Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:Update
tar.20125
tar-1.30-CVE-2019-9923.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File tar-1.30-CVE-2019-9923.patch of Package tar.20125
From cb07844454d8cc9fb21f53ace75975f91185a120 Mon Sep 17 00:00:00 2001 From: Sergey Poznyakoff <gray@gnu.org> Date: Mon, 14 Jan 2019 15:22:09 +0200 Subject: Fix possible NULL dereference (savannah bug #55369) * src/sparse.c (pax_decode_header): Check return from find_next_block. --- src/sparse.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/sparse.c b/src/sparse.c index 127364e..d642a46 100644 --- a/src/sparse.c +++ b/src/sparse.c @@ -1267,6 +1267,8 @@ pax_decode_header (struct tar_sparse_file *file) { \ set_next_block_after (b); \ b = find_next_block (); \ + if (!b) \ + FATAL_ERROR ((0, 0, _("Unexpected EOF in archive"))); \ src = b->buffer; \ endp = b->buffer + BLOCKSIZE; \ } \ @@ -1279,6 +1281,8 @@ pax_decode_header (struct tar_sparse_file *file) start = current_block_ordinal (); set_next_block_after (current_header); blk = find_next_block (); + if (!blk) + FATAL_ERROR ((0, 0, _("Unexpected EOF in archive"))); p = blk->buffer; COPY_BUF (blk,nbuf,p); if (!decode_num (&u, nbuf, TYPE_MAXIMUM (size_t))) -- cgit v1.0-41-gc330
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor