diff options
| author | David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 2019-07-01 10:51:01 +0200 |
|---|---|---|
| committer | David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 2019-07-01 11:46:40 +0200 |
| commit | efe6acd9c5b80b77a32896bc85479ce3ecf8cd95 (patch) | |
| tree | 1d8b116fe20747f1e8a01c7173faa0b6619246f7 /lib/tar | |
| parent | 0e210cc91233378db959f75535b8a8c759eb0a30 (diff) | |
Fix pax header parser to bail if parsing a number fails
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Diffstat (limited to 'lib/tar')
| -rw-r--r-- | lib/tar/read_header.c | 36 |
1 files changed, 24 insertions, 12 deletions
diff --git a/lib/tar/read_header.c b/lib/tar/read_header.c index e1c9eaf..95d7d0c 100644 --- a/lib/tar/read_header.c +++ b/lib/tar/read_header.c @@ -254,11 +254,13 @@ static int read_pax_header(int fd, uint64_t entsize, unsigned int *set_by_pax, buffer[i] = '\0'; if (!strncmp(line, "uid=", 4)) { - pax_read_decimal(line + 4, &field); + if (pax_read_decimal(line + 4, &field)) + return -1; out->sb.st_uid = field; *set_by_pax |= PAX_UID; } else if (!strncmp(line, "gid=", 4)) { - pax_read_decimal(line + 4, &field); + if (pax_read_decimal(line + 4, &field)) + return -1; out->sb.st_gid = field; *set_by_pax |= PAX_GID; } else if (!strncmp(line, "path=", 5)) { @@ -268,7 +270,8 @@ static int read_pax_header(int fd, uint64_t entsize, unsigned int *set_by_pax, goto fail_errno; *set_by_pax |= PAX_NAME; } else if (!strncmp(line, "size=", 5)) { - pax_read_decimal(line + 5, &out->record_size); + if (pax_read_decimal(line + 5, &out->record_size)) + return -1; *set_by_pax |= PAX_SIZE; } else if (!strncmp(line, "linkpath=", 9)) { free(out->link_target); @@ -278,28 +281,34 @@ static int read_pax_header(int fd, uint64_t entsize, unsigned int *set_by_pax, *set_by_pax |= PAX_SLINK_TARGET; } else if (!strncmp(line, "atime=", 6)) { if (line[6] == '-') { - pax_read_decimal(line + 7, &field); + if (pax_read_decimal(line + 7, &field)) + return -1; out->sb.st_atime = -((int64_t)field); } else { - pax_read_decimal(line + 6, &field); + if (pax_read_decimal(line + 6, &field)) + return -1; out->sb.st_atime = field; } *set_by_pax |= PAX_ATIME; } else if (!strncmp(line, "mtime=", 6)) { if (line[6] == '-') { - pax_read_decimal(line + 7, &field); + if (pax_read_decimal(line + 7, &field)) + return -1; out->sb.st_mtime = -((int64_t)field); } else { - pax_read_decimal(line + 6, &field); + if (pax_read_decimal(line + 6, &field)) + return -1; out->sb.st_mtime = field; } *set_by_pax |= PAX_MTIME; } else if (!strncmp(line, "ctime=", 6)) { if (line[6] == '-') { - pax_read_decimal(line + 7, &field); + if (pax_read_decimal(line + 7, &field)) + return -1; out->sb.st_ctime = -((int64_t)field); } else { - pax_read_decimal(line + 6, &field); + if (pax_read_decimal(line + 6, &field)) + return -1; out->sb.st_ctime = field; } *set_by_pax |= PAX_CTIME; @@ -317,12 +326,15 @@ static int read_pax_header(int fd, uint64_t entsize, unsigned int *set_by_pax, if (out->sparse == NULL) goto fail; } else if (!strncmp(line, "GNU.sparse.size=", 16)) { - pax_read_decimal(line + 16, &out->actual_size); + if (pax_read_decimal(line + 16, &out->actual_size)) + return -1; *set_by_pax |= PAX_SPARSE_SIZE; } else if (!strncmp(line, "GNU.sparse.offset=", 18)) { - pax_read_decimal(line + 18, &offset); + if (pax_read_decimal(line + 18, &offset)) + return -1; } else if (!strncmp(line, "GNU.sparse.numbytes=", 20)) { - pax_read_decimal(line + 20, &num_bytes); + if (pax_read_decimal(line + 20, &num_bytes)) + return -1; sparse = calloc(1, sizeof(*sparse)); if (sparse == NULL) goto fail_errno; |