From 694ecd186a9b12f5115b130cb96dc3428c8dc76b Mon Sep 17 00:00:00 2001 From: Max Khon Date: Mon, 14 Jun 2004 20:56:00 +0000 Subject: - Fix CAN-2004-0226, CAN-2004-0231, CAN-2004-0232. - Do not use :: in patch file names. - Patch for CAN-2003-1023 is now contained in patch-vfs-direntry.c. - Bump PORTREVISION. Submitted by: Jakub Jelinek --- misc/mc/files/patch-vfs-tar.c | 49 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 misc/mc/files/patch-vfs-tar.c (limited to 'misc/mc/files/patch-vfs-tar.c') diff --git a/misc/mc/files/patch-vfs-tar.c b/misc/mc/files/patch-vfs-tar.c new file mode 100644 index 000000000000..bbaf9e109b84 --- /dev/null +++ b/misc/mc/files/patch-vfs-tar.c @@ -0,0 +1,49 @@ +--- vfs/tar.c.orig Sun Dec 8 07:12:30 2002 ++++ vfs/tar.c Tue Jun 15 03:15:09 2004 +@@ -264,19 +264,26 @@ + char *bp, *data; + int size, written; + ++ if (hstat.st_size > MC_MAXPATHLEN) { ++ message_1s (1, MSG_ERROR, _("Inconsistent tar archive")); ++ return STATUS_BADCHECKSUM; ++ } ++ + longp = ((header->header.linkflag == LF_LONGNAME) + ? &next_long_name + : &next_long_link); + + if (*longp) + g_free (*longp); +- bp = *longp = g_malloc (hstat.st_size); ++ bp = *longp = g_malloc (hstat.st_size + 1); + + for (size = hstat.st_size; + size > 0; + size -= written) { + data = get_next_record (archive, tard)->charptr; + if (data == NULL) { ++ g_free (*longp); ++ *longp = NULL; + message_1s (1, MSG_ERROR, _("Unexpected EOF on archive file")); + return STATUS_BADCHECKSUM; + } +@@ -287,10 +294,14 @@ + memcpy (bp, data, written); + bp += written; + } +-#if 0 +- if (hstat.st_size > 1) +- bp [hstat.st_size - 1] = 0; /* just to make sure */ +-#endif ++ ++ if (bp - *longp == MC_MAXPATHLEN && bp[-1] != '\0') { ++ g_free (*longp); ++ *longp = NULL; ++ message_1s (1, MSG_ERROR, _("Inconsistent tar archive")); ++ return STATUS_BADCHECKSUM; ++ } ++ *bp = 0; + goto recurse; + } else { + struct stat st; -- cgit v1.2.3