File fix-CVE-2023-39804.patch of Package tar

Overview Repositories Revisions Requests Users Attributes Meta

File fix-CVE-2023-39804.patch of Package tar

From a339f05cd269013fa133d2f148d73f6f7d4247e4 Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org>
Date: Sat, 28 Aug 2021 16:02:12 +0300
Subject: Fix handling of extended header prefixes

* src/xheader.c (locate_handler): Recognize prefix keywords only
when followed by a dot.
(xattr_decoder): Use xmalloc/xstrdup instead of alloc
---
 src/xheader.c | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/src/xheader.c b/src/xheader.c
index 4f8b2b2..3cd694d 100644
--- a/src/xheader.c
+++ b/src/xheader.c
@@ -637,11 +637,11 @@ static struct xhdr_tab const *
 locate_handler (char const *keyword)
 {
   struct xhdr_tab const *p;
-
   for (p = xhdr_tab; p->keyword; p++)
     if (p->prefix)
       {
-        if (strncmp (p->keyword, keyword, strlen(p->keyword)) == 0)
+	size_t kwlen = strlen (p->keyword);
+        if (keyword[kwlen] == '.' && strncmp (p->keyword, keyword, kwlen) == 0)
           return p;
       }
     else
@@ -1716,19 +1716,20 @@ xattr_decoder (struct tar_stat_info *st,
                char const *keyword, char const *arg, size_t size)
 {
   char *xstr, *xkey;
-
+  
   /* copy keyword */
-  size_t klen_raw = strlen (keyword);
-  xkey = alloca (klen_raw + 1);
-  memcpy (xkey, keyword, klen_raw + 1) /* including null-terminating */;
+  xkey = xstrdup (keyword);
 
   /* copy value */
-  xstr = alloca (size + 1);
+  xstr = xmalloc (size + 1);
   memcpy (xstr, arg, size + 1); /* separator included, for GNU tar '\n' */;
 
   xattr_decode_keyword (xkey);
 
-  xheader_xattr_add (st, xkey + strlen("SCHILY.xattr."), xstr, size);
+  xheader_xattr_add (st, xkey + strlen ("SCHILY.xattr."), xstr, size);
+
+  free (xkey);
+  free (xstr);
 }
 
 static void
-- 
cgit v1.1

Places

File fix-CVE-2023-39804.patch of Package tar

Places