
by libfetch and reencoded using base64. This implementation is mainly
taken from the current FreeBSD source and adapted to the apk-tools
version of libfetch.

fixes #10775

clang does not ignore inline functions when checking for unused functions

ref #10794

this allows the applet registration to work in a portable way, without having to
weird things with the linker.

ref #10794

[TT: rebased for 2.12]

on mac, openssl is usually provided by Homebrew or some other third-party
package management system, which means pkg-config is needed to find it.

we already use pkg-config to find openssl when building apk itself.

ref #10794

musl implements support for malloc.h, but it is only a stub.  we do not use
any of the GNU-specific malloc interfaces, so just use POSIX stdlib.h instead.

ref #10794

features.h is a GNU-specific header, and is not required for POSIX-compatible code

macOS does not provide features.h

ref #10794

ref #10788

Remove the APK_REPOSITORY_CACHED bit from dependencies only
packages (that is, installed_size == 0). For fetch, the problem
is that apk_db_select_repo() would return the cache repository,
but the package would not be there. Update also the locations
needed to handle these packages correctly without the cached
repository bit being set.

When extraction failed, the user has had no opportunity to edit
any files. Just clean up.

Report also version numbers as invalid if there's more than 18
digits.

fixes #10774

- check magic field for 'ustar' on read
- harden get_octal to report errors on non-octal characters
  (e.g. GNU base256 encoding), fixes #10757
- fix mtime and size octal fields to not have zero terminator

fixes #10762

fixes #10759

Unbreak handling of base 16 in fetch_parseuint(). It is used
only in http chunked mode handling.

Fixes: "libfetch: fix range checking for http/ftp protocol parsing"

Various parsing of numeric strings were not having adequate range
checking causing information leak or potential crash.

CVE-2021-36159
fixes #10749

Co-authored-by: Ariadne Conill <ariadne@dereferenced.org>
Reported-by: Samanta Navarro <ferivoz@riseup.net>

Packages containing files with path names longer than 1024 characters
cannot fit into the buffer which is used to write "installed" database.
This leads to bbuf being APK_BLOB_NULL in apk_db_write_fdb because
apk_blob_push_blob notices the condition and correctly handles it.

The problem occurs when arguments to apk_ostream_write are manually
calculated by pointer arithmetics. Since bbuf.ptr is NULL in such a
case, bbuf.ptr - buf leads to a huge size value while buf still points
into the stack.

fixes #10751

[TT: minor edit to commit and abbreviating the commit message]

[TT: minor stylistic changes]

fixes #10748

removes some code duplication