• Timo Teräs's avatar
    archive: fix incorrect bounds checking for memory allocation · 74484710
    Timo Teräs authored
    The value from tar header is unsigned int; keep it casted to
    unsigned int and size_t instead of (signed) int, otherwise
    the comparisons fail to do their job properly. Additionally check
    entry.size against SSIZE_MAX so the rounding up later on is
    guaranteed to not overflow.
    
    Fixes CVE-2017-9669 and CVE-2017-9671.
    Reported-by: Ariel Zelivansky from Twistlock
    
    (cherry picked from commit 286aa77ef1811e477895713df162c92b2ffc6df8)
    74484710
Name
Last commit
Last update
src Loading commit data...
test Loading commit data...
.gitignore Loading commit data...
AUTHORS Loading commit data...
Make.rules Loading commit data...
Makefile Loading commit data...
NEWS Loading commit data...
README Loading commit data...