rpms/tar
7
0
Fork 0
Code Issues Pull Requests Releases Activity
f2397801d3
tar/tar-1.33-fix-read-header-mem-leak.patch
DistroBaker 2a706f8410 Merged update from upstream sources 
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/tar.git#0bea5fee498fdb5ae3d6701be77e2b9a279390fe
2021-01-25 12:25:59 +00:00

123 lines
3.5 KiB
Diff
Raw Blame History

From: Sergey Poznyakoff <gray@gnu.org>
Subject: [PATCH] Bug reported in https://savannah.gnu.org/bugs/?59897
* src/list.c (read_header): Don't return directly from the loop.
Instead set the status and break. Return the status. Free
next_long_name and next_long_link before returning.
---
src/list.c | 38 +++++++++++++++++++++++++++-----------
1 file changed, 27 insertions(+), 11 deletions(-)
diff --git a/src/list.c b/src/list.c
index 95b53f8..6ad2ef2 100644
--- a/src/list.c
+++ b/src/list.c
@@ -419,26 +419,27 @@ read_header (union block **return_block, struct tar_stat_info *info,
enum read_header_mode mode)
{
union block *header;
- union block *header_copy;
char *bp;
union block *data_block;
size_t size, written;
- union block *next_long_name = 0;
- union block *next_long_link = 0;
+ union block *next_long_name = NULL;
+ union block *next_long_link = NULL;
size_t next_long_name_blocks = 0;
size_t next_long_link_blocks = 0;
+ enum read_header status = HEADER_SUCCESS;
while (1)
{
- enum read_header status;
-
header = find_next_block ();
*return_block = header;
if (!header)
- return HEADER_END_OF_FILE;
+ {
+ status = HEADER_END_OF_FILE;
+ break;
+ }
if ((status = tar_checksum (header, false)) != HEADER_SUCCESS)
- return status;
+ break;
/* Good block. Decode file size and return. */
@@ -448,7 +449,10 @@ read_header (union block **return_block, struct tar_stat_info *info,
{
info->stat.st_size = OFF_FROM_HEADER (header->header.size);
if (info->stat.st_size < 0)
- return HEADER_FAILURE;
+ {
+ status = HEADER_FAILURE;
+ break;
+ }
}
if (header->header.typeflag == GNUTYPE_LONGNAME
@@ -458,10 +462,14 @@ read_header (union block **return_block, struct tar_stat_info *info,
|| header->header.typeflag == SOLARIS_XHDTYPE)
{
if (mode == read_header_x_raw)
- return HEADER_SUCCESS_EXTENDED;
+ {
+ status = HEADER_SUCCESS_EXTENDED;
+ break;
+ }
else if (header->header.typeflag == GNUTYPE_LONGNAME
|| header->header.typeflag == GNUTYPE_LONGLINK)
{
+ union block *header_copy;
size_t name_size = info->stat.st_size;
size_t n = name_size % BLOCKSIZE;
size = name_size + BLOCKSIZE;
@@ -528,7 +536,10 @@ read_header (union block **return_block, struct tar_stat_info *info,
xheader_decode_global (&xhdr);
xheader_destroy (&xhdr);
if (mode == read_header_x_global)
- return HEADER_SUCCESS_EXTENDED;
+ {
+ status = HEADER_SUCCESS_EXTENDED;
+ break;
+ }
}
/* Loop! */
@@ -547,6 +558,7 @@ read_header (union block **return_block, struct tar_stat_info *info,
name = next_long_name->buffer + BLOCKSIZE;
recent_long_name = next_long_name;
recent_long_name_blocks = next_long_name_blocks;
+ next_long_name = NULL;
}
else
{
@@ -578,6 +590,7 @@ read_header (union block **return_block, struct tar_stat_info *info,
name = next_long_link->buffer + BLOCKSIZE;
recent_long_link = next_long_link;
recent_long_link_blocks = next_long_link_blocks;
+ next_long_link = NULL;
}
else
{
@@ -589,9 +602,12 @@ read_header (union block **return_block, struct tar_stat_info *info,
}
assign_string (&info->link_name, name);
- return HEADER_SUCCESS;
+ break;
}
}
+ free (next_long_name);
+ free (next_long_link);
+ return status;
}
#define ISOCTAL(c) ((c)>='0'&&(c)<='7')
--
2.26.0
Reference in New Issue View Git Blame Copy Permalink