aboutsummaryrefslogtreecommitdiff
path: root/src/plugins/deb_extractor.c
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2017-10-15 19:59:51 +0200
committerChristian Grothoff <christian@grothoff.org>2017-10-15 19:59:51 +0200
commit71aa4223b2770a9243ddc86457bcd2fdcf47d922 (patch)
treef3cd03d9039c2c14687da741d6025ad598a225ae /src/plugins/deb_extractor.c
parentb933ab4aa3447ed94701b8fb013f1c765f3375dc (diff)
downloadlibextractor-71aa4223b2770a9243ddc86457bcd2fdcf47d922.tar.gz
libextractor-71aa4223b2770a9243ddc86457bcd2fdcf47d922.zip
fix potential buffer underflow read in deb_extractor
Diffstat (limited to 'src/plugins/deb_extractor.c')
-rw-r--r--src/plugins/deb_extractor.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/src/plugins/deb_extractor.c b/src/plugins/deb_extractor.c
index afbe8bb..2eb0028 100644
--- a/src/plugins/deb_extractor.c
+++ b/src/plugins/deb_extractor.c
@@ -365,6 +365,8 @@ processControlTGZ (struct EXTRACTOR_ExtractContext *ec,
365 return 0; 365 return 0;
366 if (0 == size) 366 if (0 == size)
367 return 0; 367 return 0;
368 if (size < 4)
369 return 0;
368 if (NULL == (cdata = malloc (size))) 370 if (NULL == (cdata = malloc (size)))
369 return 0; 371 return 0;
370 off = 0; 372 off = 0;
@@ -375,7 +377,9 @@ processControlTGZ (struct EXTRACTOR_ExtractContext *ec,
375 free (cdata); 377 free (cdata);
376 return 0; 378 return 0;
377 } 379 }
378 memcpy (&cdata[off], data, sret); 380 memcpy (&cdata[off],
381 data,
382 sret);
379 off += sret; 383 off += sret;
380 } 384 }
381 bufSize = cdata[size - 4] + (cdata[size - 3] << 8) + (cdata[size - 2] << 16) + (cdata[size - 1] << 24); 385 bufSize = cdata[size - 4] + (cdata[size - 3] << 8) + (cdata[size - 2] << 16) + (cdata[size - 1] << 24);