Changeset 456 for trunk


Ignore:
Timestamp:
Jul 13, 2014, 12:13:33 PM (10 years ago)
Author:
katerina
Message:

Fix for ticket #356 (minor bug in exepack_fill.c).

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • trunk/docs/Changelog

    r454 r456  
    44        * Allow multiple exclusions for SUID check
    55        * Use calloc instead of malloc
     6        * Add overflow check in minilzo.c (but the potential integer
     7          overflow [CVE-2014-4607,LMS-2014-06-16-1] is irrelevant anyway
     8          because the function is never used on external data).
     9        * Fixed a minor bug in exepack_fill.c that was unearthed by the minilzo
     10          overflow check (the required buffer length information for the check
     11          wasn't provided)
    612
    7133.1.1 (01-0-2014):

  • trunk/src/exepack.c

    r1 r456  
    8484{
    8585  int file;
     86  long result;
    8687
    8788  unsigned long i    = argc; /* dummy use of argc to fix compiler warning */
     
    129130  out_len = (unsigned long) programlen_compressed_0;
    130131  len     = (unsigned long) programlen_0;
     132  in_len  = len;
    131133
    132134  outbuf  = program_0;
     
    260262    }
    261263
    262   write(file, inbuf, in_len);
     264  result = (long) write(file, inbuf, in_len);
     265  if (result < 0 || in_len != (lzo_uint) result)
     266    {
     267      return (5);
     268    }
    263269
    264270#if defined(__linux__)
     
    266272  if ( 0 != fstat(file, &sbuf))
    267273    {
    268       return (5);
     274      return (6);
    269275    }
    270276 
     
    276282  if ( 0 != fstat(file, &fbuf))
    277283    {
    278       return (6);
     284      return (7);
    279285    }
    280286
     
    288294    {
    289295      close  ( file );
    290       return ( 6 );
     296      return ( 8 );
    291297    }
    292298 
     
    312318      fcntl  (file, F_SETFD, FD_CLOEXEC);
    313319      execve (pname, argv, environ);
    314       return (8);
     320      return (9);
    315321    }
    316322#endif
     
    325331      execve (fname, argv, environ);
    326332      unlink (fname);
    327       return (9);
     333      return (10);
    328334    }
    329335  else if (i == 0)

  • trunk/src/exepack_fill.c

    r1 r456  
    169169{
    170170  FILE * fd;
    171   long   clen;
     171  unsigned long   clen;
    172172  char * data;
    173173  struct stat sbuf;
     
    222222    return (-1);
    223223
    224   fread  (data, 1, clen, fd);
     224  if (clen != fread  (data, 1, clen, fd))
     225    return (-1);
    225226  fclose (fd);
    226227
     
    337338      return (8);
    338339    }
    339   status = replaceData (data, clen, "CONTAINER", outbuf, out_len);
     340  status = replaceData (data, clen, "CONTAINER", (char *) outbuf, out_len);
    340341  if (status < 0)
    341342    {
Note: See TracChangeset for help on using the changeset viewer.