[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-cpio] out-of-bounds write with cpio -i
From: |
Pavel Raiskup |
Subject: |
Re: [Bug-cpio] out-of-bounds write with cpio -i |
Date: |
Mon, 01 Dec 2014 23:11:50 +0100 |
User-agent: |
KMail/4.14.3 (Linux/3.17.3-200.fc20.x86_64; KDE/4.14.3; x86_64; ; ) |
On Monday 01 of December 2014 21:15:59 Sergey Poznyakoff wrote:
> Hi Florian,
>
> > off_t is signed, so you need to check for out-of-bounds values before
> > adding 1 (because signed overflow is undefined), and you also have to
> > guard against negative values.
>
> Good point, thanks for noticing. I fixed this.
Thanks for fixing! Just a nit:
- link_name = xmalloc (file_hdr->c_filesize);
+ link_name = xmalloc (file_hdr->c_filesize + 1);
Also, the testsuite needs to be adjusted probably.
Pavel
testsuite.log.xz
Description: application/xz
- Re: [Bug-cpio] out-of-bounds write with cpio -i, Sergey Poznyakoff, 2014/12/01
- Re: [Bug-cpio] out-of-bounds write with cpio -i, Florian Weimer, 2014/12/01
- Re: [Bug-cpio] out-of-bounds write with cpio -i, Sergey Poznyakoff, 2014/12/01
- Re: [Bug-cpio] out-of-bounds write with cpio -i,
Pavel Raiskup <=
- Re: [Bug-cpio] out-of-bounds write with cpio -i, Sergey Poznyakoff, 2014/12/02
- Re: [Bug-cpio] out-of-bounds write with cpio -i, Pavel Raiskup, 2014/12/11
- Re: [Bug-cpio] out-of-bounds write with cpio -i, Pavel Raiskup, 2014/12/11
- Re: [Bug-cpio] out-of-bounds write with cpio -i, Sergey Poznyakoff, 2014/12/11
- Re: [Bug-cpio] out-of-bounds write with cpio -i, Sergey Poznyakoff, 2014/12/11
- Re: [Bug-cpio] out-of-bounds write with cpio -i, Pavel Raiskup, 2014/12/11
- Re: [Bug-cpio] out-of-bounds write with cpio -i, Sergey Poznyakoff, 2014/12/11