Commit ID: 10059E289C94A3ADF42
CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2017/10/14 22:03:33 UTC
Modified files:
bin/pax : pax.c pax.h buf_subs.c
Log message:
prevent an entire class of errors: integer overflow in rd_skip() arg
Reported as: Debian #878512
Turns out that “rd_skip(arcn->skip + arcn->pad);” is often called
without checking for negative (error) return, or even throwing away
the result entirely (õÕ) and is called often enough that checking
before calling would be tremendous effort, and to split it up à la
calloc() is certainly another option but this catches it good enough.
We (ab|re)use the signal handler exit function to do some cleanup.
To generate a diff of this changeset, execute the following commands:
cvs -R rdiff -kk -upr1.24 -r1.25 src/bin/pax/pax.c
cvs -R rdiff -kk -upr1.18 -r1.19 src/bin/pax/pax.h
cvs -R rdiff -kk -upr1.9 -r1.10 src/bin/pax/buf_subs.c
