cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4341d246db
openbsd-ports/archivers/lha/patches/patch-src_header_c
naddy 5395838bbc SECURITY: 
Buffer overflow and directory traversal fixes; from Ulf Harnhammar.
2004-05-06 23:07:57 +00:00

26 lines
845 B
Plaintext
Raw Blame History

$OpenBSD: patch-src_header_c,v 1.1 2004/05/06 23:07:57 naddy Exp $
--- src/header.c.orig 2000-10-05 19:36:03.000000000 +0200
+++ src/header.c 2004-05-07 00:48:44.000000000 +0200
@@ -538,6 +538,10 @@ get_header(fp, hdr)
/*
* filename
*/
+ if (header_size >= 256) {
+ fprintf(stderr, "Possible buffer overflow hack attack, type #1\n");
+ exit(109);
+ }
for (i = 0; i < header_size - 3; i++)
hdr->name[i] = (char) get_byte();
hdr->name[header_size - 3] = '\0';
@@ -547,6 +551,10 @@ get_header(fp, hdr)
/*
* directory
*/
+ if (header_size >= FILENAME_LENGTH) {
+ fprintf(stderr, "Possible buffer overflow hack attack, type #2\n");
+ exit(110);
+ }
for (i = 0; i < header_size - 3; i++)
dirname[i] = (char) get_byte();
dirname[header_size - 3] = '\0';
Reference in New Issue View Git Blame Copy Permalink