summaryrefslogtreecommitdiff
path: root/test/integration/test-bug-64141-install-dependencies-for-on-hold
diff options
context:
space:
mode:
authorJulian Andres Klode <julian.klode@canonical.com>2020-05-12 11:49:09 +0200
committerJulian Andres Klode <julian.klode@canonical.com>2020-05-12 19:58:13 +0200
commit11a286959138e5468fd909b83841f41be4b46466 (patch)
tree558b1008c4fd067bb0884147786fbba1b3ec6b5a /test/integration/test-bug-64141-install-dependencies-for-on-hold
parent8bfe582c8d588f0d30e4e421b47c8a4722931de4 (diff)
SECURITY UPDATE: Fix out of bounds read in .ar and .tar implementation (CVE-2020-3810)
When normalizing ar member names by removing trailing whitespace and slashes, an out-out-bound read can be caused if the ar member name consists only of such characters, because the code did not stop at 0, but would wrap around and continue reading from the stack, without any limit. Add a check to abort if we reached the first character in the name, effectively rejecting the use of names consisting just of slashes and spaces. Furthermore, certain error cases in arfile.cc and extracttar.cc have included member names in the output that were not checked at all and might hence not be nul terminated, leading to further out of bound reads. Fixes Debian/apt#111 LP: #1878177
Diffstat (limited to 'test/integration/test-bug-64141-install-dependencies-for-on-hold')
0 files changed, 0 insertions, 0 deletions