[gcab] trivial: Return earlier if nubytes is larger than CAB_BLOCKMAX
- From: Richard Hughes <rhughes src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gcab] trivial: Return earlier if nubytes is larger than CAB_BLOCKMAX
- Date: Tue, 23 Jan 2018 12:46:31 +0000 (UTC)
commit 172a444132594a4803f75e601d0dd4576d4b3576
Author: Richard Hughes <richard hughsie com>
Date: Mon Dec 18 12:25:17 2017 +0000
trivial: Return earlier if nubytes is larger than CAB_BLOCKMAX
There is no stack overwriting here, but it's a good idea to be paranoid.
libgcab/cabinet.c | 7 +++++++
1 files changed, 7 insertions(+), 0 deletions(-)
---
diff --git a/libgcab/cabinet.c b/libgcab/cabinet.c
index 82bf884..53d58bb 100644
--- a/libgcab/cabinet.c
+++ b/libgcab/cabinet.c
@@ -567,6 +567,13 @@ cdata_read (cdata_t *cd, guint8 res_data, gint comptype,
return FALSE;
}
R2 (cd->nubytes);
+ if (cd->nubytes > CAB_BLOCKMAX) {
+ g_set_error (error, GCAB_ERROR, GCAB_ERROR_INVALID_DATA,
+ "CDATA block of %" G_GUINT16_FORMAT " bytes "
+ "was bigger than maximum size %i",
+ cd->nubytes, CAB_BLOCKMAX);
+ return FALSE;
+ }
RN (cd->reserved, res_data);
RN (buf, cd->ncbytes);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]