archive: fix incorrect bounds checking for memory allocation - apk-tools - Adélie Linux patches for Alpine Package Keeper (apk-tools)

diff options

author	Timo Teräs <timo.teras@iki.fi>	2017-06-21 15:12:02 +0300
committer	Timo Teräs <timo.teras@iki.fi>	2017-06-23 10:07:44 +0300
commit	6b9a07d1ad73dd7ac5349d835c053d76bbfd38f4 (patch)
tree	355f4ef978c08986c959f8172a99944ebced5f52 /src/ver.c
parent	5d439c4739a0c6e2624f7bfab0ebf3588b2f0ac3 (diff)
download	apk-tools-6b9a07d1ad73dd7ac5349d835c053d76bbfd38f4.tar.gz apk-tools-6b9a07d1ad73dd7ac5349d835c053d76bbfd38f4.tar.bz2 apk-tools-6b9a07d1ad73dd7ac5349d835c053d76bbfd38f4.tar.xz apk-tools-6b9a07d1ad73dd7ac5349d835c053d76bbfd38f4.zip

archive: fix incorrect bounds checking for memory allocation

The value from tar header is unsigned int; keep it casted to unsigned int and size_t instead of (signed) int, otherwise the comparisons fail to do their job properly. Additionally check entry.size against SSIZE_MAX so the rounding up later on is guaranteed to not overflow. Fixes CVE-2017-9669 and CVE-2017-9671. Reported-by: Ariel Zelivansky from Twistlock

Diffstat (limited to 'src/ver.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: