From ef34894567a3ecd82035fc3b82ca06a3773d9ac3 Mon Sep 17 00:00:00 2001 From: Panu Matilainen Date: Thu, 26 Jun 2008 11:38:28 +0300 Subject: [PATCH] Add a bit of protection against oversized files - max size of individual files in cpio new ascii format is well known, check we don't try to stuff in larger than what fits and abort cleanly - this should do as long as we only support new ascii format cpio payloads --- build/files.c | 8 +++++++- lib/cpio.h | 7 +++++++ 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/build/files.c b/build/files.c index ed46fb1..5b439b4 100644 --- a/build/files.c +++ b/build/files.c @@ -1411,6 +1411,12 @@ static rpmRC addFile(FileList fl, const char * diskPath, flp->uname = fileUname; flp->gname = fileGname; + if ((rpm_loff_t) flp->fl_size >= CPIO_FILESIZE_MAX) { + rpmlog(RPMLOG_ERR, _("File %s too large for payload\n"), + flp->diskPath); + return RPMRC_FAIL; + } + if (fl->currentLangs && fl->nLangs > 0) { char * ncl; size_t nl = 0; @@ -1459,7 +1465,7 @@ static rpmRC addFile(FileList fl, const char * diskPath, fl->fileListRecsUsed++; fl->fileCount++; - return 0; + return RPMRC_OK; } /** diff --git a/lib/cpio.h b/lib/cpio.h index 67589c5..8515cfb 100644 --- a/lib/cpio.h +++ b/lib/cpio.h @@ -55,6 +55,13 @@ enum cpioErrorReturns { CPIOERR_ENOTEMPTY = (31 ) }; +/* + * Size limit for individual files in "new ascii format" cpio archives. + * The max size of the entire archive is unlimited from cpio POV, + * but subject to filesystem limitations. + */ +#define CPIO_FILESIZE_MAX UINT32_MAX + #define CPIO_NEWC_MAGIC "070701" #define CPIO_CRC_MAGIC "070702" #define CPIO_TRAILER "TRAILER!!!" -- 2.7.4