thodg/got

Browse

Commit 9ef4ac1620c773e31257fdb1fe0672af1550b569

Stefan Sperling 2019-04-13T18:35:06

don't use unbound strlen() while parsing objects 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

diff --git a/lib/object_parse.c b/lib/object_parse.c
index 61e58f7..dce2309 100644
--- a/lib/object_parse.c
+++ b/lib/object_parse.c
@@ -153,7 +153,9 @@ got_object_parse_header(struct got_object **obj, char *buf, size_t len)
 	if (p == NULL)
 		return got_error(GOT_ERR_BAD_OBJ_HDR);
 
-	hdrlen = strlen(buf) + 1 /* '\0' */;
+	hdrlen = strnlen(buf, len) + 1 /* '\0' */;
+	if (hdrlen > len)
+		return got_error(GOT_ERR_BAD_OBJ_HDR);
 
 	for (i = 0; i < nitems(obj_labels); i++) {
 		const char *label = obj_labels[i];
@@ -604,7 +606,7 @@ parse_tree_entry(struct got_tree_entry **te, size_t *elen, char *buf,
 	if (*te == NULL)
 		return got_error_from_errno();
 
-	*elen = strlen(buf) + 1;
+	*elen = strnlen(buf, maxlen) + 1;
 	if (*elen > maxlen) {
 		free(*te);
 		*te = NULL;
kmx.io     mail     discord kmxgit v0.4.0