Commit 5b516049 authored by Aleksey Kravchenko's avatar Aleksey Kravchenko

Fix crash on a malformed file (Closes: #716235)

parent 7577a67f
......@@ -6,6 +6,7 @@ rifiuti (20040505-3) UNRELEASED; urgency=medium
* Fix FTCBFS: Don't build during make install. (Closes: #902482)
[ Aleksey Kravchenko ]
* Fix crash on a malformed file (Closes: #716235)
* Bump std-version to 4.3.0.
-- Aleksey Kravchenko <rhash.admin@gmail.com> Mon, 11 Feb 2019 04:22:24 +0300
......
Description: fix crash on a malformed file
This patch adds a validity check for the INFO2 file record size.
Author: Aleksey Kravchenko <rhash.admin@gmail.com>
Bug-Debian: https://bugs.debian.org/716235
Last-Update: 2019-02-12
--- rifiuti-20040505.orig/src/rifiuti.c
+++ rifiuti-20040505/src/rifiuti.c
@@ -166,6 +166,11 @@ int main( int argc, char **argv ) {
pread( info2_file, fourbytes, 4, 0x0C );
recordsize = bah_to_i( fourbytes, 4 );
+ /* the maximum size is 800 bytes (for unicode records) */
+ if (recordsize <= 0 || recordsize > 800) {
+ printf("File is not supported, or it is probably not an INFO2 file.\n\n");
+ exit( -3 );
+ }
record = malloc( recordsize );
add-GCC-hardening
fix-warnings
use-CC-and-abort-on-error.patch
fix-bts-crash-on-malformed-file.patch
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment