diff options
author | Sam Bingner <sam@bingner.com> | 2021-03-13 01:03:46 -1000 |
---|---|---|
committer | Sam Bingner <sam@bingner.com> | 2021-03-13 01:03:46 -1000 |
commit | 9d8383bdee9f1ddc5685c36678b1ca033cbea971 (patch) | |
tree | 5dcc8c91e9c0a1b85ef15654a1cf58e7869753c5 /apt-inst/contrib/arfile.cc | |
parent | 11cd82291bb7a02cafbb271c8416f8b59e1f1413 (diff) | |
parent | 95e417cb069928dfdb5dfacb418f025d71f32c4d (diff) |
Merge remote-tracking branch 'upstream/1.8.2.z' into 1.8.2.z+ios1.8.2.z+ios
Diffstat (limited to 'apt-inst/contrib/arfile.cc')
-rw-r--r-- | apt-inst/contrib/arfile.cc | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/apt-inst/contrib/arfile.cc b/apt-inst/contrib/arfile.cc index 5cb43c690..6d4a1f158 100644 --- a/apt-inst/contrib/arfile.cc +++ b/apt-inst/contrib/arfile.cc @@ -94,7 +94,12 @@ bool ARArchive::LoadHeaders() delete Memb; return _error->Error(_("Invalid archive member header")); } - + + if (Left < 0 || Memb->Size > static_cast<unsigned long long>(Left)) + { + delete Memb; + return _error->Error(_("Invalid archive member header")); + } // Check for an extra long name string if (memcmp(Head.Name,"#1/",3) == 0) { @@ -106,6 +111,13 @@ bool ARArchive::LoadHeaders() delete Memb; return _error->Error(_("Invalid archive member header")); } + + if (Len > Memb->Size) + { + delete Memb; + return _error->Error(_("Invalid archive member header")); + } + if (File.Read(S,Len) == false) { delete Memb; |