Re: [pacman-dev] [PATCH] Reject files larger than INT_MAX in read_sigfile.

Florian Pritz Sun, 05 Jun 2016 10:45:04 -0700

On 05.06.2016 19:37, Tobias Stoeckmann wrote:
> diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c
> index c9ed770..055fb1e 100644
> --- a/lib/libalpm/be_package.c
> +++ b/lib/libalpm/be_package.c
> @@ -700,17 +700,16 @@ static int read_sigfile(const char *sigpath, unsigned 
> char **sig)
>       struct stat st;
>       FILE *fp;
>  
> -     if(stat(sigpath, &st) != 0) {
> +     if((fp = fopen(sigpath, "rb")) == NULL) {
>               return -1;
>       }
>  
> -     MALLOC(*sig, st.st_size, return -1);
> -
> -     if((fp = fopen(sigpath, "rb")) == NULL) {
> -             free(*sig);
> +     if(fstat(fileno(fp), &st) != 0 || st.st_size > INT_MAX) {
>               return -1;


I think you should fclose(fp); here.

>       }
>  
> +     MALLOC(*sig, st.st_size, return -1);
> +
>       if(fread(*sig, st.st_size, 1, fp) != 1) {
>               free(*sig);
>               fclose(fp);
>

signature.asc
Description: OpenPGP digital signature

Re: [pacman-dev] [PATCH] Reject files larger than INT_MAX in read_sigfile.

Reply via email to