git Service of IN-Ulm e.V. Explore Help
Sign In
cbiedl
/
file
1
0
Fork 0
Files Pull Requests 0 Wiki
Tree: b873d01ff5
Branches Tags
file
/
debian
/
patches
/
cherry-pick.FILE5_30-19-g7605984c.although-i-can-t-reproduce-it-oss-fuzz-complains-about-is-tar.patch

cherry-pick.FILE5_30-19-g7605984c.although-i-can-t-reproduce-it-oss-fuzz-complains-about-is-tar.patch 2.6 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091 
  1. Subject: Although I can't reproduce it, oss-fuzz complains about is_tar
    2. 

  2. Origin: FILE5_30-19-g7605984c
    3. 

  3. Upstream-Author: Christos Zoulas <christos@zoulas.com>
    4. 

  4. Date: Fri Mar 17 20:45:01 2017 +0000
    5. 

  5. 

  6.     Although I can't reproduce it, oss-fuzz complains about is_tar. So rewrite
    7. 

  7.     it to make it more obvious what's going on.
    8. 

  8. 

  9. --- a/src/is_tar.c
    10. 

  10. +++ b/src/is_tar.c
    11. 

  11. @@ -51,7 +51,7 @@
    12. 

  12.  #define	isodigit(c)	( ((c) >= '0') && ((c) <= '7') )
    13. 

  13.  
    14. 

  14.  private int is_tar(const unsigned char *, size_t);
    15. 

  15. -private int from_oct(int, const char *);	/* Decode octal number */
    16. 

  16. +private int from_oct(const char *, size_t);	/* Decode octal number */
    17. 

  17.  
    18. 

  18.  static const char tartype[][32] = {
    19. 

  19.  	"tar archive",
    20. 

  20. @@ -93,31 +93,35 @@
    21. 

  21.  is_tar(const unsigned char *buf, size_t nbytes)
    22. 

  22.  {
    23. 

  23.  	const union record *header = (const union record *)(const void *)buf;
    24. 

  24. -	int	i;
    25. 

  25. -	int	sum, recsum;
    26. 

  26. -	const unsigned char	*p;
    27. 

  27. +	size_t i;
    28. 

  28. +	int sum, recsum;
    29. 

  29. +	const unsigned char *p, *ep;
    30. 

  30.  
    31. 

  31. -	if (nbytes < sizeof(union record))
    32. 

  32. +	if (nbytes < sizeof(*header))
    33. 

  33.  		return 0;
    34. 

  34.  
    35. 

  35. -	recsum = from_oct(8,  header->header.chksum);
    36. 

  36. +	recsum = from_oct(header->header.chksum, sizeof(header->header.chksum));
    37. 

  37.  
    38. 

  38.  	sum = 0;
    39. 

  39.  	p = header->charptr;
    40. 

  40. -	for (i = sizeof(union record); --i >= 0;)
    41. 

  41. +	ep = header->charptr + sizeof(*header);
    42. 

  42. +	while (p < ep)
    43. 

  43.  		sum += *p++;
    44. 

  44.  
    45. 

  45.  	/* Adjust checksum to count the "chksum" field as blanks. */
    46. 

  46. -	for (i = sizeof(header->header.chksum); --i >= 0;)
    47. 

  47. +	for (i = 0; i < sizeof(header->header.chksum); i++)
    48. 

  48.  		sum -= header->header.chksum[i];
    49. 

  49. -	sum += ' ' * sizeof header->header.chksum;
    50. 

  50. +	sum += ' ' * sizeof(header->header.chksum);
    51. 

  51.  
    52. 

  52.  	if (sum != recsum)
    53. 

  53.  		return 0;	/* Not a tar archive */
    54. 

  54.  
    55. 

  55. -	if (strcmp(header->header.magic, GNUTMAGIC) == 0)
    56. 

  56. +	if (strncmp(header->header.magic, GNUTMAGIC,
    57. 

  57. +	    sizeof(header->header.magic)) == 0)
    58. 

  58.  		return 3;		/* GNU Unix Standard tar archive */
    59. 

  59. -	if (strcmp(header->header.magic, TMAGIC) == 0)
    60. 

  60. +
    61. 

  61. +	if (strncmp(header->header.magic, TMAGIC,
    62. 

  62. +	    sizeof(header->header.magic)) == 0)
    63. 

  63.  		return 2;		/* Unix Standard tar archive */
    64. 

  64.  
    65. 

  65.  	return 1;			/* Old fashioned tar archive */
    66. 

  66. @@ -130,19 +134,22 @@
    67. 

  67.   * Result is -1 if the field is invalid (all blank, or non-octal).
    68. 

  68.   */
    69. 

  69.  private int
    70. 

  70. -from_oct(int digs, const char *where)
    71. 

  71. +from_oct(const char *where, size_t digs)
    72. 

  72.  {
    73. 

  73.  	int	value;
    74. 

  74.  
    75. 

  75. +	if (digs == 0)
    76. 

  76. +		return -1;
    77. 

  77. +
    78. 

  78.  	while (isspace((unsigned char)*where)) {	/* Skip spaces */
    79. 

  79.  		where++;
    80. 

  80. -		if (--digs <= 0)
    81. 

  81. +		if (digs-- == 0)
    82. 

  82.  			return -1;		/* All blank field */
    83. 

  83.  	}
    84. 

  84.  	value = 0;
    85. 

  85.  	while (digs > 0 && isodigit(*where)) {	/* Scan til non-octal */
    86. 

  86.  		value = (value << 3) | (*where++ - '0');
    87. 

  87. -		--digs;
    88. 

  88. +		digs--;
    89. 

  89.  	}
    90. 

  90.  
    91. 

  91.  	if (digs > 0 && *where && !isspace((unsigned char)*where))
    92.