diff options
author | Christian Grothoff <christian@grothoff.org> | 2017-10-15 19:59:51 +0200 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2017-10-15 19:59:51 +0200 |
commit | 71aa4223b2770a9243ddc86457bcd2fdcf47d922 (patch) | |
tree | f3cd03d9039c2c14687da741d6025ad598a225ae /src/plugins/deb_extractor.c | |
parent | b933ab4aa3447ed94701b8fb013f1c765f3375dc (diff) | |
download | libextractor-71aa4223b2770a9243ddc86457bcd2fdcf47d922.tar.gz libextractor-71aa4223b2770a9243ddc86457bcd2fdcf47d922.zip |
fix potential buffer underflow read in deb_extractor
Diffstat (limited to 'src/plugins/deb_extractor.c')
-rw-r--r-- | src/plugins/deb_extractor.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/plugins/deb_extractor.c b/src/plugins/deb_extractor.c index afbe8bb..2eb0028 100644 --- a/src/plugins/deb_extractor.c +++ b/src/plugins/deb_extractor.c | |||
@@ -365,6 +365,8 @@ processControlTGZ (struct EXTRACTOR_ExtractContext *ec, | |||
365 | return 0; | 365 | return 0; |
366 | if (0 == size) | 366 | if (0 == size) |
367 | return 0; | 367 | return 0; |
368 | if (size < 4) | ||
369 | return 0; | ||
368 | if (NULL == (cdata = malloc (size))) | 370 | if (NULL == (cdata = malloc (size))) |
369 | return 0; | 371 | return 0; |
370 | off = 0; | 372 | off = 0; |
@@ -375,7 +377,9 @@ processControlTGZ (struct EXTRACTOR_ExtractContext *ec, | |||
375 | free (cdata); | 377 | free (cdata); |
376 | return 0; | 378 | return 0; |
377 | } | 379 | } |
378 | memcpy (&cdata[off], data, sret); | 380 | memcpy (&cdata[off], |
381 | data, | ||
382 | sret); | ||
379 | off += sret; | 383 | off += sret; |
380 | } | 384 | } |
381 | bufSize = cdata[size - 4] + (cdata[size - 3] << 8) + (cdata[size - 2] << 16) + (cdata[size - 1] << 24); | 385 | bufSize = cdata[size - 4] + (cdata[size - 3] << 8) + (cdata[size - 2] << 16) + (cdata[size - 1] << 24); |