+Thu Mar 4 13:28:11 GMT 2004 Scott James Remnant <scott@netsplit.com>
+
+ * lib/tarfn.c: Copy the Name and LinkName elements and ensure they
+ are NULL-terminated, freeing these copies before returning. The
+ tar spec doesn't require a NULL byte if the filename is exactly
+ 100 characters long.
+
Sun Feb 29 21:56:25 GMT 2004 Scott James Remnant <scott@netsplit.com>
* scripts/dpkg-checkbuilddeps.pl: Push build-conflicts errors into
* Distinguish unmet build dependencies from build conflicts.
Closes: #217943, #235266.
+ * Force NULL-termination of all tar file entry names. Closes: #232025.
-- Scott James Remnant <scott@netsplit.com> UNRELEASED
return n;
}
+/* String block to C null-terminated string */
+char *
+StoC(const char *s, int size)
+{
+ int len;
+ char * str;
+
+ len = strnlen(s, size);
+ str = malloc(len + 1);
+ memcpy(str, s, len);
+ str[len] = 0;
+
+ return str;
+}
+
static int
DecodeTarHeader(char * block, TarInfo * d)
{
if ( *h->GroupName )
group = getgrnam(h->GroupName);
- d->Name = h->Name;
- d->LinkName = h->LinkName;
+ d->Name = StoC(h->Name, sizeof(h->Name));
+ d->LinkName = StoC(h->LinkName, sizeof(h->LinkName));
d->Mode = (mode_t)OtoL(h->Mode, sizeof(h->Mode));
d->Size = (size_t)OtoL(h->Size, sizeof(h->Size));
d->ModTime = (time_t)OtoL(h->ModificationTime
symListPointer = symListBottom;
}
free(symListPointer);
+ free(h.Name);
+ free(h.LinkName);
if ( status > 0 ) { /* Read partial header record */
errno = 0; /* Indicates broken tarfile */
return -1;
projects / dpkg / commitdiff