rpms / libtar

Clone
Source Code
GIT

Blame SOURCES/libtar-1.2.20-CVE-2021-33643-CVE-2021-33644.patch

c4 c5 c5-plus c6 c6-plus c7 c7-beta c8 c8-beta c8s
  1.   c8
  2.   SOURCES
  3.   libtar-1.2.20-CVE-2021-33643-CVE-2021-33644.patch
Blob History Raw
26844e 
From 3936c7aa74d89e7a91dfbb2c1b7bfcad58a0355d Mon Sep 17 00:00:00 2001
26844e 
From: shixuantong <1726671442@qq.com>
26844e 
Date: Wed, 6 Apr 2022 17:40:57 +0800
26844e 
Subject: [PATCH 1/2] Ensure that sz is greater than 0.
26844e
26844e 
---
26844e 
 lib/block.c | 10 ++++++++++
26844e 
 1 file changed, 10 insertions(+)
26844e
26844e 
diff --git a/lib/block.c b/lib/block.c
26844e 
index 092bc28..f12c4bc 100644
26844e 
--- a/lib/block.c
26844e 
+++ b/lib/block.c
26844e 
@@ -118,6 +118,11 @@ th_read(TAR *t)
26844e 
 	if (TH_ISLONGLINK(t))
26844e 
 	{
26844e 
 		sz = th_get_size(t);
26844e 
+		if ((int)sz <= 0)
26844e 
+		{
26844e 
+			errno = EINVAL;
26844e 
+			return -1;
26844e 
+		}
26844e 
 		blocks = (sz / T_BLOCKSIZE) + (sz % T_BLOCKSIZE ? 1 : 0);
26844e 
 		if (blocks > ((size_t)-1 / T_BLOCKSIZE))
26844e 
 		{
26844e 
@@ -168,6 +173,11 @@ th_read(TAR *t)
26844e 
 	if (TH_ISLONGNAME(t))
26844e 
 	{
26844e 
 		sz = th_get_size(t);
26844e 
+		if ((int)sz <= 0)
26844e 
+		{
26844e 
+			errno = EINVAL;
26844e 
+			return -1;
26844e 
+		}
26844e 
 		blocks = (sz / T_BLOCKSIZE) + (sz % T_BLOCKSIZE ? 1 : 0);
26844e 
 		if (blocks > ((size_t)-1 / T_BLOCKSIZE))
26844e 
 		{
26844e 
--
26844e 
2.37.1
26844e

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation